Cyberattack shutters USIS government work
By
Nick Wakeman
USIS suffered a major cyberattack, which has led its customers to stop using the company until security issues are resolved.
Poor U.S. Investigations Services just can’t catch a break these days.
The company yesterday reported on its website that it had been the subject of a cyberattack that has all markings of a state-sponsored attack.
USIS reported the breach to federal law enforcement, the Office of Personnel Management (one of its biggest customers), the Homeland Security Department and other agencies.
Because of the nature of the attack, the company’s customers have stopped doing business with USIS, which provides background investigation services and processing for security clearances, until things are fixed.
“Our systems and people identified this attack, and, in response, we are working alongside OPM, the Department of Homeland Security and federal law enforcement authorities in redoubling our cyber security efforts,” the company’s statement said. “We are working collaboratively with OPM and DHS to resolve this matter quickly and look forward to resuming service on all our contracts with them as soon as possible.”
USIS also has been attacked by some because it continues to win federal contracts even though the Justice Department has joined a civil lawsuit alleging the firm left at least 665,000 background checks incomplete.
When USIS won a $190 million contract with DHS’s Citizenship and Immigration Services for support services (not background investigations), Rep. Elijah Cummings (D-Md.) and Sen. Tom Coburn (R-Okla.) fired off a letter to DHS Secretary Jeh Johnson questioning whether the award was appropriate given USIS’s record.
In addition to the incomplete background checks, USIS also handled background checks for Navy Yard shooter Aaron Alexis and National Security Agency leaker Edward Snowden.
The company defended the award, saying it followed a two-year competition. The losing bidder, FCi Federal (also the incumbent), has waged a war of sorts against USIS, filing a protest with the Government Accountability Office as well as hiring a lobbying firm, according to Politico.
I have some sympathy for USIS, which brought on Sterling Philips as its president and CEO after much of the troubles were discovered.
Since then the company has been cooperating with investigators and has increased oversight of its operations.
“Over the past two and one-half years, USIS has implemented extensive changes to business processes, internal controls, organizational structures, management, and personnel to insure our business operates in a manner that is 100 percent complaint with federal regulations and our contractual obligations,” a company spokesman told Politico.
Our sister publication, FCW.com, also has written about the USIS cyberattack.