The Veterans Affairs Department experienced a significant surge in cyberthreats in March, Chief Information Officer Stephen Warren said during a Thursday call with reporters.
The department blocked 1.19 billion malware instances and 358 million intrusion attempts into VA systems in March alone, Warren said. This number is up since February, when VA reported blocking 930 million malware instances and 4.3 million intrusion attempts.
If the volume of threats continues to ramp up, Warren said, “any agency will run into the point where we may get overwhelmed.” He added later, “Nothing I do will reduce what’s coming at me one bit.”
Instead, he said, VA will need to scale its cybersecurity to prevent what could be an exponential increase in threats. He said the department has been strengthening its continuous monitoring technology, reinforcing external network connections, and beefing up security training.
When asked about the motivations behind the threats, Warren said his team doesn’t segment threats by cause, focusing instead on withstanding the volume of threats when they come in.
“It is across the board,” he said. “There doesn’t appear to be any disincentive for an individual or an organization “¦ to come after the VA as well as other organizations for data.”
Though he didn’t propose a solution to the problem, Warren said during the call that an expanded cybersecurity budget, as well as a more generous operational budget, might help VA manage an influx of cyberthreats.
Warren noted that he has shared information about the volume of threats with the Office of Management and Budget and says he hopes other agencies will be up front about the threats they face.
“We need to figure out, ‘How do we take this on together as a society?’” Warren said.
What We're Following See More »
"Two days after President Trump’s summit with Russian President Vladimir Putin, Russian officials offered a string of assertions about what the two leaders had achieved. 'Important verbal agreements' were reached at the Helsinki meeting, Russia’s ambassador to the United States, Anatoly Antonov, told reporters in Moscow Wednesday, including preservation of the New Start and INF agreements," and cooperation in Syria.
"Two weeks before his inauguration, Donald J. Trump was shown highly classified intelligence indicating that President Vladimir V. Putin of Russia had personally ordered complex cyberattacks to sway the 2016 American election. The evidence included texts and emails from Russian military officers and information gleaned from a top-secret source close to Mr. Putin, who had described to the C.I.A. how the Kremlin decided to execute its campaign of hacking and disinformation. Mr. Trump sounded grudgingly convinced, according to several people who attended the intelligence briefing. But ever since, Mr. Trump has tried to cloud the very clear findings that he received on Jan. 6, 2017, which his own intelligence leaders have unanimously endorsed."