HHS Cyberattacked and Coronavirus Raises Vulnerability Fears

The attack on the federal agency comes as government officials scramble to respond to the rapidly spreading virus as fears grow that the U.S. is vulnerable to cyber adversaries. Mobile voting security takes a hit.

cyberhacker on a computer
Health and Human Services cyberattacked during coronavirus crisis. No data was lost or networks disabled, but officials say the attack on March 15 was an attempt to slow the U.S. Department of Health and Human Services' response to the ongoing novel coronavirus pandemic.

The attack comes as officials at all levels of government are scrambling to respond to the rapidly spreading virus, according to Government Technology reporter Lucas Ropek.

While it is unclear where the attack came from, it apparently resulted in no data breach and did not compromise the overall operations of the agency, according to HHS Secretary Alex Azar. The attack was not a hack, but was likely an attempted distributed denial of service attack (DDOS) that sought to overload the agency's systems. 


The United States is increasingly vulnerable to a cyberattack targeting hospitals, food supplies or other vital functions during the coronavirus pandemic. According to the Washington Post, lawmakers and experts are calling on the Trump administration to take bold action to reduce the threat of a cyberdisruption from adversaries. 

Since the outbreak began, unidentified hackers launched what appears to have been an unsuccessful attack aimed at disrupting computer networks at the U.S. Department of Health and Human Services. A different problem happened with the spread of misleading claims that President Trump planned to impose a nationwide lockdown over text message, encrypted apps and social media platforms. 

“There are actors out there in cyberspace that think we’re vulnerable,” Rep. Mike Gallagher, R-Wis., who co-chaired the recent Cyber Solarium Commission
on the future of U.S. cybersecurity, told Post reporter Joseph Marks. “At a minimum, we need to impose costs on whoever did this. We don’t want the signal to be that now is a good time to take advantage of the U.S.” 

As the pandemic spreads, cyber experts have grown more concerned that the U.S. is vulnerable to digital attacks from foreign adversaries such as Russia and China. They are also concerned that rogue attackers could try to digitally disrupt medical care or food supplies.


Mobile voting security flaws confirmed.
An online voting blockchain-based app, which has been used in more than 50 elections to cast more than 80,000 votes, has a number of security flaws, according to a recent audit. The app, from Voatz, contains security flaws that could allow hackers to change or discard votes, say experts from the security consulting firm Trail of Bits.

Their assessment of the voting app’s internal programming validated earlier concerns raised by researchers from MIT, according to Government Technology reporter Andrew Westrope. Voatz paid Trail of Bits to conduct the “white box” assessment, which involved looking inside its programming and code as opposed to only testing it from the outside.

So far, the company has piloted its app with select groups of voters in the state of West Virginia; the city of Denver; Utah County, Utah; and both Jackson and Umatilla counties in Oregon.

Tod is the managing editor of Governing and the contributing editor of our sister publication, Government Technology. He was previously the editor of Public CIO, e.Republic’s award-winning publication for IT executives in the public sector, and is the author of several books on information management.