Letter: Top federal watchdog probing State Department following hacks

Specifically, the GAO is analyzing whether or not the safety of the State Department’s info expertise methods meet federal necessities and the way State manages and responds to cybersecurity threats.

Vijay D’Souza, the GAO’s director for Information Technology and Cybersecurity, confirmed to POLITICO that the GAO “has a evaluate underway of State Department cybersecurity practices below the request of the Senate Foreign Affairs Committee.” He added that final week’s letter to the State Department “was a part of our customary request for paperwork,” and that GAO is “tentatively planning to subject a report towards the tip of this yr.”

Around the time GAO launched its probe, suspected Russian hackers had been rummaging around State Department email servers and managed to steal thousands of emails from the division’s Bureau of European and Eurasian Affairs and Bureau of East Asian and Pacific Affairs, as POLITICO reported.

The hacking marketing campaign was a minimum of the third recognized Kremlin-backed breach on the division’s electronic mail server in below a decade. Russian hackers additionally managed to penetrate State Department networks in 2014 and 2015. The then-National Security Agency deputy director said officials there engaged in “hand-to-hand combat” to secure State’s emails in 2014.

Experts additionally worry the Covid-19 pandemic has exacerbated the cybersecurity threat as a result of many federal staff have been working remotely, on much less safe methods, since final yr.

The latest State Department electronic mail thefts occurred simultaneous to the notorious SolarWinds assault — a wide-reaching espionage marketing campaign by suspected state-sponsored Russian hackers that focused federal and personal entities by way of a vulnerability in a generally used pc software program.

The State Department has said it “takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected.” And in a single response despatched to the GAO late final month, enclosed within the March 30 letter, the division identified that its Inspector General, a place at the moment held in an appearing capability by Diana Shaw, “conducts a yearly audit of the Department’s cybersecurity program” and that State makes use of a framework developed by the National Institute of Standards and Technology to guard its infrastructure.

But the GAO letter says it nonetheless wants key paperwork from the division “to grasp the division’s IT methods and networks and analyze their implementation.”

“The info additionally is required to find out, amongst different issues, the potential of the methods and networks to observe, establish, uncover, and reply to cybersecurity occasions and incidents,” the officers wrote.

State has resisted handing over some supplies, in accordance with the letter, arguing they’re exterior of GAO’s scope. “The Department is conscious of the latest GAO request and is working to reply,” stated a State Department spokesperson.

GAO has given State a deadline of April 9 at hand over almost 50 excellent paperwork, together with full stock lists of all software program and {hardware} belongings used domestically and at U.S. embassies and different posts, a list record of “all functions/knowledge which were migrated to the cloud setting,” and a listing of all incidents reported by State to the Department of Homeland Security’s Computer Emergency Readiness Team in 2019, 2020, and 2021.

The most up-to-date doc request was despatched on March 12, for a replica of the final three cybersecurity day by day briefs obtained by the division’s Chief Information Officer.

Related Posts