Wyden, Cotton call for policy alerting senators of cyber breaches

Wyden, Cotton call for policy alerting senators of cyber breaches
© Stefani Reynolds

A bipartisan pair of senators on the Senate Intelligence Committee is requesting that the Senate sergeant at arms quickly inform Senate leadership of any cyber breaches of Senate computers.

Sens. Ron WydenRonald (Ron) Lee WydenWyden blasts FEC Republicans for blocking probe into NRA over possible Russia donations Wyden calls for end to political ad targeting on Facebook, Google Ex-CIA chief worries campaigns falling short on cybersecurity MORE (D-Ore.) and Tom CottonThomas (Tom) Bryant CottonCongress must address gender gap in nominations to military service academies GOP senators press Google on reports it developed a smart speaker with Huawei Sunday shows - Mass shootings grab the spotlight MORE (R-Ark.) noted in a letter sent Wednesday to Senate Sergeant at Arms Michael Stenger that Congress currently has no requirement to reveal any cyber breaches to its own systems.

“We believe that the lack of data regarding successful cyber attacks against the Congress has contributed to the absence of debate regarding congressional cybersecurity — this must change,” the letter reads.


“Each U.S. Senator deserves to know, and has a responsibility to know, if and how many times Senate computers have been hacked, and whether the Senate’s existing cybersecurity measures are sufficient to protect both the integrity of this institution and the sensitive data with which it has been entrusted.”

Cotton and Wyden requested that the office start issuing an annual report to senators about the number of Senate computers that have been compromised and when hackers have obtained “sensitive Senate data.”

And they asked the office to adopt a policy of informing Senate leadership and the Senate Intelligence Committee about any breach of a Senate computer within 5 days of the breach’s discovery.

Wyden has previously pushed for Congress to take on cybersecurity measures to protect its systems from hackers. He revealed in a letter last year that hackers had targeted the personal email accounts of senators and Senate staffers, but noted that the sergeant at arms apparently lacked the authority to offer cybersecurity protections for personal accounts and devices.

Google confirmed at the time that it had informed Senate staff of the attempted breaches, but declined to say whether any of the hacking attempts were successful.