recommended reading

OPM Cybersecurity Hearing Devolves into Russia Hacking Squabble

House Oversight and Government Reform Committee Chairman Rep. Jason Chaffetz, R-Utah.

House Oversight and Government Reform Committee Chairman Rep. Jason Chaffetz, R-Utah. // Molly Riley/AP

A House oversight committee hearing focused on shoring up the cybersecurity of federal employee information devolved Thursday for more than 10 minutes into a partisan battle over Russian meddling in the 2016 election.

Chairman Jason Chaffetz, R-Utah, and ranking member Elijah Cummings, D-Md., frequently spoke over each other during the squabble, offering yet another sign the election season hacks and the legislative response to them could overshadow other cybersecurity priorities.

During the dispute, Rep. Stephen Lynch, D-Mass., repeatedly urged the oversight committee to launch its own investigation into the election season hacks that wreaked havoc on Democratic nominee Hillary Clinton’s campaign while Chaffetz responded only the House Intelligence Committee is equipped to launch a full investigation.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

Meanwhile, Cummings pushed his bill to form an independent 9/11-style commission to investigate the Russian government-backed breaches at the Democratic National Committee, the Democratic Congressional Campaign Committee and the Clinton campaign, and Chaffetz declared one or the other of the Democrats “out of order” at least seven times.  

Witnesses, including acting Office of Personnel Management Director Kathleen McGettigan and retiring Defense Department Chief Information Officer Terry Halvorsen, remained silent throughout the dispute.

Senate Intelligence Committee Chairman Richard Burr, R-N.C., and ranking member Mark Warner, D-Va., have agreed to launch a formal investigation into the Russian hacks, while House Intelligence Chairman Devin Nunes, R-Calif., has pledged only to investigate the breaches as a normal part of the committee’s oversight activity.

House Intelligence ranking member Adam Schiff, D-Calif., has joined Cummings and other Democrats pushing for a broader investigation.

The fact that Nunes served on President Donald Trump’s transition team could cause some observers to question that committee’s findings, Cummings argued during Thursday’s hearing, a point that caused additional conflict between the chairman and ranking member.

Chaffetz accused Cummings of questioning Nunes’ integrity and Cummings accused Chaffetz of putting words in his mouth.

“I’m not questioning the integrity of Mr. Nunes,” Cummings said, adding, “when people look at the report and they see someone on the transition team for Mr. Trump, then it becomes questionable.”

A spokesman for Nunes declined to comment on the dispute.

It would make little sense for the oversight committee to investigate the election season breaches, Chaffetz insisted, because the committee is ill-equipped to investigate either the attacker or the breach victims.

On the attackers’ side, the committee cannot investigate without delving into sources and methods U.S. intelligence agencies used to gather information about the Russian hackers—typically, the domain of the Intelligence Committee working in a closed session.

On the victims’ side, he said, it would be inappropriate for a congressional oversight committee to investigate an independent political party.

In the case of the OPM breach, he said, “we could look at those that were breached and how inept their systems were and how bad it was set up and how the inspector general was warning of these things.”

He later added, “If you want me to start issuing subpoenas on the DCCC, I’m probably not going to do it, but go ahead and request it.”

Cummings and Lynch both insisted the oversight committee could begin an investigation looking only at documents that are unclassified and already public, such as January reports from intelligence agencies and the Homeland Security Department describing the breaches and the larger Russian influence operation during the campaign.

“The idea that Russia could come in and interfere with our elections, all of us should be going berserk,” Cummings said.

Witnesses reported during the hearing that:

  • All OPM systems now require dual-factor authentication for access.
  • Only one OPM database containing federal employee Social Security numbers and other sensitive data remains unencrypted. That database is scheduled to be upgraded to encrypted status next month.
  • OPM is in the midst of a small pilot focused on examining precisely how to integrate public social media posts into the current background check systems.

Threatwatch Alert

Network intrusion / Software vulnerability

Hundreds of Thousands of Job Seekers' Information May Have Been Compromised by Hackers

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.