- Ohio university quiz implies atheists are naturally smarter than Christians
- Rep. Henry Cuellar on border crisis: ‘Playing defense on the one-yard line’
- Activists vow to occupy fast-food restaurants to get higher pay
- Rep. Luis Gutierrez: Senate Dems wary of immigration politics
- Summer camp for 1 percenters: Sushi, limos and shopping at FAO Schwarz
- Colorado gun crackdown law found to be built on faulty data
- Hank Aaron steps to fundraising plate for Democrat Michelle Nunn
- ISIL terrorists blow up burial site of Jonah, vow more of same
- Impeach Obama, say 35 percent in new poll
- Taliban yank 14 Shiites off bus, bind and shoot them on Afghan road
Homeland Security at risk of computer breach
Report: Outmoded equipment, policies
Question of the Day
Created to safeguard the nation, the Department of Homeland Security is instead having difficulty ensuring its own computers are protected from hacking and cybersecurity breaches, a new report says.
Agency plans, policies and systems aren’t being updated to reflect the most recent threats, a potentially devastating misstep in the ever-evolving world of online security where new threats can pop up overnight, said the agency’s inspector general.
Some DHS cybersecurity guidelines date back to 2008, and “baseline security configuration settings are not being implemented for all systems,” investigators said.
In addition, 47 systems are being used without “authority to operate” certificates that ensure the most up-to-date security protocols are in place. Of those, 17 are systems that handle classified secret data.
“This report shows major gaps in DHS‘ own cybersecurity, including some of the most basic protections that would be obvious to any 13-year-old with a laptop,” said Sen. Tom Coburn of Oklahoma, the top Republican on the Homeland Security and Governmental Affairs Committee.
“DHS doesn’t use strong authentication,” he said. “It relies on antiquated software that’s full of holes. Its components don’t report security incidents when they should. They don’t keep track of weaknesses when they’re found, and they don’t fix them in time to make a difference.”
The number of cybersecurity incidents at DHS has risen 17 percent over the past year, data shows, and attacks by more advanced malicious software have risen 134 percent since 2010.
The agency doesn’t track what information is being stored in public clouds, inspectors said. Plus, DHS has 67 external Internet connections that could be potential gateways for hackers to get in.
The severity of security breaches depends on the nature of the information compromised, said Paul Rosenzweig, a homeland security analyst at the Heritage Foundation, a conservative think tank.
“If it’s the system that contains all of yours and mine flight information, then I’m a little more concerned than if it’s the system they use to buy water bottles for the [airport] screeners,” said Mr. Rosenzweig, a former DHS official.
What’s perhaps more troubling, he said, is the government’s inability to get its own affairs in order and the evidence of the difficulties federal agencies have in procuring IT services and equipment.
“We have not managed to match our means of purchasing computer cybersecurity systems to the dynamic, ever-changing environment that is the cyberspace,” Mr. Rosenzweig said.
Officials at Homeland Security said they are working to shore up the agency’s vulnerabilities.
“DHS has also taken actions to address the administration’s cybersecurity priorities, which included implementation of trusted Internet connections, continuous monitoring of the department’s information systems and data that support the DHS mission,” a response from the agency said.
© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.
About the Author
Phillip Swarts is an investigative reporter for The Washington Times, covering fiscal waste, fraud and political ethics. He is a graduate of the Medill School of Journalism at Northwestern University and previously worked as an investigative reporter for the Washington Guardian. Phillip can be reached at firstname.lastname@example.org.
- Christians flee Mosul after ISIL threat: Convert to Islam or die
- Ex-Gitmo detainee Moazzam Begg charged with terrorism
- Chicago shooting spree: 22 people shot in 12 hours
- U.S. bests Iran to advance to the Gold Medal match at the FIVB World League Finals
- Bill Maher blames Hamas for Gaza violence: 'Do you really expect the Israelis not to retaliate?'
Latest Blog Entries
TWT Video Picks
Second- and third-stringers eye 2016 if front-runner stumbles
- Michelle Obama says money in politics is bad, asks donors for 'big, fat check'
- Presidents of Honduras, Guatemala blame U.S. for border children crisis
- 'We're coming for you, Barack Obama': Top U.S. official discloses threat from ISIL terrorists
- NAPOLITANO: What if our democracy is a fraud?
- EDITORIAL: Detroit's water 'spigot bigots'
- Hamas rejects Kerry's call for cease-fire; Fears grow others could join fight against Israel
- Obama orders Pentagon advisers to Ukraine
- PRUDEN: The Democratic-wannabe mice under Hillary Clinton's feet
- Obama takes aim at 'corporate deserters'
- Crime-ridden U.S. cities differ on ways to fight gun violence
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world
Fighting in Iraq