Senate regularly thwarts cyber attacks: official

By David Morgan

WASHINGTON (Reuters) – The Senate weathers tens of thousands of attempted computer hackings each month but does not appear to have been touched by any incidents aimed at private Gmail accounts, an official said on Friday.

Senate Sergeant at Arms Terrance Gainer, who oversees cyber security for 100 senators and thousands of their staff, said in an interview that firewalls and other security measures have prevented would-be hackers from breaching the Senate computer system through individual computers.

“It is a never-ending battle because we know that our adversaries are constantly — by the tens of thousands of times — trying to break through our firewalls. And they have not been successful,” he told Reuters.

Gainer spoke days after Google Inc said it had disrupted a campaign originating from China aimed at stealing passwords of hundreds of Google Gmail account holders, including senior government officials, Chinese activists and journalists.

The news sent officials scrambling to determine if security had been compromised. The State Department on Friday asked Beijing to investigate the allegations.

“I am not aware of any action like that on the Senate side,” Gainer said. “But in this business, in this game, that wouldn’t surprise me one iota.”

Like the House of Representatives, the Senate exercises broad oversight of executive branch agencies and departments that provide lawmakers with highly sensitive information involving military and clandestine espionage operations, industry, trade and advanced technology.

That makes the Senate’s computer system a prime target for hackers, who could try to access official files through the private email accounts of individual lawmakers or staff members.

Gainer said senators and their staffs are discouraged from accessing private, web-based email accounts on their Senate computers, but he acknowledged that many still do so.

Some government agencies, including the Securities and Exchange Commission, have firewalls that block employee access to personal email services such as Gmail, Yahoo Mail, and AOL. Other agencies discourage usage but do not block access.

Gainer said hackers will often try to entice private email users to open so-called “phishing” messages that can unleash spyware or malicious viruses.

“We have firewalls that would prevent that from happening,” he said.

Gainer’s office reviewed cyber security last year and is now implementing upgrades that he declined to discuss.

“I’m pretty comfortable, as the one responsible for cyber security in the Senate, to say I think we are where we need to be,” Gainer added.