OIG: DHS Can Better Mitigate the Risks Associated with Malware, Ransomware, and Phishing Attacks

A new report from the Office of Inspector General (OIG) contains several recommendations aimed at improving the Department of Homeland Security’s (DHS) mitigation of risk related to malware, ransomware, and phishing attacks. 

Threats of cyberattacks have been increasing during the past two decades. According to a joint announcement from DHS, the Department of Defense, and the Department of Justice on August 3, 2020, the Chinese government has been using malware to target government agencies, private sector entities, and think tanks since 2008. Phishing groups used voter registration–related lures to trick people into accessing fake government sites and giving away personal data in the days prior to the 2020 presidential election. And in a March 21, 2022 statement, the U.S. President reiterated his warning to the Nation about the possibility of Russia conducting malicious cyber activity against the United States. Microsoft observed close to 40 destructive attacks on hundreds of Ukrainian systems from February 23 to April 8, 2022, with 32 percent of these attacks directly targeting Ukrainian government organizations at various levels.

In recent years, several DHS components have also been victims of cyberattacks. In May 2019, photos of more than 100,000 travelers coming into and out of the country were stolen during an attack on a U.S. Customs and Border Protection (CBP) subcontractor’s network. Similarly, on October 4, 2020, United States Coast Guard personnel discovered that a database for the Coast Guard Auxiliary had been subject to a malware attack, resulting in the exfiltration of contact information for 59,149 individuals who had expressed interest in joining the Coast Guard Auxiliary. 

OIG’s audit found that DHS implements multiple layers of defense against malware, ransomware, and phishing attacks to protect its sensitive information from potential exploitation. In addition, DHS has implemented specific tools and technologies to further detect and prevent security events on component systems and to help protect DHS’ network communication and data. 

However, the watchdog said DHS can better protect its sensitive data from potential malware, ransomware, and…