VA security holding in face of mounting threats


VA security holding in face of mounting threats

The Department of Veterans Affairs saw slightly fewer security incidents last month, but CIO Steph Warren said he is not expecting that pattern to hold. 

 “We’re holding steady our malware attempts, it is a slight decrease from last month,” Warren said in a May 26 conference call. “If you look at the trends, there’s usually a slight variation up and down, but there is nothing we’ve see that tells us that the number will not continue on the upper trend.”

Despite 956,449,158 attempted malware attacks that the VA detected in April, none led to hackers getting to any data, though the report does show that some did get to agency data centers and servers before being contained.

The number of suspicious emails also dropped, to 52,939,418 -- something Warren attributed to the increased use of Einstein 3, the network perimeter blocking system operated by the Department of Homeland Security.

And fewer connected medical devices were compromised as well. Warren said the VA is responsible for about 65,000 devices on its networks and only four were infected -- down from nine in March and 13 in January.

Medical devices are especially vulnerable to infection. They are durable and can last for years or even decades longer than their underlying software and operating systems. VA and most other large medical systems have the problem of a large number of devices that run Windows XP, which is out of support.

At VA, Warren said, there is a "commitment to getting [XP-based devices] out of the enterprise." However, that is a long term project. In the short term, protecting medical devices is a matter of cyber hygiene.

However, there was an increase in the number of veterans affected by vulnerabilities in protected health information -- which included mishandling of information and the misfiling of documents. That number hit 738 in April. Warren did not explain why that number went up, but he did say he feels good about the department’s overall security.

“Our team has taken down the number of vulnerabilities by 67 percent from its high in November of last year,” Warren said. “We’ve taken the critical and high [threats] off the table and now we’re focusing the medium and low threats. I believe our security landscape is positive, but we’re driving harder.”

Last year, Warren said, the VA worked on putting policies and procedures in place and laying a good foundation. “And you need that solid foundation to start taking vulnerabilities out.”

FCW’s Adam Mazmanian contributed to this report.

About the Author

Derek Major is a former reporter for GCN.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected