so we have been fortunate to some degree that huey long was a minority in the institution. a data breach at the office of personnel management has exposed personal information on about 4 million current and former government employees.

that security lapse was the main topic at today's white house briefing with press secretary josh earnest. this is an hour. [inaudible conversations] >> anything we can do to help you plan a little bit better, we aim to please. i don't have anything at the top so we can go straight to your questions. >> all of the hacking has the administration wrap his head around how are reaching this hack isn't can you say which agencies or how many of them have been breached? >> the scope of the reported cybercontrition is something that continues to be under investigation by the bureau of investigation. they are experts in this field and they are working actively to

understand exactly the scope of this particular intrusion but also to determine who is responsible and to make sure we can take steps that are necessary to hold individuals responsible for this. >> does the administration leak that hackers in china are responsible? >> no conclusions about the attribution of these attacks have been mentioned at this point that his omission this is something that's still under investigation. obviously even parliamentary aspects of an investigation can steer you in one direction or another but there are still a lot of work that needs to be done to get to the bottom of this particular incident. so if and when announcements are made in that regard those are announcements that would come from the fbi in this investigation. >> would be in the administration consider the authority that the president has to sanction overseas company that knowingly benefited from

cyber attacks? >> darling you will recall back in april the president using his executive authority signed an executive order giving the treasury department additional authority to use economic sanctions to punish or hold accountable those who are either responsible for a cyberintrusion or are benefiting from it. this is an example of the president using his executive authority in a way that reflects and demonstrates his comprehension of how significant the cyber risk is right now. the federal government as well as state governments as well as private entities including organizations like yours understand that we are confronting a persistent and dedicated adversary. the thread is ever evolving and it is critically important for us to make sure that our

defensive measures that are intended to prevent these kinds of intrusions reflect.ever evolving risk. >> does what happened suggest in any way that all that the president has done the past two years to engage china and the leadership on the cyberattack or cybersecurity issue but that is failed? >> darling again i can't get into any conclusions that have been reached about who or what country may be responsible for this particular incident. but when it comes to china you all know that the president has frequently including every single meeting he has conducted with the current chinese president raised china's activities in cyberspace is a significant source of concern.

i think this was on display for everybody last year when the department of justice announced the indictment of five chinese military officials for cyber crimes. that is an indication that our law enforcement professionals certainly take a broader cyber threat very seriously and are aware of the threat emanating from china and the president will continue to raise these concerns and ensure that the federal government has the fences that reflects this threat threat. >> does the government understand at this point how the hackers got and? >> at this point for berta these are the kinds of questions that continue to be under investigation by the fbi so i don't have information to share at this point. some of this information or some of the details, these kinds of details are not yet known and

are still under investigation. as soon as these details are starting to emerge from the investigation. what's also true anytime these investigations are being conducted is there are risks associated in making public exactly what our investigators have learned in the reason for that is that we are dealing with a persistent adversary and in some cases the less they know about what we know about what they did the better. so we are circling mindful of that as we talk about this in public. at the same time the federal government has an obligation and this is an obligation we take very seriously, to communicate directly and probably in as much detail as possible with those who may be affected by this particular incident size you know the office of personnel management will begin on monday informing individuals whose information may have been compromised in this particular

incident or its. >> will the government to help individuals exactly what information was compromised or worldview general notification that you may have been breached? how much will people no about what information they have lost by these hackers? >> what we will strive to do is provide as much information as possible and that information will be as detailed and as personalized as possible but obviously we are talking the reports about the scope of this incident are significant. some of these -- to do that but we will be as detailed and specific as possible in providing information to those who may have personally been affected. >> once the fbi gets to the point in its investigation where it has a better sense of what exactly has happened is that they given that there will be attribution or will there be a decision made at that point?

i know in the sony case there was attribution but it was that the exception rather than the rule? >> looking at the cyberincidents that have occurred over the last 18 months or so i think there are a number of things about the sony incident that make it unique and we treat each of these incidents those seriously but also separately because each has their own degree their own degree to which they have an impact on the general public and on the broader policy making process when it comes to ensuring that government resources are sufficiently defended from this kind of threat. we encounter these incidents when they occur and make specific decisions about what aspects of the investigation we are prepared to make public. >> so it's a given that there given that there will be a

tradition in this case. >> that's correct. >> to questions about the hacking. there were apparently some pretty tough ig reports over the last two years that had said specifically that the security at opm in their systems was woefully lacking and i guess i wonder how it is that we have been talking about this issue for so long have allowed the systems to remain unfixed and thus open to this kind of attack attack. and i have a second question. >> okay. i would point out a couple of things. the first is that the federal government and the obama administration takes very seriously the need to defend federal government computer networks from cyberintrusions like this one. the administration takes seriously the need to mitigate those kinds of intrusions if and

when they are detected on the network and we take very seriously as evidenced by the executive order i referred to earlier in everything the briefing the need to have tools to respond appropriately to these kinds of incidents. and when it comes to trying to protect these networks, the department of homeland security does have a specific strategy that relates to both their cbm programs which is the continuous diagnostics and mitigation program. this is essentially software that is shared with a wide variety of government agencies to protect their networks. there also is the einstein program. this is something included in many of your stories last night. einstein isn't it an intrusion detection and prevention system and this is something that the department of homeland security is working with federal agencies to implement. the thing that i can tell you is

there are iterations of this program and as innovations and improvements to the program are made there is the need to implement those upgrades. what i can tell you is the third level the third generation if you will of the einstein program was scheduled to be completed and implemented across government agencies in 2018. that implementation period has been accelerated and now we anticipate what is essentially called einstein theory should be implemented across all federal civilian agencies next year and again that reflects an acceleration of the previously of the previous plans to ensure the necessary measures were in place to protect the federal computer system. one last thing and we will get to your next question which is this. the threat that we face from her ever series is a persistent one

and anytime we are talking about any activity in cyberspace we are talking about activity that is frequently regularly evolving evolving. we have seen our adversaries use innovative techniques and to learn from their previous efforts to try to find vulnerabilities in our system and to exploit them and that means our defenses and those responsible for protecting these systems need to be vigilant about constantly updating and reviewing our security measures to make sure that our computer systems and the data that they hold are safe. >> this is on the same question. that is a general response to a government wide response. can you specifically respond to the fact that there were people telling you guys that specifically opm computer networks were not secured and were inadequate to the past and those changes were made. >> for those specifics i would prefer you to opm to talk about

specific concerns raised by their system but is relevant to this discussion -- the. >> you guys wouldn't have been concerned? >> of course we are concerned about the security and that is why we have taken the steps i referred to earlier. as her release to the details of this one agencies network i would refer you to that agency but has a general matter what is relevant to this discussion is the simple fact that the threat we face is ever evolving and that means our defenses need to be ever evolving so to say that our computer systems and the federal government are at risk is not news. we understand there's a persistent risk out there. this is a risk by the way that is shared by the private sector. all of the computer networks that your organizations are at risk and you have dedicated professionals to do the same thing which is to make sure you are using as much technology as possible and you remain vigilant

about protecting no systems in using defenses that can be regularly updated and modified to reflect the threat environment. [inaudible] >> again i haven't seen the report. my point is even setting the report regardless of what is set aside it is a simple fact that in the 21st century all of the computer networks on which we interact on a daily basis whether it's at work or checking our e-mail or purchasing an airline ticket that there is risk associated with that of those computer networks that we rely on to buy that airline ticket or to do our regular work at the office is conducted on computer networks that are under a persistent threat. we rely on our technological

our technology experts to make sure that we are vigilant about this threat and we have defenses that reflect the persistent and ever evolving threat that's out there. michelle. >> in the past it has been discussed in a general sense regardless of the potential source of how entry was gained. was it through somebody's personal information or was it a hack into the system? whether it was through the front door is cyber experts say or not. can you give us more insight whether it was through the obtaining of legitimate information that they got in or through some other means? >> i don't have detailed information about this specific matter. as unama shallot continues to be under investigation by the at the eye so i don't have any information i can talk about public paid. >> was discovered in april and it's only coming to light now. notification start next week. why would the notification start

so late after discovering at? >> the thing that is important is to understand what the timeline is. based on what we know now this intrusion into the opm system occurred in december. as a result of the ongoing efforts by the opm and agencies across the federal government to update our defenses and update our ability to detect intrusions to bm detected this particular intrusion in april. it wasn't tell me that they were able to determine that some data may have been compromised and potentially exfiltrated. abiding by the best practices that we have urged private sector organizations to adopt we are taking steps to notify those who may have been potentially affected within 30

days of confirming that some of the information was compromised and potentially xl. it. we have worked very hard to live up to the high standard that we have established and that is consistent with what industry experts tell us is a best practice and one that should be implemented both within the public sector but also in the private. how would the administration characterize the risk to the people who were affected tax in the sheet that the opm sent out is that monitoring your credit rating. you see in this threat that they would be looking for broad? even if you can talk in a general sense to pass tax that we think came from a state what do you see the target really being? why would hacks like this want that kind of information that is

again all of these are legitimate questions that the answer to these questions are the kinds of things that are under investigation by the fbi. >> in past cases where it's believed to be a state actor looking for information about employees. in some cases it was obviously corporate was the target and in other cases it was the white house or state department computers. can you give us a general sense what you think such a target would be? >> again as a general matter we know there are a variety of actors that pose a threat. in some cases their state actors and in some cases individuals acting on behalf of states and in some cases these are criminal enterprises. the goals of each of those organizations or individuals is different. in some cases a simple espionage that the foreign government is conducting. we have raised significant concerns about economic espionage that some companies in some states engage in.

this is something -- this is a concern we have certainly raised with the chinese government. in some cases we are talking about raw criminal enterprises. they are individuals looking to steal someone's identity so they can use that information to get money that they otherwise aren't entitled to. so we are very aware of the variety of factors that are out there in the variety of motivations that would prompt these individuals are entities to take action. this is again trying to determine who the individuals were in this case and what their motivation is in this case is something that continues to be investigated by the fbi. >> we heard a former deputy secretary of the homeland of -- departments on the security in the past hour that there is much more we could be doing but we are not doing it. how would you respond to that?

>> i would respond to that by urging all of you to take a look back at the president's schedule over the last four or five months. i think that will give you a clear sense of how focused he has been on this particular issue. you overcall shortly after returning from the holidays that the president rolled out specific cybersecurity legislation that we called on congress to pass. this is information, this is legislation that would make it easier for the private sector to share information about cyber threats. it would establish this national uniform standard for 30-day notification for individuals that may be affected by a cyberintrusion. it would also update the tools that are law enforcement professionals can use to defend our computer networks but also to hold accountable those sorrow -- who are responsible for carrying out these acts. the president mentioned the cybersecurity legislation in his

state of the union address and urged congress to pass it. the thing i would point out since those president -- since the president submitted those key pieces in january and challenge them to pass it in a state of the union address we have seen very little action from congress and the fact of the matter is what we need these these -- what we need is not just improved efforts on the part of the federal government we actually want to see improved coronation between the government and the private sector on these matters. that effort to coordinate requires congressional action and the fact is the united states congress needs to come out of the dark ages and join us in the 21st century to make sure that we have the kinds of defenses that are necessary to protect the modern computer system. we have not seen that kind of action in congress. the president has continued to act and he convened a cybersecurity summit at stanford university and their boy.

this was an opportunity for him to bring together leaders and the public and private sector individuals who are responsible for maintaining corporate networks as well as experts in tech elegy to discuss this issue and to discuss how the public and private sector can work more effectively together to protect the american people and to protect public and private computer networks from this threat are you overcall what he was at the cybersummit the president signed an executive order that would streamline information sharing across the federalere responding to threats that one particular agency may be seeing. you recall at the end of february the president began again take executive action to create the cyber-- cyber threats integration center. this is an interagency working group modeled on the national counterterrorism center. the idea behind this is essentially there are a friday of a permanent agency some of them law enforcement agencies

that are responsible for responding to these kinds of incidents and by making sure they are representatives of those organizations at the table we can make sure information is shared among agencies and their responses can be more efficient and necessary steps can be taken more quickly and as i mentioned in response to darlings question in april the president signed an executive order authorizing the department of the treasury to use financial sanctions to hold accountable those individuals who may have perpetrated a particular incident or may benefit from it. the fact is the president has been focused on this and taken a number of steps to demonstrate how seriously he takes this issue but we haven't seen congress do a single thing. the fact is this is a serious matter. does pose a significant threat not just to the american people but also to our national security and to our economy.

the president has done a lot of the hard work here. his team is written on -- legislation. hopefully the news of this particular incident and the seriousness with which it is being treated not just by the administration but by the news media will prompt a rare congressional action. mark. >> the einstein program you were talking about the acceleration describe, without interaction to this specific incident? >> this is something that dh as officials recently concluded that they could do that essentially they have this longer term. for trying to implement the software across federal civilian agencies and they recognize there's there is a need to accelerate this implementation. [inaudible] >> i would say in recent months. >> has it been concluded that this einsein iii .0 if that is what it is but that have

stopped this intrusion or caught this intrusion? >> again we are trying to determine exact way the scope of this particular intrusion and how precisely some individual or group of individuals was able to obtain access to the system so it's too early to say exactly what impact the system would have had. but there is no denying that making sure that we have cutting-edge technology to reflect the evolving threat that we see in cyberspace is critically important to the safety and security of our computer networks and that is why it's being deployed bates one more question if i may. would you describe that dep and some of the other steps we have talked about as being reactive closing the barn door. are we ever going to get to the point where we are at a the curve on this? >> i think that's a good question and there are a couple of ways you can do that. this may seem like it to react

if step but it's a way for us to be proactive in responding to this threat and its in some ways a good illustration of what we face. because our adversaries out there are so persistent and frankly very innovative the one thing that we know that we can do better experts say would greatly enhance not just be government's computer networks but also private sector networks is to improve information sharing. what we see his as computer hackers will use the same kind of technique to exploit a wide variety of computer system so if we can get to a situation where if one particular company recognizes this particular specific kind of intrusion or a strategy being adopted by an adversary to try to penetrate the computer networks rapidly sharing that information across the federal government and throughout the private sector can make sure that all these other agencies and all these other companies are oriented to respond to that particular threat so in some ways that is responding quickly to one particular incident that it is a

way for us to allow a wide variety of networks to get ahead of the curve in trying to prevent incursion of their network data problem is that in order to facilitate that kind of information sharing between the private sector and the federal government including law enforcement authorities requires an act of congress and we have not seen congress take that step. but again we are hopeful that an incident like this might prompt some rare congressional action in this field. >> there has been some speculation that this is a different kind of cyber attack that this is an attack that involves simply information gathering perhaps not for criminal activity. what is the current analysis from the white house and the intelligence agencies about what they might be looking for? what do americans know about

what the bottom line is that the end of this if they are just gathering information about us? >> trying to determine who was responsible and what their motivation may have been a something that is still being looked at by the fbi so i wouldn't speculate at this point what exactly that is. what i can tell you though is that regardless of who it is and regardless of what their ultimate aim is the administration takes this very seriously and recognizes it as a threat to our national security and aid potential threat to our economy but certainly some risk that is being put upon, a significant number of current and former federal government employees and we take this very seriously and i think that's why you have seen such a serious response from the federal government in reaction to it. >> you don't know or can't say this point let me be at the end of the line if they are just

gathering personal information not to steal amenities or use it in a criminal way, what they would be looking for. why would they be wanting to have this huge database of names and addresses and social security numbers and other things? >> at this point we are still trying to assess who exactly was responsible for this sense it and what their motivation may have been. it's possible they are not guaranteed as this investigation progresses and as we are able to settle on some more information about the identity of these individuals and their motivation we might be a would share that with the public but there's nothing i can promise at this point. ..

>> >> that there were direct

links to china. i am understanding is that no longer true? >> this is an incident that continues to be under investigation by the fbi that includes to get to the bottom of was responsible for this incident. and is it just a criminal enterprise, acting alone? in support of a foreign government? injuries that conclusion. and even if the conclusion is reached through is responsible like cannot guarantee law enforcement professionals will make that information public with the investigation. >> but given strong suspicions this officials indicated but what i can

provide to you that i can barely tell you that the fbi is conducting an investigation for who was responsible. >> looking at the finger-pointing at the united states. can you respond? >>. >> with the amendments with the people as cannabis will for children with seizures. this is supported by a state legal -- legislatures that have legalized it or people are moving their family to places like colorado but

zero pursuing? but we could look into that for years. >> another issue trying to get a budget deal. if the white house has clarity of their willing to do something they did on the dock it to come up with a solution to the sequester that deals with entitlements in the future and does not include a tax increase. that would be acceptable as a negotiation to go forward on the budget?

to read we have long been clear any sort of effort to retry to protect our fiscal situation since obama to office to reduce of a deficit by nearly two-thirds. that is more than a variety of steps the administration is taking that you work with congress to achieve. into responsibly drive down those from iraq and afghanistan. and with fiscal responsibility even in the midst of a lot of economic turmoil to be in a situation where we both prevent us

second to depression the longest uninterrupted streak as a result with 63 consecutive months while also reducing our deficits by a two-thirds. as a testament to the leadership but what we have urged congress to do is to consider a bipartisan agreement that would allow us to make necessary investments and in programs to our community. with the kinds of budget proposals from congress in both of those areas. and that they would actually use accounting gimmicks to try to get around to the

sequestered of its previously imposed. the president has advocated a balanced approach not asking the middle class for -- middle-class families to bear the entire weight. we continue to be confident they're republicans and democrats can sit down together on capitol hill to reach a bipartisan agreement with the best interests of our economy and i suspect they could find. >> that is a model you want to have those taxes on the wealthy? are there other ways to envision. >> give the speaker says

this is a deal breaker? i would ask what position then would he take to admit the budget legislation? we have seen that early indications with a house appropriations committee to toledo that they cannot pass that specific appropriation bill level at that level might even with committees that are dominated by republicans how will they ever get 50 votes? they can. it is in just a president's preference but it will be necessary for them to sit down together to figure out funding levels of the best interest of our economy and national security. speaker boehner has said this approach already that was you just a couple years

ago when led by i paul ryan and chairman marie we hope a strategy can be dissolved -- evolved to works record on think attacks the increase was with that but i could be wrong. but what we have said that is the model that should be pursued. nice to see you end. >> what about the deadline? >> we have been clear over the course of a year-and-a-half united states and our partners and then netted nations security council have been negotiating with iran to find a diplomatic solution to obtain a nuclear weapon and. what we have said is after a year-and-a-half or to years

by june 30th we should reach an agreement. what is also true is at the end of april, at the end of march the deadline for the political agreement it took an extra day or two to move it across the finish line but we do regard june 30th as a firm deadline. >> but did the west government tried to turn the taliban five into intelligence assets? >> 1/2 to with met you i am surprised you ask because those intelligence matters and not something i frequently discuss from here so there is little that i can say about that estimate tonight asking for details but is there another element that made him think it could be worth it despite the political heat? >> that this is something i can discuss from here. >> being a threat to national-security and the

adversary for computer trading but given all of that doesn't make sense for them to have a private server? ltd. is a creative way to inject that line of questioning into the discussion. [laughter] that is a complement. not a criticism. but i am not qualified to render judge rand about what sort of vulnerability that may have created that those that have sufficient technical capabilities to render judgment. >> that is just the last 40 minutes with those adversaries to they have a private server? >> is a threat faced by the federal government computer networks, the state governments, and also the private sector computer networks.

and with their computer networks and retake that risk very seriously does the president considers china to be an adversary? i will be clear and i cannot isil airman not be responsible as a general matter we have concerns about chided and individuals acting on behalf that has resulted in our law enforcement professionals deciding to indict five chinese military officers because of their conduct in cyberspace'' even in

economic espionage period we do have legitimate concerns about the way china has acted in this regard. >>. >> being talked about corporation to work together very still planning for a state visit this year? >> yes of course, there is always a they have worked with united states to protect national security interests like our partners are conducting negotiations is that does include china with p5+1 and trying to prevent iran from getting nuclear weapons through a the diplomacy but we have

concerns to behavior but we need to cooperate. >> you talk about the timeline with the first infiltration took place by may there was the infiltration. but is there a breach from those perpetrators from multiple attempts or a long period of time to determine what had been taken? >> so much of this continues to be under investigation and that based on but we know now this individual and treated on the system well we were in the process to update the process of the

network in april we detected that intrusion to determine some of the data may potentially have been infiltrated and in response to that we have taken the steps that were announced last night to notify individuals that had been affected. >> i would not rule out to determine the scope what that adversary may have done any different of practices based on once you were aware of the breach with the itc jury? >> as a general matter the i t professionals here worked very hard pursuant to the up executive order so they are

efficient and a sharing information to be oriented to the threats that are out there i don't have specific steps to share about measures taken in response to this threat but certainly our security professionals are aware to make sure it does not have been again that what said require the villages of national security for those for it to revise that ever reflected threat that we face.

>> whenever those circumstances is given that amount of attention could that be something that day identify publicly so the american people would know. >> for a couple of reasons the first is that those that conduct the investigation may determine so what they have learned about to determine they don't want your talk extensively about who is responsible. and we will try to do this. >> to talk about congress?

ltd. is too early to determine what precisely would have prevented this particular cyberintrusion. it is beyond argument that these three pieces of legislation that they sent to congress five months ago would significantly improve the cybersecurity of of the united states not just the federal government with the ability to protect there is legislative action that would be required with that information sharing you could see between of the private sector to mandate a

30 day national standard to make sure lot enforcement needs the tools they need for those that try to infiltrate them. >> with the informational was taken. >> what i can tell you is the office of personnel management with the personally identifiable information both current and former federal employee -- employees for exactly what may have been infiltrated but given the information with this particular intrusion.

>> to be a breach john the question was security clearance invigoration for rub was compromised? >> the precise scope of this particular activity is under investigation. to tell you a whole lot of detail. the we are aware that this breach may have resulted in a substantial amount of data to be exfiltrated and we are concerned about that. what exact data may have been to give you some more details but i don't think they could speak with any precision about the amount

or specifics. >> what role does the government play? civic it applies to employees but confirmed that with a 0:00 p.m. >> pie is there any idea of how long it could reach in and inclusion with the perpetrators of this? >> check with the fbi who conducts the tie line. >> is einstein to considered obsolete and what is the shelf life of einstein? [laughter] >> i don't have information about this particular intrusion the edge of

fermenta of homeland security with the einstein system useful with those mitigating intrusions' but in this particular instance so well lead to this particular incident. so was still provided stable protection. when our national security professionals are committed to is to make sure we are capitalizing on every innovation out there and spread it as wisely as possible with the best possible protection into

excel a rate that timeline for einstein three. >> but in the morning what are the president's thoughts with the eulogy to be a somber thank? >> i have not had the opportunity to talk to the president specifically but as said general matter over the last seven or eight years the obama family has grown close to the blighted family and the president did have a personal relationship with beau biden and the

statement that we issued shortly after his passing he felt a very personal way of his loss. in hand while his family is sad and i beau biden dash he is looking forward to celebrating his life. he was a remarkable individual to talking a personal way of his knowledge of character about the way they fell about his country. to make for a pretty powerful morning tomorrow morning. >> celebrations are an india

as it makes from india. and also the west. little have any recent presidential conversations to share with you but so to further intensify the relations between my two countries. senator -- her secretary carter was an india that reflects the depth of the relationship so many that are related to how we can expand economic opportunity. there is a way to deepen the cooperation that he was in in india earlier this week.

>> key has a new ambassador that of course, both of them said make the relations in my question is is it any messages? >> no. i am not aware of the specific messages but the fact of secretary carter's trip is a clear indication of national security priority the president has but - - placed from the united states and india.

>> before those two countries the ambassadors play a big role in the relations between the two countries. >> that job was taken shortly before the president backing n.j. period we are pleased by the working in short period of time to strengthen relations to be a very effective advocate and

afterwards the family will return to washington d.c. and then the president of travel to munich terminate. in to participate arms are a on the sun bear already have my days confused. sunday morning the president will arrive in injury to participate in the event to be with him deliver a call to cathy opportunity to meet with residents to make about the german alliance said they will have the bilateral meeting to review global issues and then the president will participate in the arrival ceremony than the g-7 meeting on the

global economy followed by trade. following bill's working sessions will join by a family photo and then followed by g7 leaders on never read it -- while foreign and security issues. on monday on energy and climate with the of reached last on terrorism for perot and day iraqi prime minister plans to be in the session and then the president will be in a family photo and attend a working lunch and then hold a news conference in germany before richard gephardt to washington d.c. and will arrive at an:00 p.m. monday evening a world win trip. the catholic hospital association conference and will discuss what health care reform has meant to

millions of americans with affordable coverage joshes but in terms of there rights and protections for all consumers with the quality of care and the impact on the economy as a whole with president is scheduled to deliver on wednesday afternoon. i can tell you the president does not plan to travel outside of the washington area. are on thursday that he is ready with readings on staff and also working on the eulogy tamara. >> will he say his weekly address question mark not at this point but we will try to get that edit is embargoed until tomorrow.

>> this country needs a dish of if you look anywhere in the country what is missing

at the federal level is leadership they can trust. people who can show they have a record to work across the aisle to get things done. sows to have the blessing in my professional life to spend half of my time in public service and doing other things to work for myself and to believe very strongly we need to create a new environment in washington with leaders who can talk across the aisle.

[inaudible conversations] [inaudible conversations]

[inaudible] '' committed in will come to order with he and peres says the target of unauthorized service prejudged to 100,000 in taxpayer accounts. printer stand over 100,000

were successful with cyberperils from the agencies to get a transcript and in dealing with their breeches said the committee stands alone with the internal revenue code of the irs and wide-ranging abilities to conduct investigations with individual taxpayer information while it raised questions in the past that it prioritizes is spending today's hearing is about how criminals stole vast amounts of taxpayer information and those regarding the funding levels until we have the complete understanding what had occurred. before we return to the technological issues focus on the victim's. because of this breach criminals to get personal information about roughly

104,000 taxpayers including social security numbers numbers, bank account numbers and other sensitive information. these taxpayers and their families must begin the long and difficult process to repair their reputation with the knowledge that the thieves stole their data will use it to perpetuate further fraud against them. mr. koskinen has failed us taxpayers it is of the of most importance to find out who was behind the breach and how would occurred and what steps the irs might have taken to prevent it and what was compromised and how this could affect the taxpayer's going forward but to catch those cybercriminals to prevent this from being a successful

in the future. we must pledge to work together to make sure this is not happen again. the secure movement of but unfortunately ceramic qc it in the headlines and -- every week to the have the but the irs is not and never will be except and but to think it could be more quickly targeted. it stores information every taxpayer from individuals to large organizations and from

mom and pop businesses to multinational corporations. it matters say great deal to have a central challenge with the taxpayer information is of a the highest importance for fraud and it ended a half-day and the tax fraud costing taxpayers billions of dollars every year. once a joker's it could take months for a taxpayer to mitigate the damage. with that stolen identity by refund fraud to launch investigations and to request information and documents from the largest tax return preparers were from the data card companies. and to consider policy changes also from the

working groups into weighing in on those matters in the near future. i welcome our witnesses today and i asked commissioner mr. koskinen and inspector general george. earlier this chairman first welcome to before the committee i hope to be the beginning of a new chapter of a lot of historic chapter between the irs in the senate finance committee. i said because the issues are too great to be anything but open and honest and productive but today's topic is a great example of why that is so importuned. cyberthreats will only continue to grow. but to figure out what has really happened and how they

could prevent another successful attack in the future. with those investigations with a criminal investigation to be sensitive to these investigations for the witnesses and dennis zine of those limitations as fully and candidly as possible. from there i will turn to senator widen for his remarks ; forward to working with you and all other colleagues in a bipartisan concern for this committee. >> three months ago the finance committee met in a hearing with the updated --

with the latest scams plinking taxpayers. and i said then that that wave of attacks sure looks to me like organized crime. today after 104,000 tax returns that appears to be a sophisticated organized crime syndicate. if it continues to spiral with hackers targeting federal agencies including my own and private companies to steal money and a data. one report from the department of common security says the computer systems, under attack hundreds of times a day, and tens of thousands of times per year. the investigation of the stolen tax returns is ongoing as of this morning but once again it seems the

thieves are a step ahead of the authority to have access to a enormous amounts of data said that is set for purchase with the internet shadowy corners. the rip-off artist mused that day dash to slip past the security filters so it is my view it is fair to say once again that this conduct fits the definition of organized crime. the thieves to steal taxpayer information wipeout of the lifesaving this to leave them in financial ruin. they could falsified tax returns further down the road to take out huge fraudulent student loans.

and on a bigger scale the of money stolen in the cybercrime wave could be funneled into a war criminal activity. it could you -- be used in war zones or to find acts of terror without being traced. just like the white house department of defense was targeted in the past, it is an attack on the security of americans. but to protect taxpayers from the onslaught of cyber crime of the 21st century i t system. is in just a question of resources in a survey not a lack of commitment also a question of expertise with the of paper forms long ago.

federal agencies need to tap bin with those who served tens of millions of users. this expertise will allow the iris of the pitfalls of the past to be the 21st century i t system to protect taxpayer privacy is projects that hackers it to fund the of government as efficiently as possible. with the system is in place it can step but to provide the funds necessary to manage that effectively. legislators for that to be / like cyberattacks but it has been shrinking for years. with the modern cybercriminals but that is

what the irs is stock with those resources with the taxpayer to mount the strongest possible fight if the irish had access to the data on the 1099 forms it would be much easier to catch fraudulent returns early to save taxpayers the nightmare of of our early refund. but to add an extra level of security to expand the probe -- the program for taxpayers to use when they file an amended to become a victim of fraud they should get more help but to beef up the cybersecurity because of the

technology expertise but it is my hope the hearing was set aside the politics of these issues of fresh ideas how to best protect our taxpayer. i look forward to working with your. >> irs commissioner -- commissioner koskinen serving as the head of the irs says december 2013 with the private sector experience can confront the many challenges at a irs. i have confidence in commissioner koskinen. thanks for being with us today. in real introduce the second witness as well.

inspector general george from the treasury inspector general for that tax administration has been serving since 2004 and has extensive public sector experience including working from the house of representatives on their reform and oversight program for a great deal of respect for you also and for being here today. and we will start with you commissioner koskinen please keep your remarks within five minutes because maple have questions. >> thank you for the opportunity to appear before you with the unauthorized attempts to provide taxpayer data with the online application. it is a top priority for a

day irs as a result of decreased funding over the past few years we continue to devote time and attention to this challenge. at the same time criminals can gather to make protecting taxpayers to be challenging and difficult. in the application data approximately 200,000 taxpayer accounts. with the sophisticated nature of the attempts made making crucial information already obtained from sources outside the irs. it should be noted these attempts to a gather this information did not attempt to gain information from the main systems that handle tax filings for pro the system remains secure such as where

is my refund. but they must go to the multi step authentication and process. they must submit personal information such as data birth, filing status and address. but to contain the confirmation code and the taxpayer must respond to several questions to elicit information only the taxpayer would no such as the amount of the monthly mortgage or a car payment for brothers never security team noticed unusual activity on that application. we thought it was said denial of service for the attackers tried to disruption of normal function for pro they have question mark the times to get the application.

of the 100,000 successful attempts only 13,000 possibly fraudulent returns were filed for which they issued refunds and those ever filed by actual tax payers with froze it -- with identities but to be protected against fraud in the future to mark the accounts to prevent someone else from filing a tax return in their name and 2016. letters have already gone out to the taxpayers use information was successfully obtained by the third-party. we have credit monitoring and also the opportunity to obtain personal identification number to

further safeguard the irs accounts also those that were not accessed those from outside paid the irs and social security numbers and others who want them to take steps to safeguard the data. it is also taking down to make it more secure the rendering and accessible for the taxpayers. the problem to use stolen information is not new. between 2010 and george p5+1 since then we have made steady progress rate -- against fraudulent refund claims over the past years almost a thousand individuals were convicted in connection with refund fraud.

that is you try dignity theft and we have been able to stop more suspicious returns at the door. our filter stopped almost afraid million suspicious returns an increase of over 700,000 from the year before. but for that reason recent leave with the apparel industry's with the cooperative efforts of the past to leverage up personal private partnership in the expected until shortly. with the budget request to provide for $101 million specifically devoted to identity theft and as noted dickey of legislative request is the proposal of the filing dates generating

the your from what is reported to identify fraudulent returns to route identified refined fraud. this concludes my statement now be happy to answer your questions. >> thank you. thank you for the opportunity to discuss the data breach at the irs. may 26 the irs allows criminals had to use taxpayer specific data from i.r.a. sources to gain unauthorized access to information on 100,000 tax accounts in the office of investigation continues to investigate the incident but according to reports

received from the irs and individuals to clear the authentication process with the required knowledge of prior information including social security numbers with the tax filing status as well as personal identity verification questions that only the tax payer would no. and to face the irs for the fiscal year 2011. we have an audited under way for authenticating taxpayers at the time with the irs services. to increase the availability on the internet with a

weakening of controls to authenticate access in personal data. the risk of this tax account will continue to grow as the irs focuses the effort is to deliver the interactive on-line tools. but more avenues also means more opportunities for exploitation by hackers and greater risk with those areas that the irs could better protect taxpayer data in for example, we found they had not always applied hybris computer security of grades and profound is irresponsible to redress cyberattacks is not monitoring a significant percentage that put said and

applications times. it is continuously under attack from under personal gain and in various ways they use to your perpetrate them to require constant monitoring by the irs. that impact tax administration to follow identity theft and then to protect the i t advisers from the ever changing devolving technology. this is a stark reminder even security controls adequate enough up past can be susceptible to those who have vast amounts of personal data.

to be even more vigilant with confidentiality with the taxpayer data and taxpayers could be exposed to the laws of privacy resulting from identity theft. we're committed to the mission to assure the tax of ministrations system to prevent or detect or of waste fraud and abuse of the irs effort is to effectively protect taxpayer data and investigate any instance attempts to corrupt or interfere with the tax administration. chairman hatch thank you for the opportunity to share my view. >> shakier. let me start with you inspector general george. in your written testimony you said the taxpayer data

is the top concern facing the irs as you have stated that despite your concerns the irs has not implemented many recommendations but having strengthens the i t security. but as of march 2015 and has implemented the audit recommendations fit security summer more than three years all. beyond that had the ed disagreement of the i t security. if the irs had fully implemented the recommendations with the recent attacks with the transcript to be successful. >> at this stage i cannot give your definitive answer as to whether or not it would have been possible.

if they implemented all of the recommendations that i made. >> given your testimony those to perpetuate tax fraud but a dear to the theft of personal information from agency 100,000 new entities on the international black market as many as 13,000 new partial returns have been found that costs the taxpayers $39 million when it comes to return to the theft and tax fraud i don't think we can adopt the pay and chase mentality for coastal and indignities are significant problem for perot bet not that your agency can solve on its own. what it can is that the

criminals use this stolen information. news reports indicate the recent irs may have been in russia. with large numbers of refunds were shifted to bulgaria in china. can either of you tell the committee what more could be done to stop the thieves from home and abroad? do you feel we have the cooperation of the justice department and others to stop these perpetrators? >> as noted increasingly complicated challenge i would just note that there are not 104th and newest:the kennedys that was

before but what is available now is for the transcripts that our more detailed to go along with the stolen identities. there are breaches across the private sector and the economy has all data is collected by criminals who have a database that exceed so as the inspector general says it is the increasingly complicated challenge what worked one year ago may not work today's you continually have to attack that problem we work closely with the inspector general and value their airport -- 7.and we ask them of the fet system going forward but in response we've looked at that in terms of the suggestions made of the improvements to make the all of the reports is security

with regard to the basic data base. but those did not deal with that authentication of the web site. the problem with the process it is the good security mechanism used by others as the inspector general says to be overtaken by events. >> with the federal treasury from abroad to give adequate cooperation from governments? >> and then a criminal investigation though most 2000 people are in jail and is the problem that with increasing number of the attacks are coming from eastern europe and asia to

track those people down is much more difficult we don't get a lot of cooperation. >> data hearing last month i pointed out the increased sophistication of those involved of the taxpayer identity after looks like more organized crime. i interesting and to harass and stated that most taxpayers have to involve as organized crime and also at involves a double to attempt to access taxpayer records. i know that the latest is ongoing but from what i have seen thus far, it sure looks like this attack was undertaken by the organized crime syndicate that already had access to enormous amounts of data of the u.s.

taxpayers. would you agree? >> i would. there is the unimaginable amount of data as a result of breaches' across the economy in which it said tickets around the world and the battle is becoming increasingly more difficult for everyone in the private sector and this event is a shot across the brow to remind people of the nature is the enemy. >> given that you agreed with my description you would describe your challenge to make sure you were in a position so you can stay ahead of these increasingly.

>> we reach an understanding to protect so let's talk about the game plan you would have to have. the sophistication of the organized crime syndicates when you close one door their vote for the next. so we will try the people who have the air and experience but with the upgrading, the irs. >> ben most of the significant points. it is the small number that authorized with this

technology is streamlined and it would work 14 years in the have two very senior sophisticated i t people that we cannot higher because we didn't go through the process but the nasa program runs off with a cybersecurity unit is critical. it is a critical pay authorities so that is for the small number of people who will be a world-class experts and though me to do with technology but security. >> what does this committee made to do to indicate if you want a bipartisan basis? what does this committee need to do to make the grade

to work on this together it isn't an issue of a political overtone but faces every company in this country still mccann to do ted w. two's earlier to allow us to be more effective with the identity theft that in fact we could just the way social security the embers are produced it would help us if they are not fraudulent. there is legislature supporting issues. >> and also we're running the antiquated system that is 50 years old or in some cases they cannot even provide a patch for all the of grades and some don't have them because they no

longer support it. we obviously do need to figure out what it takes to make sure the system is able to be protected. >> thank you. it is clear to amy if you have fire chief of the dark ages you cannot stay on top for crime committed to working with you and also mentioning therein is is very good people and the technology sector to run major tech firms i think could be available. so we're committed to make sure you were understand there is a bipartisan effort >> first of all, thank you for coming and for this conversation and the reason is the personal private tax information of over 100,000 taxpayers is deeply concerned because it is based on the proposition of

voluntary compliance of privacy. so i'm asking about a letter asking a number of questions related to radiator breach -- dave darr breech. this would shed light if the irs never considers a security risk prior to is to gain the skip on-line service my letter asks you pride a response by june 4th and it was sent last week. some examples of what we are concerned about is whether or not you have a risk assessment plan and a mitigation plan so some of the documents i am asking for. to you have any idea where my request stands and can

you fully respond to my letter by june the fourth? if not when to expect i could get a response? >> that is a good question. as i said pretreat darr -- letters from the help very seriously. they are a high priority sometimes there's a lot of data but our goal is not to delay any longer than we can. the amount of information probably not the end of this week but we could likely by next we can there is say but the program that is in the process that will be 40 or 50 and that is interesting to read about those challenges and that this

woman in a new application was put up but it is important question, not only to have mitigation plans but to monitor as rigo for word, what is going on? where are the attacks coming from? mosquitos checking to see weird day are. >> but we have the vote with senator grassley and i will try to get back by then. >> so in that order. >> i think they're heard you say you would fall they

respond baby not by june 4th but next week. thank you. >> the it is very important as far as i am concerned today office to vibrate the security measures but mr. grassley we did take a look at the early program and at that time there were limitations that we believe were implemented and a subsequent version we have not taken of a cat. but the irs failed to notify

specific but when it initially began? >> the last filing season their 238 million downloads with the application so it is a huge volume now reno to go back through the logs we have locked every transaction and there were shrouded under the issues volume of request going out. in the filing season ended i think what happened is the volume dropped but at that time the legitimate request had gone up and the activity became physical to a us sprint are not people expected that but that is from midday when we noticed.

but in fact, those unauthorized attempts to access the data as soon as they found that out we notified the hill and i am delighted we could identify 104,000 taxpayers. >> my time is up but i will submit to questions with answers in writing. thank you spirit thank you. it is great to see you both. we appreciate your service to our country per car want to start off with commissioner koskinen talking about what the irs is doing to reach out those two of whose information may have been put then the data

was released and we regret the separate attack took place in the understand it is a germanic it as to believe victims of the agenda the fraud so even while we tried to get to the bottom of it to identify the worst the information had gone out the goal is to that notice as clear of the by

the rehab completed the report to offer credit protection also offering the authenticate themselves for the individual protection to give them even further security as they go forward. we have done everything we can and as quickly as we can because it is important to have that information. >> the letters are all in the mail. to the one hegira 4,000 not to those where no data was a skilled but they need to be identified that criminals have access to their personal information. >> for their phone numbers people can call to get further assurances? >> as you know, it is and

does good as you like it to be so we suggest you post on the web site if they have questions and yuri had some people show up to the taxpayers center and they provided assistance as well. >> i've always said iran iran with other people smarter than me for my success in life. but i want to talk about the issue to streamline critical and to answer for the record if we were to restore this program in 2015 to fully restore this program what is the cost on the annual basis compared with the cost of this breach as we attempt to aspire you don't have to

reanalysis on the top of your head what type of trend on the investment? >> the inspector general it appears the cost of the government is for $500,000 per year because that pay increase deferential is relatively modest. some are paid as -- lower than former's but to save the 13 million returns good to have hots but the return on investment is significant they had a 90 program -- the program will loss of analytics people. >> can you give me that?

for the record. >> to the extent that we could we did find was operated successfully and was justified. >> outside help. you have the other agencies to be of assistance to the irs and department of homeland security? and is one other agency should be doing. >> i met with the savagery of komen security that provided technical expertise even with the denial of service to rural the inspector general. and what they provide is updated information across the spectrum so there is a good working relationship

with agencies under attack to see the patterns and what can we learn from each other ? >> thank you mr. commissioner and inspector general. i found other possibilities for the data breach. when i filed my taxes i had overpaid and it don't have electronic transfer to a debate because i will not share that with the irs or anybody else alive received it in the paper check. was surprised me there is also a flier from the consumer financial protection bureau that has the power to impose and reporting requirements on personal information. people love worried about

the national security administration they should worry about them. they get all of our data all the time that is a possibility for a security breach. ill-fated goes to the i.r.a. rest through the consumer protection financial bureau especially since it is funded through non appropriated funds from the reserve system's earnings before it ever gets to the general fund and a question for the appropriate use taxpayer dollars to advertise cfpp as a kid by including in the mailing with a tax refund. and as a cfpb is supposed to be a independent air organization of the treasury department should solicit information on their behalf. i appreciate answers in note

the need to be more detail about what did they rely on to include that information and what agency paid to print to had the respect all the boundaries and could hackers get data from the consumer financial protection bureau used with the irs with that department mr. commissioner i will put those in more detail but the best chance to get an answer is right now. >> first i should make a correction is 13,000 returns but previously he said

30 million bereaved often provide information that could be of interest to them but we do not share under the protection of taxpayer data and there is the specific statutory authorization and i would be happy to get you details. band for their assistance in ways that may be helpful. we're not asking them to provide additional information but we will get you more detailed information. so if you send me a note i would get you the answer back quickly. >> will be asking questions because there is the cost to put something in the

envelope. even the unlaces prepares for preying on those uninformed taxpayers i did not see that but that is the possibility where people get that information. to what degree is the irs working through a limit that fraudulent tax payer returned? >> reminder tax preparers preparers, we monitor them and we are concerned about not only criminal tax prepares but we've requested legislation that allow us to have minimum qualifications if you go into immigrant communities people will advertise the you will get you a big refund whether you are entitled or not.

tuesday extend to every have a but then to monitor a fraudulent returns. >> i appreciate you being here paul have to put us into temporary recess. [laughter] [inaudible conversations] i might as well as give a couple of questions. the senator from kansas? >> thank you for coming in to come up with some answers

just the day coming back from washington on an airplane from kansas in that with the irs. i respond to what he thought was his concern to target those conservative groups to say no no-no. to said rehabed a breach of a cyberattack and one of was that all about? i said we don't know yet but we will have a hearing and we can try to get to the bottom but we do know it is a half her probably from russia or the russian mafia.

and he just looked at me. i don't have more to say. this so this rendered him speechless and i think a lot of people are in the same go. is up paradox of the burmese irony. but just prior to the beach -- a breach just weeks ago how safe the data was contained in that transcript system and that was now with the agency's inspector general said gao reported

adding it is unnecessary full verbal to inappropriate and the detective reviews''. and i agree with senator biden with those that perhaps that right now it looks like real the using of war so ted hughes this latest breach to win the fight. so to have the tools and mindset if it is even capable and i am very concerned to pushout programs that was pushed out some time ago to overtake then need to safeguard taxpayer information.

sova tuesday honorable commissioner koskinen, to what extent you partner with the private sector on data security? you needed the additional flexibility to work with outside experts to have access to address the privacy. >> we have various elements with the great working relationship with institutions to pull together a security summit of the major tax preparers and i said the meeting is a free to tell you what to do but but a partnership to work together how the three of us and how the service

can work together and we expect next week for what we will do for the next filing season. but you take of look on a long-term basis what we've made - - what we need to do but private sector coated they needed level playing field so to come up with our requirements with the sharing of data or that implementation we are the only ones that can acquire that across the board iran and will do that if necessary but it does a wonderful working relationship. >> my time is running out. but i understand the irs has shut down the transcript program.

but in looking at this program. >> we do not have a definitive answer at this time in then to do access that did not bassist so to make the change between the access and security. . .