[Infowarrior] - US Gov cyber insecurity incidents

Richard Forno rforno at infowarrior.org
Wed May 9 13:07:56 UTC 2007


(via dataloss and almac)

Here's the report card (PDF) that The House Committee on Oversight and
Government Reform issues each year on cyber security at various government
agencies.
http://republicans.oversight.house.gov/Media/PDFs/FY06FISMA.pdf

In the wake of the VA incident, The House Committee on Oversight and
Government Reform asked all federal agencies for details on any other
incidents involving loss of personal sensitive information.  They learned
about 788 incidents Jan 2003-July 2006.  By my math, that's more than one
every other day on average.

I saw an article about this & went hunting for original source (url below).
Well looks like this data was gathered about a year ago, but then in some
cases more info came out that showed the data was incomplete.

Every federal angency has computer security breaches.
They do not always know what data has been lost.

The vast majority of the breaches are the loss of hardware, such as theft
of laptops.
Many of the breaches are by private contractors.

Dept of Agriculture 8 incidents
Dept of Commerce 297 incidents
Dept of Defence 43 incidents
Dept of Education 41 incidents
Dept of Energy 7 incidents
Dept of Health & Human Services 24 incidents

Dept of Homeland Security 6 incidents but the committee continues to ask
hard questions 
http://www.sans.org/newsletters/newsbites/newsbites.php?vol=9&issue=36&rss=Y
#sID202

Dept of Housing and Urban Development 1 incident
Dept of Interior 8 incidents
Dept of Justice 2 incidents
Dept of Labor 3 incidents

Dept of State 1 incident but got grade F for cyber security from House
Commitee on Oversight etc.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci12517
63,00.html 


Dept of Transportation 1 incident ... a subsequent FOIA inquiry found out a
ton of other incidents

Dept of Treasury 340 incidents
Dept of Veteran Affairs ... hundreds of incidents
Office of Personnel Management 3 incidents
Social Security Administration 3 incidents

example incidents are given on each agency

http://209.85.165.104/search?q=cache:etHfNZnxgEUJ:oversight.house.gov/Docume
nts/20061013145352-82231.pdf+Oversight+Reform+compromise+sensitive&hl=en&ct=
clnk&cd=2&gl=us

Systemic failure at the White House protecting classified information..
http://oversight.house.gov/story.asp?ID=1264





More information about the Infowarrior mailing list