WASHINGTON–The more you depend on your electronic devices, the more vulnerable your information is to attack. It’s the same with the federal government, especially one of its largest agencies, the Veterans Administration. That means the confidential records of those who served and who are now getting medical care through the VA, may be vulnerable.
Some lawmakers, including two from Indiana, are trying to get to the bottom of what some people say is gross neglect of cybersecurity at the VA.
“We are interested in exploring VA’s response to ongoing cybersecurity challenges, especially as we move into the post-pandemic era, as well as those brought about by geopolitical events,” said Congressman Frank Mrvan, who represents northwestern Indiana in Washington.
Mrvan, a Democrat, led a VA Subcommittee on Technology Modernization hearing Tuesday, into the VA’s handling of the security of its information systems.
The short version is: The VA doesn’t measure up.
Congressman Jim Banks, a Republican who represents northeast Indiana, opened comments during the hearing by pointing out some of the glaring problems, including on-going feuds that have caused much turnover in the past year at VA security.
“The VA is the seco0nd-largest federal agency and it has to get its cybersecurity house in order,” said Banks. “The more that we learn about the situation the more alarming the picture is of chaos at the very top.”
Banks said one top VA executive retaliated against a legal whistleblower. That caused several resignations. Banks said that when chaos is the order of the day at the top of the agency, the cracks in security become apparent and make the computer systems easier targets for entities like the Chinese Communist Party.
“The cyber threats to our country are too dire and increasing too quickly to tolerate business as usual,” said Banks. Mrvan pointed out that between 2002 and 2021more than 17 billion records were lost to cyber attacks. You can expect to hear about more attacks, both men say. Both also say the VA must get better and must find some stability to improve the odds of client data surviving attack.
Banks said the U.S. must coordinate its efforts to defend its systems.
“Our adversaries coordinate all of their governmental, military and corporate resources to hack our networks and compromise our supply chains. But, we do nothing of the sort to defend ourselves. This has to change,” said Banks.