IRS Thwarts Hack; Obama Calls for More Cybersecurity
On Feb. 9, the IRS announced it has stopped a hacker attempt by an automated Web robot software application, or malware, to attack the agency’s Electronic Filing PIN application, which can be used to electronically file tax returns. The hack, which the IRS says was identified and stopped in January, used personal data, including Social Security Numbers (SSNs) stolen outside of the agency’s site, to create E-file PINs to gain access to the IRS Website.
The IRS has identified attempts involving approximately 464,000 SSNs. However, no taxpayer data were compromised through IRS systems, according to the agency, and it has notified affected taxpayers that their personal information was used to try to gain access to the IRS’s site. “IRS cybersecurity experts are currently assessing the situation, and the IRS is working closely with other agencies and the Treasury Inspector General for Tax Administration,” according to an IRS statement.
Meanwhile, Pres. Obama announced he has charged his administration with implementing a cybersecurity national action plan (CNAP) to addresses near- and long-term strategies to better protect consumer privacy, promote cybersecurity awareness among consumers, and to maintain economic and national security, among other measures. Pres. Obama has earmarked $19 billion in his proposed 2017 budget for cybersecurity efforts, including a $3.1 billion Information Technology Modernization Fund to enable government agencies to begin updating their IT infrastructure.
Other facets of CNAP include: Developing a commission made up of strategic, business and technology thought leaders outside of the government to recommend actions to strengthen cybersecurity in the public and private sectors; and improving consumers’ online account security by educating them about the importance of strong passwords, and by working with technology firms, such as Google and Facebook, and payments companies, including Visa, MasterCard and PayPal, to continue their work on making consumer transactions more secure. Pres. Obama also has created the position of Federal Chief Information Security Officer to promote cybersecurity policy, planning and implementation across federal agencies.
The $19 million proposed by the president is 35 percent more than the funds approved in fiscal year 2016. “These resources will enable agencies to raise their level of cybersecurity, help private sector organizations and individuals better protect themselves, disrupt and deter adversary activity and respond more effectively to incidents,” according to the administration’s announcement.