WASHINGTON (Reuters) - The U.S. government was hit by more than 77,000 “cyber incidents” like data thefts or other security breaches in fiscal year 2015, a 10 percent increase over the previous year, according to a White House audit.
Part of the uptick stems from federal agencies improving their ability to identify and detect incidents, the annual performance review from the Office and Management and Budget said.
The report, released on Friday, defines cyber incidents broadly as “a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices.” Only a small number of the incidents would be considered as significant data breaches.
National security and intelligence officials have long warned that cyber attacks are among the most serious threats facing the United States. President Barack Obama asked Congress last month for $19 billion for cyber security funding across the government in his annual budget request, an increase of $5 billion over the previous year.
The government’s Office of Personnel Management was victim of a massive hack that began in 2014 and was detected last year. Some 22 million current and former federal employees and contractors in addition to family members had their Social Security numbers, birthdays, addresses and other personal data pilfered in the breach.
That event prompted the government to launch a 30-day “cyber security sprint” to boost cyber security within each federal agency by encouraging adoption of multiple-factor authentication and addressing other vulnerabilities.
“Despite unprecedented improvements in securing federal information resources … malicious actors continue to gain unauthorized access to, and compromise, federal networks, information systems, and data,” the report said.
Reporting by Dustin Volz; Editing by Alistair Bell
Our Standards: The Thomson Reuters Trust Principles.