[Infowarrior] - GAO finds federal networks unprepared for cyberattacks

Richard Forno rforno at infowarrior.org
Wed Sep 30 07:34:03 CDT 2015


Face, meet palm.  I wonder if they at least changed the font on the report/recommendations before publishing?  

My sympathies to competent federal csos wherever they may be.    --rick


Government audit finds federal networks unprepared for cyberattacks

 by Mariella Moon | @mariella_moon | 43 mins ago

http://www.engadget.com/2015/09/30/government-audit-federal-agencies/

The Government Accountability Office (GAO) has discovered that 24 federal agencies are unprepared to protect their networks in the face of cyberattacks. According to the results of a recent GAO audit, these agencies continue to have weaknesses when it comes to detecting unauthorized network access, managing software and hardware configuration and planning for operations in case of network disruption, among other things. The agency says these weaknesses put federal personnel's sensitive information at risk of being pilfered, just like what happened to the people whose identities were stolen when the Office of Personnel Management was hacked. Hackers got away with 30 years worth of data -- including 21.5 million Social Security Numbers -- from that attack.

GAO is adamant that it "made hundreds of recommendations to agencies to address deficiencies in their information security controls and weaknesses in their programs" in the past. Unfortunately, the agencies were yet to implement those pointers by the time they were audited. Senator Tom Carper told The Hill, however, that the audits happened before the agencies could execute the changes required by the Federal Information Security Act and the Federal Information Technology Acquisition Reform Act.

The results of this audit make it clearer why Homeland Security recently signed a lucrative contract with Raytheon recently to help federal agencies secure their networks and fend of cyberattacks. In addition, the Pentagon is working on an automated system that can detect unauthorized access before hackers can steal top secret info or do irreversible damage.



--
It's better to burn out than fade away.



More information about the Infowarrior mailing list