Purchase-card innovation, HHS re-orgs, email hacks and drone management

House Republicans back re-org of HHS IT with cyber in mind

Five operating divisions of Department of Health and Human Services have been repeatedly targeted by hackers in recent years, and two senior House Republicans think a shakeup in the CIO shop might help lock down HHS data.

Rep. Fred Upton (R-Mich.), chairman of the House Energy and Commerce Committee, and Rep. Tim Murphy (R-Pa.), chairman of the Subcommittee on Oversight and Investigations, want to see the chief information security officer role at HHS report to the general counsel, rather than to the CIO.

Their recommendations are included in a majority report from the Energy and Commerce Committee that digs into breaches at the Food and Drug Administration, the National Institutes of Health and other divisions. The report found that the current organizational structure "prioritizes operational over security concerns, resulting in security interests receiving insufficient or improper attention." The committee wants the CISO to report to the top lawyer at HHS to acknowledge "the fact that information security has evolved into a risk-management activity, traditionally the purview of the legal team."

18F designs new tool to streamline purchase-card process

18F has unveiled an online portal called Communicart designed to help government employees looking to purchase small items do so quickly and efficiently.

Let's say you have a broken office chair. Communicart "streamlines the purchase card approval process, [so] government employees can spend more time performing their essential work and less time on the paperwork required to buy that new chair," according to a blog post by 18F developer Greg Boone.

Federal employees use purchase cards to buy small office items like that chair, as well as ergonomic keyboards, sharpies, monitor stands and the like. Because these cards use taxpayer dollars, every purchase request is regulated and an official must make sure they're justified. These approvals are done through email exchanges, and according to the blog post, the employee carries much of the burden in keeping track of the request.

"Over time these inconsistencies became inefficiencies that slowed down the whole process," Boone wrote in the post. "An updated process will also help restore public confidence that government employees are only using cards for valid purchases."

According to Boone, Communicart will be rolled out to Public Buildings Service employees across the country, starting in the GSA's Great Lakes region.

Report: Russian spear phishing behind Joint Chiefs email outage

The Joint Chiefs of Staff's unclassified email network has been down for nearly two weeks in an apparent cyberattack that news reports, citing unnamed U.S. officials, have attributed to Russia.

Joint Chiefs spokesman Richard Osial would not confirm to FCW a report from NBC News saying that Russian hackers had carried out a "sophisticated" cyberattack around July 25 that affected 4,000 military and civilian personnel.

Hackers used spear phishing emails to break into the unclassified network, The Daily Beast reported. Defense Department Chief Information Officer Terry Halvorsen has warned Pentagon employees about the dangers of spear phishing and tried to make improving "cyber hygiene" at DOD a centerpiece of his tenure.

NBC subsequently reported that the email system would come back online late on Aug. 7.

FAA works with university on drone management

University of Nevada-Reno researchers are working with the Federal Aviation Administration to develop a low-altitude management system to handle fast-moving, smaller aircraft as they cruise through increasingly crowded skies.

Nevada-Reno is one of several organizations participating in the first phase of the NASA Ames Unmanned Aerial Systems Traffic Management project to enable safer use of low-altitude airspace, of 500 feet and below, where unmanned aerial vehicles, helicopters, gliders and other general aircraft are operating.

The university said it is working with Flirtey, the world's first drone delivery service, and Drone America, a top provider of unmanned autonomous vehicles, on the project. According to researchers, Flirtey and Drone America will fly their delivery drone platforms at NASA's Unmanned Traffic Management system in Nevada and California in August.

The university said it is developing software that will serve as the communications "bridge" between an unmanned autonomous vehicle and NASA's traffic management system to navigate in a system that includes airspace design, corridors, dynamic geofencing, severe weather and wind avoidance, congestion management, terrain avoidance, route planning and re-routing.

NASA joins Tumblr

NASA is expanding its already-expansive social media reach with an official Tumblr account, the agency announced August 7.

The microblogging presence will provide visitors with "a regular dose of space in a blog-like format," NASA promised.

The first post was an animated GIF of the moon "photobombing Earth."

Also debuting this week: a Tumblr account for astronaut Peggy Whitson to share her trajectory toward the International Space Station, a JunoCam Tumblr for Jupiter images and a Curiosity rover Tumblr for pictures from the Martian surface.