VA Cyber Threats Growing Exponentially

Published: May 06, 2015


According to numbers released by VA for March cyber attacks, VA’s cyber threat level has quadrupled since November. VA experienced 1.2 billion attempts to plant malware on its networks in March, up from 330 million four months prior. Nearly 360 million intrusion attempts were blocked in the same time period, up from just 15 million in November.

Fortunately, all threats were blocked or contained and no veteran information was compromised.  However, "At some point we will be overwhelmed? at some point the huge volume and the number will basically start breaking things on us," said VA CIO Stephen Warren during  a monthly press call on April 30th.

VA uses DHS’ Einstein intrusion protection system to ward off cyber threats and is taking advantage of all new enhancements as they are released, according to Warren. "To deal with the continued exponential growth in the threat, we've been basically continuing to build on our defense-in-depth, as well as some of the continuous monitoring tools we have in place," said Warren.

According to the annual FISMA report to Congress for FY 2014, VA raised its information security continuous monitoring score 19% from the prior year to 96% in FY 2014. However, VA scored low for detecting and blocking unauthorized software (0%), data protection mobile asset encryption (5%), data protection anti-spoofing (0%),and TIC traffic consolidation (57%). VA’s overall FISMA cybersecurity assessment score has fallen only slightly from 81% in FY 2012 to 80% in FY 2014 and is categorized as yellow status.

VA is requesting an increase in the FY 2016 budget for a total of $30M in its cybersecurity operational account.  However, cybersecurity is embedded in the entire VA budget:  $53M on cyber as a program, $70M for networks operation center, $30M for continued readiness and information security, and $10M for privacy and records management.  Warren hopes that Congress takes note of the threat level and the need for funding to support data security within the department.