VA sees sharp uptick in cyberattacks
The top tech official at Veterans Affairs said the department risks being "overwhelmed" if the number of attacks continues to increase.
The Department of Veterans Affairs is an increasingly popular target for hackers and cyber criminals. Attempts to infiltrate VA networks, or ship malware to VA employees and contractors via phishing emails, are growing exponentially, according to data released by the agency.
There were more than 350 million attempts to infiltrate VA networks in March 2015, up from 15 million in November 2014. The VA blocked almost 1.2 billion pieces of malware targeting VA systems in March, up from 300 million six months ago.
Steph Warren, the top tech official at VA, said the department risks being "overwhelmed" if attacks continue to grow at the current rate of increase. The VA has been releasing top line numbers on cyber infiltration attempts in recent months, so there is a clearer picture of the threats facing VA than those facing other agencies. But Warren pointed out during an April 30 call with reporters, "there is lots and lots of interest, and we are not the only ones seeing this kind of interest." Warren added, "we hope there is some appreciation of the level of threat that is coming at these organizations."
VA is a customer of the Einstein network protection system run by the Department of Homeland Security. Warren said that VA was "aggressively taking advantage" of new features being added to the Einstein toolkit.
Warren also said that VA tech employees are taking a harder line with colleagues who are opening and activating phishing emails by clicking on attachments from unknown senders. Workers who click on phishing emails typically get a chat on proper email precautions and cyber hygiene from an IT staffer that includes an explanation of what could happen if a rogue program were permitted to infect the system. The VA's defenses in combination with Einstein have blocked these inbound intrusion attempts, but Warren stressed that the volume of attacks presented an urgent threat.
"Six months ago, I could not have projected that we would be seeing this volume, this intensity of attacks," he said.
At the same time as it fends off attacks to its network, the VA is mulling how it might move some of its data and operations to commercial cloud environments. Warren said that Office of Information and Technology staff, along with representatives from around the VA -- including the general counsel and inspector general's office --are meeting to develop a cloud computing strategy. A previous plan to move VA email to an HP cloud was scuttled because the VA OIG objected to the records retention schedules contained in the cloud deal.
Warren said he hoped to develop a plan to move high-security and medium-security apps and data to the cloud. "We're not looking for a consensus solution," Warren said. Instead, he wants to clear potential hurdles to moving to the cloud and address objections as they come up. Warren said he hoped to see a first draft of the cloud strategy within 30 days.