Google-Hosted Apps Blocked by House Amidst Security Concerns

According to two congressional sources, the information technology team of the US House of Representatives has blocked the lawmakers from gaining access to software applications that are hosted on a Google cloud service on Wednesday for the purpose of preventing possible hacking campaigns. The House authorities had already blacklisted Yahoo Mail because of fears of ransomware infiltration and now Google is next on the list. Some internal communications that occur in the lower chamber have been hampered due to these two restrictions that were implemented in the last two weeks and are still in effect. Nonetheless, the sources clarified that they didn’t believe the episodes were connected.

Devices that use Ethernet cables or Wi-Fi for connecting to the House’s internet are blocked from accessing the domain where custom-built apps are hosted by Google called appspot.com. The sources stated that this block was implemented after the Congress had been warned by the FBI of a potential security vulnerability. A House staffer was one of the sources and had direct knowledge of the situation. He said that appspot had been blocked on May 3rd when indicators had come to light that a remote access Trojan called BLT was still being hosted by appspot.com and has been there from June 2015.

A spokesman for Google said that the company was conducting an investigation over the restrictions and would be cooperating with the House for dealing with the issue properly. So far, the FBI has not commented on the situation. In June 2015, an advisory had been sent by the FBI to private industry concerning several remote access tools that had the capability of stealing personally identifiable information, which included a Trojan file called BLT that was found on the appspot.com domain of Google.

A former employee of the House, Ted Henderson, said that two Google-hosted apps, which he had specifically created for the use of congressional staffers for sharing alerts on votes and discussing politics have been effectively banned from the work network right now. On April 30th, the House Information Security Office had sent an email to lawmakers and staffers to warn them about increased phishing attacks on the House network from web-based applications like Gmail and Yahoo Mail and third parties. Shortly after, appspot.com was disabled. The email said that the attacks were conducted for installing ‘ransomware’ on the computers of the users. It also asserted that Yahoo Mail was the attackers’ primary focus so it was being barred on the network until ‘further notice’.

Sources aware of the hacking said that two people had clicked on infected Word document email attachments and become victims of ransomware. The sources said that no ransom had been paid and the infected files had been recovered. Ransomware attacks have gotten quite common and severe in recent years. Basically, a network or computer’s files are accessed encrypted by the hackers and they demand a ransom for the files. A company spokesperson for Yahoo said that they were working with the House for resolving the issue.