Lawmakers are looking for IG cybersecurity probes in telecommuting
A group of six House Democrats who head the committee and subcommittees for oversight and reform are calling on about a dozen inspectors general to conduct audits of their agencies and departments to assess what vulnerabilities may have arisen from the massive increase in telecommuting during the coronavirus pandemic.
“The widespread use of virtual private networks and other remote access technologies to facilitate continuity of operations across the federal government allowed federal agencies to continue to serve the nation during a deadly pandemic, but it also created cybersecurity vulnerabilities. additional information that could jeopardize the integrity of federal information technology networks, “lawmakers wrote in a letter sent Wednesday.
The letters were signed by Representatives Carolyn B. Maloney (DN.Y.), Stephen F. Lynch (D-Mass.), Gerald Connolly (D-Va.), Raja Krishnamoorthi (D-Ill.) Jamie Raskin ( D -Md.) And Ro Khanna (D-California). Maloney is chair of the House Oversight and Reform Committee. The other signatories chair the Oversight Subcommittees.
Democrats requested audits from inspectors general from the departments of State, Defense, Homeland Security, Justice, Energy, Finance, Health and Human Services, Veterans, and Education, as well as the intelligence community.
“The proliferation and growing sophistication of malicious state and non-state cyber actors requires that federal departments and agencies be able to maintain and protect the integrity of their information technology systems, especially if they adopt more flexible telework policies after the decrease in the coronavirus pandemic “. wrote the legislators.
The request comes during a year in which federal and state governments have faced a barrage of cyber security threats. Most pertinent to the Democrat’s request could be the February intrusion on a Florida-based water facility, in which hackers took advantage of the facility’s remote work applications and nearly poisoned the supply. of water in a city.
The audit, lawmakers wrote, should be included in each agency’s annual FISMA assessment and should examine the use of remote connections or virtual network controllers; platforms such as Microsoft Teams, Zoom and Slack and whether agencies have implemented adequate security to obtain controlled information.
Inspectors General should also examine the agency’s adherence to Internet connection trust guidelines and identity, credential, and access management policies for users accessing networks remotely, as well. such as the distribution and management of physical and virtual items such as laptops.
Justin Katz covers cybersecurity for FCW. He previously covered the Navy and Marine Corps for Home Defense, focusing on weapons, vehicle acquisition, and Pentagon oversight in Congress. Prior to reporting from Inside Defense, Katz covered community news in the Baltimore and Washington DC areas. Connect with him on Twitter at @JustinSKatz.