The Incredibly Dumb Way the Government Is Guarding Top-Secret Data

Federal departments have made themselves pretty easy to hack, says a new report.

National Journal
Alex Brown
Add to Briefcase
Alex Brown
Feb. 4, 2014, 10:46 a.m.

Some of the fed­er­al gov­ern­ment’s most sens­it­ive data are pro­tec­ted by pass­words that wouldn’t pass muster for even the most ba­sic ci­vil­ian email ac­count, ac­cord­ing to a new con­gres­sion­al re­port.

Pass­words like “pass­word,” “qwerty,” and users’ names have left Home­land Se­cur­ity De­part­ment data vul­ner­able, says a re­port re­leased Tues­day by the Re­pub­lic­an staff of the Sen­ate Home­land Se­cur­ity and Gov­ern­ment­al Af­fairs Com­mit­tee.

And the pass­word fiasco, the re­port says, is only the tip of the ice­berg — plenty of oth­er agen­cies have lost sens­it­ive data as well.

The Nuc­le­ar Reg­u­lat­ory Com­mis­sion left nuc­le­ar-plant se­cur­ity de­tails on a shared drive with no pro­tec­tion. Hack­ers swiped In­form­a­tion on the na­tion’s dams — in­clud­ing their weak­nesses and cata­stroph­ic po­ten­tial if breached — from an Army Corps of En­gin­eers data­base.

All that’s too much for Sen. Tom Coburn of Ok­lahoma, the pan­el’s top Re­pub­lic­an. “Weak­nesses in the fed­er­al gov­ern­ment’s own cy­ber­se­cur­ity have put at risk the elec­tric­al grid, our fin­an­cial mar­kets, our emer­gency-re­sponse sys­tems, and our cit­izens’ per­son­al in­form­a­tion,” he said.

So far, the se­cur­ity fail­ings have been more comed­ic than cata­stroph­ic (in one in­stance, hack­ers used the Emer­gency Broad­cast Sys­tem to warn TV view­ers of a zom­bie out­break). But the re­port warned we may not be so lucky in the fu­ture — and the prob­lem ap­pears to be wide­spread:

In ad­di­tion, hack­ers have pen­et­rated, taken con­trol of, caused dam­age to, and/or stolen sens­it­ive per­son­al and of­fi­cial in­form­a­tion from com­puter sys­tems at the De­part­ments of Home­land Se­cur­ity, Justice, De­fense, State, Labor, En­ergy, and Com­merce; NASA; the En­vir­on­ment­al Pro­tec­tion Agency; the Of­fice of Per­son­nel Man­age­ment; the Fed­er­al Re­serve; the Com­mod­ity Fu­tures Trad­ing Com­mis­sion; the Food and Drug Ad­min­is­tra­tion; the U.S. Copy­right Of­fice; and the Na­tion­al Weath­er Ser­vice.

“These are just hacks whose de­tails be­came known to the pub­lic,” the re­port ad­ded.

At the Nuc­le­ar Reg­u­lat­ory Com­mis­sion — re­spons­ible for safe­guard­ing the na­tion’s nuc­le­ar plants — faith in IT is so bad that em­ploy­ees have star­ted buy­ing their own com­puters and set­ting up sep­ar­ate net­works, which cre­ates a whole new series of se­cur­ity con­cerns.

Things aren’t much bet­ter at the De­part­ment of Home­land Se­cur­ity. “To take just one ex­ample, weak­nesses found in the of­fice of the Chief In­form­a­tion Of­ficer for ICE in­cluded 10 pass­words writ­ten down, 15 FOUO (For Of­fi­cial Use Only) doc­u­ments left out, three keys, six un­locked laptops — even two cred­it cards left out,” the re­port stated.

NRC spokes­man Eli­ot Bren­ner said many of that agency’s safety is­sues have already been ad­dressed. All 44 se­cur­ity re­com­mend­a­tions in re­ports cited by the com­mit­tee have been closed or re­solved pending fi­nal im­ple­ment­a­tion, he said. “The NRC takes in­form­a­tion se­cur­ity very ser­i­ously and works con­tinu­ously to­ward im­prove­ments,” Bren­ner said.

What We're Following See More »
CAN LIKELY MOVE THROUGH THE HOUSE WITHOUT CONFERENCE
Senate Passes Budget Bill
2 hours ago
THE DETAILS

"The Senate approved the Republican-proposed budget Thursday night, a major step forward for the GOP effort to enact tax cuts. The budget, which now moves to the House, is projected to expand the deficit by $1.5 trillion over 10 years. Its passage will allow the GOP to use a procedural maneuver to pass tax legislation through the Senate with 50 or more votes, removing the need for support from Democratic senators."

Source:
“THEY ARE NOT READY FOR THIS”
Trump Officials Blindsided by Opioid Announcement
2 hours ago
THE LATEST

"President Donald Trump overrode his own advisers when he promised to deliver an emergency declaration next week to combat the nation’s worsening opioid crisis ... Blindsided officials are now scrambling to develop such a plan, but it is unclear when it will be announced, how or if it will be done, and whether the administration has the permanent leadership to execute it, said two administration officials. 'They are not ready for this,' a public health advocate said of an emergency declaration after talking to Health and Human Services officials enlisted in the effort."

Source:
EXPECTED TO RISE
U.S. Uninsured Up to 3.5 Million
2 hours ago
THE DETAILS

"The number of U.S. adults without health insurance is up nearly 3.5 million this year, as rising premiums and political turmoil over 'Obamacare' undermine coverage gains that drove the nation’s uninsured rate to a historic low. That finding is based on the latest installment of a major survey, released Friday. The Gallup-Sharecare Well-Being Index asks a random sample of 500 people each day whether they have health insurance."

Source:
PROMOTED TWEETS AND ACCOUNT NAMES HANDED OVER
Twitter Gives Sliver of Data to Russia Probe
3 hours ago
THE LATEST

The initial data Twitter gave to the Senate's Russia Probe was "a batch of tweets that the Kremlin’s English-language news network paid the company to promote, The Daily Beast has learned. That’s just a sliver of what investigators believe to be Russia’s propaganda campaign on the social network—which helps explain the dissatisfaction that followed those first disclosures."

Source:
AMENDMENT WOULD HAVE PREVENTED CONSIDERATION
Senate Rejects Effort to Nix SALT Tax Changes
21 hours ago
THE LATEST

"Senate Democrats on Thursday failed in their first attempt to save the state and local tax deduction, which helps many residents of California and other high-cost states reduce their federal income tax bills. The Republican-controlled Senate voted 52-47 to reject an amendment that would have prevented the Senate from considering any bill that repeals or limits the deduction as part of a planned tax overhaul."

Source:
×
×

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.

Login