CBO director testifies that hackers have been expelled from email systems

The director of the Congressional Budget Office (CBO) told lawmakers on Tuesday morning that the agency has removed hackers from its systems following a cyberattack disclosed two weeks ago. 

Phillip Swagel, director of the CBO, addressed the incident in his opening remarks before a broader hearing about the agency’s operations, telling House members that officials “have not observed further evidence of unauthorized access to CBO email.”

He added that the agency is now “operating as normal” and the work to support Congressional analysis of legislation “has continued without interruption.”

“Two weeks ago, CBO learned from our security partners that we were the target of a sophisticated cyber attack. This incident involved unauthorized access to a subset of CBOs email by a threat actor,” Swagel told the House Budget Committee. 

“The investigation into this incident is extensive and ongoing, with help from our federal partners.”

Swagel added that “private sector security specialists” are also involved in the recovery effort but did not say which companies have been hired. 

He noted that the House, Senate, U.S. Capitol Police and other agencies have been instrumental in helping the CBO recover from the attack, which allegedly involved an unnamed “foreign actor,” according to Budget Committee Chairman Jodey Arrington (R-TX). 

Swagel acknowledged that House members would have questions but said he could not share any more in a public setting. 

“The investigation is still going on, including with regard to CBO email, the threat actors activities and steps to further strengthen CBOs defenses. When we know more, I will provide that information in a closed door setting,” he explained. 

No House members asked him any further questions about the cyberattack. Later in the hearing Swagel said a legislative branch appropriation provided the CBO with some extra money “for cybersecurity issues” but did not elaborate on what exactly the money would be spent on. 

In the week following the attack, members of Congress were allegedly wary of communicating with the CBO out of fear the hackers may still have a foothold in the organization’s systems. 

The federal agency offers budget and economic information to Congress. 

The Washington Post reported that the hackers may have gained access to messages and chats between Congressional offices and staffers.