recommended reading

VA Continues Facing Onslaught of Cyberattacks

Mopic/Shutterstock.com

The Department of Veterans Affairs blocked more than 1 billion cyber threats in April, as it did in March, according to the department's monthly information security report.

VA blocked 308 million intrusion attempts, more than 956,000 instances of malware, and 52 million malicious or suspicious emails, the report said. These numbers are down from March, during which VA blocked 358 million intrusion attempts, 1.19 billion instances of malware and 81 million suspicious or malicious emails. Warren attributed the month-to-month differences to normal, "slight variation up and down" in threats month to month. 

Despite continuously blocking cyberattacks, the number of other incidents that could have put veterans' information at risk rose to 987, from 383 in March. In April, 738 of these cases were related to protected health information -- 265 in March.

During a Tuesday call with reporters, VA's chief information officer, Stephen Warren, explained the jump as a "combination of mishandling or misfiling." In April, 47 devices were reported as lost or stolen, and there were 204 paper mismailings. 

"We're always going to have flareups where something untoward happens," Warren said. "Our focus is making sure we take very quick actions on those instances."

Warren told reporters VA is also taking steps to adjust cyber protocol, thereby reducing the number of medical devices affected by cyber incidents. The department reported four instances of infected medical devices in April, down from seven in March, out of about 65,000 medical devices on its network.

Devices are safer when technicians scan USB drives, making sure they're clean. "It’s been a lot of identifying where the infection path was and putting in the discipline" for employees, Warren said. 

VA's in-house tech team, modeled after the White House's U.S. Digital Service, is now working on improving VA's customer experience, consolidating various services into a single website and making sure it looks consistent regardless of the device and operating system on which a customer is accessing it. Warren said he saw a demo last week. 

Warren said his team includes executives from Google and Amazon. "How do we take advantage of that as we continue to evolve major systems at the VA?" he asked, adding that he's focused on getting them integrated with federal employees and "making sure it’s not 'us' and 'them.'"

(Image via Mopic/ Shutterstock.com)

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov