U.S. Sen. Mark Warner (D-VA) voiced concerns over the U.S. State Departmentʻs plans to address the surge of offensive cyberactivity by Iran.
In a letter to Secretary of State Mike Pompeo, Warner is seeking answers from Secretary of State Mike Pompeo on how the State Department plans to defend its information security systems in light of its long history of information breaches. This comes after the U.S. airstrike that killed Iranian general Qassem Soleimani.
“The Iranian government’s state-sponsored cybersecurity capabilities have grown in sophistication and intensity in recent years, and they have developed a number of advanced persistent threat groups that conduct various offensive operations. Examples include prolonged espionage, destructive malware and ransomware attacks, and social media manipulation through influence campaigns,” Warner wrote to Pompeo. “These attacks serve both political and economic purposes, and use methods like password spray attacks, scanning for VPN vulnerabilities, DNS hijacking, spear-phishing emails, and social engineering.”
Warner cites reports by the State Departmentʻs Office of the Inspector General (OIG) that outline several cybersecurity risks within the Department of State. These risks include a diminished ability to respond to malicious cyberactivity targeting personnel and information assets due to the hiring freeze. Another risk is the lack of cybersecurity oversight resulting in unauthorized and misconfigured network devices within the department.
“The State Department has a long history of information security breaches, beginning with a series of blunders in the late 1990s, and including a massive and prolonged attack in 2014, when the National Security Agency (NSA) and Russian hackers fought for control of State Department servers,” Warner wrote. “In September 2018, after an email breach of unclassified systems, a bipartisan group of Senators asked you how the State Department was addressing the issue. Two months later, hackers with suspected ties to the Russian government were found to be impersonating State Department officials in an attempt to infiltrate computers belonging to the U.S. government, the military, and defense contractors.”
Warner pointed out that in 2018, the Department of Justice indicted two Iranian individuals who used ransomware to extort hospitals, municipalities, and public institutions, causing $30 million in losses.
Warner – vice chair of the Senate Select Committee on Intelligence and co-chair of the bipartisan Senate Cybersecurity Caucus – is seeking answers to specific questions by Jan. 31.