Wyden, Gardner, Markey, Paul and Shaheen Call on State to Adopt Basic Security Measures
Washington, D.C. – Sens. Ron Wyden, D-Ore., Cory Gardner, R-Colo., Ed Markey, D-Mass., Rand Paul, R-Ky., and Sen. Jeanne Shaheen, D-N.H., called on the State Department to adopt basic cybersecurity measures to protect against phishing, hacks and other cyberattacks, in a letter released today.
Following multiple reports from outside auditors highlighting the department’s failure to adopt measures like multifactor authentication and regular security audits which are mandated by the Federal Cybersecurity Enhancement Act, the bipartisan group of five senators, raised concerns in a joint letter to Secretary of State Mike Pompeo.
“The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’” the senators wrote.
“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [mutifactor authentication],” they continued
The senators asked for responses to three questions by October 12.
Read the full letter here.