- The Washington Times - Friday, August 24, 2001

AGENCE FRANCE-PRESSE

A congressional report yesterday cited at least one federal agency for major computer security weaknesses that may place sensitive data at risk, and said other agencies may be vulnerable as well.
The General Accounting Office report said the weaknesses at the Commerce Department could jeopardize "sensitive economic, financial, personnel and confidential business data."
Additionally, the systems may be vulnerable to hackers who could disrupt operations of the agency.
"Significant and pervasive computer security weaknesses place sensitive Department of Commerce systems at risk," said the GAO, the investigative arm of Congress.
Among the data housed in the Commerce Department computers are Bureau of Export Administration data relating to national security, nuclear proliferation, missile technology, and chemical and biological warfare.
"Commerce's ability to fulfill its mission depends on the confidentiality, integrity, and availability of this sensitive information," the report said.
"For example, export data … reflect technologies that have both civil and military applications… . Much of these data are also business proprietary. If it were compromised, the business could not only lose its market share, but dangerous technologies might end up in the hands of renegade nations who threaten our national security or that of other nations."
The report said there may be similar security problems at other federal government agencies.
A report last September by the GAO found "significant computer security weaknesses" in 24 of the largest federal agencies, including Commerce.
The GAO noted that the number of computer security incidents reported to the government-funded CERT Coordination Center rose from 9,859 in 1999 to 21,756 in 2000 and that in the first six months of 2001, 15,476 incidents were reported.
The GAO said that a separate government computer security center reported that in 2000, the number of attacks rose to 586 incidents affecting 575,568 federal systems and 148 military systems.
It said that 155 of the incidents resulted in a compromise of computer data and that in at least five cases, "access to sensitive information had been obtained."
At the time of the latest review, the Commerce Department's chief information officer "acknowledged that the information security program was ineffective, but believed that he had neither the authority nor adequate resources to effectively strengthen it."
In response to the investigation, Commerce Secretary Donald L. Evans on July 23 established a task force on information security to develop a "comprehensive and effective program for the department," the GAO said.


Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.

 

Click to Read More and View Comments

Click to Hide