Sen. Michael Bennet (D-Colo.) is calling on the three top federal health agencies to allow for an investigation into their cybersecurity defenses following an attempted hack of the Department of Health and Human Services (HHS).
In a letter to the leaders of HHS, the National Institutes of Health (NIH), and the Centers for Disease Control and Prevention (CDC) on Tuesday, Bennet “strongly urged” the agencies to allow the Cybersecurity and Infrastructure Security Agency (CISA) to review the security of their systems.
“I urge CISA to perform a comprehensive review of all computer-based IT and network systems at HHS, CDC, and NIH to identify and address any vulnerabilities now to limit exposure to future cyber incidents,” wrote Bennet, a member of the Senate Intelligence Committee.
Bennet emphasized the importance of shoring up cybersecurity for the three key agencies in the midst of the ongoing coronavirus pandemic.
“As this public health crisis continues, perhaps for several months, the security of these vital systems is critical to ensuring that our federal agencies responsible for public health can effectively support our response to the pandemic and continue to provide trusted and timely information to the American people,” Bennet wrote.
The letter came on the heels of a cyberattack that targeted HHS earlier this week. According to HHS Secretary Alex Azar, hackers were not able to access any data and agency operations were not impacted.
A spokesperson for CISA, which is the cyber arm of the Department of Homeland Security, said in a statement following the incident that the agency “has taken a number of steps over the last several weeks to increase cybersecurity preparedness across federal civilian agencies,” and that it would “continue to support our partners at HHS as they protect their IT systems.”
Bennet has not been the only member of Congress to raise concerns about the cybersecurity of the federal agencies in recent days.
Sen. Mark Warner (D-Va.), the vice chairman of the Senate Intelligence Committee, told The Hill on Monday that he had “grave concerns” about the security of the health care sector.
Sen. Ben Sasse (R-Neb.), a member of the committee, also said in a statement that there needed to be “consequences” for those who attack agencies like HHS during a crisis, saying in a statement it is like “kicking opponents when they’re down.”