Hackers are continuing to break into the Senate websites, following up last weekend’s intrusion with a similar one Tuesday evening, according to the Senate Sergeant-at-Arms’s office.
Senate.gov has seen “an uptick in intrusion attempts” since the weekend hack became public, SAA information technology security staff wrote in a Tuesday night email obtained by Roll Call and addressed to high-level Senate staffers and systems administrators.
“In a manner similar to the intrusion last weekend, an attacker was able to gain limited access to senate.gov through a vulnerability in one office’s website,” the email stated. “We have notified the office and its website developer, and the vulnerable code has been removed.”
Though SAA said the hackers did not gain access to the main Senate network, the security office said it is stepping up monitoring to prevent such attacks and is urging Member offices to ensure their individual sites are secure.
The hacker group Lulz Security, which has recently attacked the websites of Sony and the Public Broadcasting Service, claimed credit for the weekend hack, posting what appears to be a long string of HTML Web programming code copied from the Senate site to its own website. Reuters first reported the incident.
It is unclear whether the same group is responsible for Tuesday’s attack, Deputy Senate-Sergeant-at-Arms Martina Bradford said in an interview Tuesday. The group has not posted another cache on its website.
Bradford said the chamber’s security team has been able to stay ahead of the hackers and keep them out of the main Senate network, but it must still work on getting offices to “be a little bit more savvy” when updating their websites.
“These folks are always out there, people trying to hack networks have been out there as long as networks have existed,” she said. “I’m sure you haven’t heard the last of them.”
In Congressional testimony last year, Senate Sergeant-at-Arms Terrance Gainer said the networks of Congress and executive branch agencies were probed or attacked an average of 1.8 billion times per month last year. But the latest incidents are unsettling Members, especially those who deal with technology and security issues.
Senate Homeland Security and Governmental Affairs ranking member Susan Collins issued a statement Tuesday morning, saying the weekend attack points to the need for comprehensive cybersecurity legislation, similar to a bill that she recently introduced.
“Cyber crime costs our national economy billions annually,” the Maine Republican said in the statement. “Congress needs to fundamentally reshape how the federal government works collaboratively with the private sector to address all cyber threats, from espionage and cyber crime to attacks on the most critical infrastructure.”
House Administration Chairman Dan Lungren said the issue underscores the fact that Members are targets and must be continually vigilant with their technology, whether it be a website or a BlackBerry.