IRS Points Toward Russia As Breach Source

When the news of the IRS data breach hit earlier this week (May 26), IRS Commissioner John Koskinen said the agency was “confident that these are not amateurs.” And a report that came out yesterday (May 28), indicates those suspicions have been confirmed.

And the early reports suggest that the attack that’s estimated to have impacted 100,000 households originated out in Russia, according to multiple media reports on the updated reports. The commissioner learned of the possible connection to Russia just a day after the cyberattack was realized.

“It’s a problem, no matter where it’s coming from, for the taxpayers and the IRS. It surely doesn’t help matters though that it’s coming from Russia for all the obvious geopolitical reasons,” Illinois Republican Rep. Peter Roskam, chairman of a House subcommittee with IRS oversight, told CNN.

On Wednesday, Koskinen’s reported showed the breach was likely part of a large, well-organized attack as he said “these actually are organized crime syndicates that not only we but everybody in the financial industry are dealing with.” The IRS said the issue is being investigated by the IRS Inspector General for Tax Administration and its Criminal Investigation unit. To respond to the hack, the IRS also announced it would provide free credit monitoring services for those impacted; those taxpayers will be notified directly by the IRS.

The cybercriminals used a system called “Get Transcript,” which is a place taxpayers can access tax returns from prior years. The thieves were able to override a security checkpoint that includes information about the taxpayer  — which included data like Social Security numbers, birthdates, tax status, and street addresses.

The news that the IRS breach came from inside Russia comes at a particularly troubling time in the U.S. and Russia’s relations. Russian hackers in the direct employ of the Russian government are currently the leading suspects for breaching databases of both the White House and the State Department.

And now, after the most recent breach, lawmakers are demanding answers from the agency that has been under recent criticism for cybersecurity holes. In fact, the impact could have been close to twice as bad, as the agency indicated there were around 100,000 unsuccessful attempts in the IRS breach.

“This agency has been repeatedly warned by top government watchdogs that its data security systems are inadequate against the growing threat of international hackers and data thieves,” Utah Republican Sen. Orrin Hatch, chairman of the Senate Finance Committee said.

“When the federal government fails to protect private and confidential taxpayer information, Congress must act,” he said in a later interview with CNN.

Other news reports about the IRS also haven’t been favorable, like one that reported that the IRS has cut its cybersecurity staff by 11 percent in a four-year period — during a time that cybersecurity has only increased as a national threat. While the IRS has increased its cybersecurity budget, it also has done so with less staff. But this could also mean the IRS is outsourcing more work, Alan Paller, director of research at the SANS Institute, told ComputerWorld.

“Each organization moves at a different pace toward a point at which they have outsourced so much that the insiders do little more than manage contracts, and lose their technical expertise and ability to manage technical contractors effectively,” Paller said.

To check out what else is HOT in the world of payments, click here.