While no data was lost or networks disabled, officials say the Sunday cyberattack seems to have been an effort to slow the Health and Human Services Department's response to the ongoing novel coronavirus pandemic.
The U.S. Department of Health and Human Services (HHS), the top federal health agency charged with responding to the novel coronavirus (COVID-19) outbreak, was the target of a cyberattack Sunday. The incident appears to have been a bid to slow the agency's response to the ongoing pandemic, experts have suggested.
The attack comes as officials at all levels of government are scrambling to respond to the rapidly spreading virus.
While it is unclear where the attack came from, it apparently resulted in no data breach and did not compromise the overall operations of the agency, according to HHS Secretary Alex Azar, speaking with The Hill. Multiple sources told ABC News the attack was not a hack, but was likely an attempted distributed denial of service attack (DDOS) that sought to overload the agency's systems.
"We have extremely strong barriers, we had no penetration into our networks, no degradation of the functioning of our networks, we had no limitation on the ability or capacity of our people to telework, we’ve taken very strong defensive actions," Azar told the publication.
The incident also appears to have involved the release of disinformation, according to a report from Bloomberg that said a recent tweet by the National Security Council (NSC) regarding misinformation had referenced the HHS incident.
"We are aware of a cyberincident related to the Health and Human Services computer networks, and the federal government is investigating this incident thoroughly,” John Ullyot, NSC spokesperson, said in a statement to Bloomberg. “HHS and federal government cybersecurity professionals are continuously monitoring and taking appropriate actions to secure our federal networks.”
A number of federal agencies are now involved in a response to the attack, including the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency.
Never miss a story with the daily Govtech Today Newsletter.