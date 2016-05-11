By Dustin Volz
| WASHINGTON
WASHINGTON May 11 The U.S. House of
Representatives' information technology team has blocked the
congressional chamber from accessing software applications
hosted on a Google cloud service in an attempt to prevent
possible hacking campaigns against lawmakers and their staff,
according to two congressional sources.
The move came just days after Yahoo Mail was also
blacklisted due to fears of ransomware infiltration.
The two restrictions, which have hampered some internal
communications in the lower chamber of Congress, have both been
implemented within the past two weeks and are still in place.
The episodes are not believed to be related, the sources said.
Devices connected to the House's Internet via Wi-Fi or
Ethernet cables have been barred from accessing the apps hosted
by Google's developer platform after the FBI notified Congress
of a potential security vulnerability, the sources said.
"We began blocking appspot.com on May 3 in response to
indicators that appspot.com was potentially still hosting a
remote access trojan named BLT that has been there since June
2015," one of the sources, a House staffer with direct knowledge
of the situation, told Reuters.
Google declined to comment. The FBI has so far not
responded to a request for a comment.
The FBI sent an advisory to private industry in June 2015
about a number of remote access tools capable of stealing
personally identifiable information, including a trojan file
named BLT found on Google appspot domains.
Ted Henderson, a former House employee, said two
Google-hosted apps he created specifically for use by
congressional staffers to discuss politics and share alerts on
votes are now effectively banned on their work network.
The disabling of appspot.com occurred after the House
Information Security Office sent an advisory email to lawmakers
and staffers on April 30 warning of increased phishing attacks
on the House network from third party, web-based mail
applications including Yahoo Mail and Gmail.
"The attacks are focused on putting 'ransomware' on users'
computers," the email, seen by Reuters, states. It added that
the primary focus of the attackers appeared to be Yahoo Mail,
which was being blocked on the network "until further notice."
Two individuals fell victim to ransomware by clicking on
infected Word document email attachments, sources familiar with
the hacking said. The infected files were able to be recovered
without paying any ransom, the sources said.
Ransomware attacks, which involve accessing a computer or
network's files and encrypting them until a ransom is paid by
the victim, have grown more severe and common in recent years.
Yahoo is working closely with the House to resolve
the matter, a company spokesperson said.
(Reporting by Dustin Volz; Editing by Phil Berlowitz)