Cybersecurity Insight

Taxpayers the Latest Cyber Victim, IRS Boosts Cyber Security Spending

28 May

The Internal Revenue Service (IRS) and the American taxpayer have become the latest victims of a cyberattack as the agency announced this week that cyber criminals stole approximately 100,000 taxpayer records. The attack occurred between February and May of this year and the IRS is still investigating the crime.

Cyber attacks are an all too common occurrence in today’s digital world. As proven by the IRS attack it seems not even government agencies are safe or secure. With the IRS moving more and more towards electronic records and filing, cyber security is becoming a hot issue for the agency. To combat the increase in cyber criminal activity the IRS is decreasing staff while boosting spending.

Yes, you read the correctly. The IRS is decreasing staff and increasing spending. Sounds like a pay raise for the IT staffers that are kept, right? Well, not so fast. What this really means is the IRS is likely to outsource a significant portion of its IT division mainly focused on cyber security. In 2014, the IRS spent an estimated $141 million on cyber security which was about a 10% increase since 2012.

While the IRS budget is continually cut each year, the IT budget increases and outsourcing may not be such a bad thing for the agency. The IRS commissioner, John Koskinen, suggests that many IRS systems are almost 40 years old and that the IRS is a sitting duck if the systems are not upgraded. He has also blamed budget cuts for the lack of further investment in IT systems.

The attack was described as “sophisticated” by the agency, a term that is being used more and more by government agencies and enterprises when their systems are the victim of an attack. Despite the attack’s sophistication, it is still John Q. Taxpayer who feels the brunt.

Since the housing bubble in 2007-2008 and the subsequent recession many banks have looked to combat further predatory or lax mortgage practices. Currently, many banks seek out tax records for a number of reasons including proof of income. This information has been made available to lenders by the IRS.

Some have blamed this “open” communication as the source behind attacks such as these, but it appears the thieves stole social security numbers from another source in order to use them in the latest attack. Online tax record requests have quadrupled since 2010 as many citizens continue to look for housing in their communities.

The problem? These attacks put average people at risk of losing out on a home, or an affordable rate, among other things. Many lenders promise locked in rates for a certain period of time, however, if a lender is unable to access the customer’s records in time the date could pass and the rate could rise, making it too expensive for them later.

This is just one of the many current issues described by Americans who have been victimized by the IRS and other attacks. Another is the fact the IRS has refused to release certain tax records due to alerts of fraud. Some people have reported that when they have contacted the IRS about problems with accessing records the IRS has claimed a fraud alert on the record, and has refused to release the records despite the victim’s personal permission or request.

Of course, this could be the tip of the iceberg when it comes to government records being stolen or tampered with. Tax filings could be altered or stolen, leading to more audits or possible penalties for taxpayers who may be deemed late or non-filers. The problem is, the IRS can’t take a “wait and see” approach. They must act now, and their increased IT spending suggests a focus on cyber security.

As we’ve said many times it seems cyber criminals are going after anything and everything, making everyday lives a mess. We leave a digital footprint in so many areas, and government agencies and enterprises keep our personal information for any number of reasons. We leave it up them to secure our data and ensure it doesn’t fall into the wrong hands. However, more and more often we are finding our information isn’t as secure as it should be, and it is causing a ton of headaches for those in all walks of life.