A third of email sent to U.S. House is malware, a virus or spam
March 22, 2016
Shah Sheikh (1294 articles)

A third of email sent to U.S. House is malware, a virus or spam

WASHINGTON — Roughly a third of the 200 million emails received by the U.S. House in 2015 were comprised of malware, viruses or spam, according to the top House administrator.

House officials used cybersecurity tools to detect and block those emails, but the people trying to breach the network are getting craftier, House Chief Administrative Officer Will Plaster said at a recent hearing of the House Appropriations Legislative Branch Subcommittee.

“The sophistication of those who are trying to infiltrate our network has increased dramatically,” Plaster said. “They’re finding much more creative ways to get into our network and then move within our network once they get inside.”

Plaster was responding to questions from Rep. Steven Palazzo, R-Miss., who said he is concerned about phishing attempts by “bad actors” trying to get congressional aides to click on innocent-looking email attachments and links that allow potential spies inside the House network. Hackers who try to get into government networks can range from criminals trying to steal employees’ identities to foreign governments seeking classified information.

“There are bad actors out there who want to know what we’re doing, whether we’re talking about armed services or homeland security issues,” Palazzo said. “They want to access our servers and our communications. We think we’re safe and secure in our office and we can type and say or do anything we want, and that might not always be the case.”

The congressman said he worries that hackers might try to “mess with our calendars” by accessing the itineraries of House members who are traveling within their districts or overseas.

“That information in the wrong hands could be dangerous,” Palazzo said.

Plaster agreed, and said the problem is real.

“There are people who are pursuing that information for whatever reason, whether it’s for physical threat or not,” Plaster said. “There are plenty of attacks on our network, and they are looking for all of that information. So it is not hypothetical. It is happening.”

People who want to infiltrate the House network try to trick users into revealing their passwords or exploit outdated software or equipment that hasn’t been patched, Plaster said.

“(There are) 12,000 users on the House network,” he said. “Every one of them is a potential vulnerability.”

Plaster, who became chief administrative officer in January, said educating House staffers and members about how to spot suspicious emails is key to reducing that vulnerability. He said there are mandatory training programs and password protection protocols in place.

“We’re going to have to do more to make sure that members and staff are aware of the scope of the threat and the role that they play in combating it,” he said.

A cybersecurity expert said the volume of attacks on the House network sounds high, but he added that the situation is not unique to the House or to government.

“The use of malware has gone up, whether you’re talking about government or the private sector,” said Arun Vishwanath, a communications professor and cybersecurity expert at the University at Buffalo. “Five to eight years ago, you would have had to have the ability to create your own malware if you wanted to infiltrate a system. Now, you can just go buy malware off the shelf and use it.”

He said training employees to beware of phishing is not always effective.

“The effects of training tend to wear off, and people go back to their old behavior patterns,” Vishwanath said. Compounding the problem is that people are often tapping into their email system from multiple devices, including laptops, smartphones and smart watches, he said.

The government is a particularly soft target because their computer systems are often outdated, the professor said.

“They are typically generations behind the more secure systems,” he said.

Plaster said the House administration is putting in place “more and more tools to monitor traffic within the network” and stop intruders from moving around within the network if they get inside.

“We are adjusting our cyber defenses against an evolving and very sophisticated threat,” he said.

Source | USAToday