[BreachExchange] A third of email sent to U.S. House is malware, a virus or spam
Audrey McNeil
audrey at riskbasedsecurity.com
Tue Mar 22 21:10:31 EDT 2016
http://www.azcentral.com/story/news/politics/2016/03/21/third-email-sent-us-house-malware-virus-spam/82078964/
Roughly a third of the 200 million emails received by the U.S. House in
2015 were comprised of malware, viruses or spam, according to the top House
administrator.
House officials used cybersecurity tools to detect and block those emails,
but the people trying to breach the network are getting craftier, House
Chief Administrative Officer Will Plaster said at a recent hearing of the
House Appropriations Legislative Branch Subcommittee.
"The sophistication of those who are trying to infiltrate our network has
increased dramatically," Plaster said. "They're finding much more creative
ways to get into our network and then move within our network once they get
inside."
Plaster was responding to questions from Rep. Steven Palazzo, R-Miss., who
said he is concerned about phishing attempts by "bad actors" trying to get
congressional aides to click on innocent-looking email attachments and
links that allow potential spies inside the House network. Hackers who try
to get into government networks can range from criminals trying to steal
employees' identities to foreign governments seeking classified information.
"There are bad actors out there who want to know what we're doing, whether
we're talking about armed services or homeland security issues," Palazzo
said. "They want to access our servers and our communications. We think
we're safe and secure in our office and we can type and say or do anything
we want, and that might not always be the case."
The congressman said he worries that hackers might try to "mess with our
calendars" by accessing the itineraries of House members who are traveling
within their districts or overseas.
"That information in the wrong hands could be dangerous," Palazzo said.
Plaster agreed, and said the problem is real.
"There are people who are pursuing that information for whatever reason,
whether it's for physical threat or not," Plaster said. "There are plenty
of attacks on our network, and they are looking for all of that
information. So it is not hypothetical. It is happening."
People who want to infiltrate the House network try to trick users into
revealing their passwords or exploit outdated software or equipment that
hasn't been patched, Plaster said.
"(There are) 12,000 users on the House network," he said. "Every one of
them is a potential vulnerability."
Plaster, who became chief administrative officer in January, said educating
House staffers and members about how to spot suspicious emails is key to
reducing that vulnerability. He said there are mandatory training programs
and password protection protocols in place.
"We're going to have to do more to make sure that members and staff are
aware of the scope of the threat and the role that they play in combating
it," he said.
A cybersecurity expert said the volume of attacks on the House network
sounds high, but he added that the situation is not unique to the House or
to government.
"The use of malware has gone up, whether you're talking about government or
the private sector," said Arun Vishwanath, a communications professor and
cybersecurity expert at the University at Buffalo. "Five to eight years
ago, you would have had to have the ability to create your own malware if
you wanted to infiltrate a system. Now, you can just go buy malware off the
shelf and use it."
He said training employees to beware of phishing is not always effective.
"The effects of training tend to wear off, and people go back to their old
behavior patterns," Vishwanath said. Compounding the problem is that people
are often tapping into their email system from multiple devices, including
laptops, smartphones and smart watches, he said.
The government is a particularly soft target because their computer systems
are often outdated, the professor said.
"They are typically generations behind the more secure systems," he said.
Plaster said the House administration is putting in place "more and more
tools to monitor traffic within the network" and stop intruders from moving
around within the network if they get inside.
"We are adjusting our cyber defenses against an evolving and very
sophisticated threat," he said.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160322/a8f06fec/attachment-0001.html>
More information about the BreachExchange
mailing list