Some of the federal government’s most sensitive data are protected by passwords that wouldn’t pass muster for even the most basic civilian email account, according to a new congressional report.
Passwords like “password,” “qwerty,” and users’ names have left Homeland Security Department data vulnerable, says a report released Tuesday by the Republican staff of the Senate Homeland Security and Governmental Affairs Committee.
And the password fiasco, the report says, is only the tip of the iceberg — plenty of other agencies have lost sensitive data as well.
The Nuclear Regulatory Commission left nuclear-plant security details on a shared drive with no protection. Hackers swiped Information on the nation’s dams — including their weaknesses and catastrophic potential if breached — from an Army Corps of Engineers database.
All that’s too much for Sen. Tom Coburn of Oklahoma, the panel’s top Republican. “Weaknesses in the federal government’s own cybersecurity have put at risk the electrical grid, our financial markets, our emergency-response systems, and our citizens’ personal information,” he said.
So far, the security failings have been more comedic than catastrophic (in one instance, hackers used the Emergency Broadcast System to warn TV viewers of a zombie outbreak). But the report warned we may not be so lucky in the future — and the problem appears to be widespread:
In addition, hackers have penetrated, taken control of, caused damage to, and/or stolen sensitive personal and official information from computer systems at the Departments of Homeland Security, Justice, Defense, State, Labor, Energy, and Commerce; NASA; the Environmental Protection Agency; the Office of Personnel Management; the Federal Reserve; the Commodity Futures Trading Commission; the Food and Drug Administration; the U.S. Copyright Office; and the National Weather Service.
“These are just hacks whose details became known to the public,” the report added.
At the Nuclear Regulatory Commission — responsible for safeguarding the nation’s nuclear plants — faith in IT is so bad that employees have started buying their own computers and setting up separate networks, which creates a whole new series of security concerns.
Things aren’t much better at the Department of Homeland Security. “To take just one example, weaknesses found in the office of the Chief Information Officer for ICE included 10 passwords written down, 15 FOUO (For Official Use Only) documents left out, three keys, six unlocked laptops — even two credit cards left out,” the report stated.
NRC spokesman Eliot Brenner said many of that agency’s safety issues have already been addressed. All 44 security recommendations in reports cited by the committee have been closed or resolved pending final implementation, he said. “The NRC takes information security very seriously and works continuously toward improvements,” Brenner said.
What We're Following See More »
Even though they dislike both of them, the American people want to know that its presidential candidates are healthy. "Nearly two-thirds of registered voters think presidential candidates should release details about their medical histories, according to a new Morning Consult poll." In the new poll, 64 percent of Americans say the candidates should release their medical reports, up nine percent from May.
In a speech Friday at the Federal Reserve's Jackson Hole summit, Fed chair Janet Yellen sounded an optimistic tone about the state of the American economy, before implying that a hike in interest rates is on the horizon. The Fed "continues to anticipate that gradual increases in the federal funds rate will be appropriate over time to achieve and sustain employment and inflation near our statutory objectives," Yellen said in her address.
While politicians argue over whether or not to be worried about potential voter fraud come November, a study tells us it is not a legitimate concern. "A News21 analysis four years ago of 2,068 alleged election-fraud cases in 50 states found that while some fraud had occurred since 2000, the rate was infinitesimal compared with the 146 million registered voters in that 12-year span. The analysis found only 10 cases of voter impersonation, the only kind of fraud that could be prevented by voter ID at the polls."
The Democratic National Committee's "influx of money" in July "owes in part to an unprecedented workaround of political spending limits that lets the party tap into millions of dollars more" from Hillary Clinton’s biggest donors. "At least $7.3 million of the DNC’s July total originated with payments from hundreds of major donors who had already contributed the maximum $33,400 to the national committee." Those payments were "first bundled by the Hillary Victory Fund and then transferred to the state Democratic parties, which effectively stripped the donors’ names and sent the money to the DNC as a lump sum."
President Obama this morning "created the largest protected area on the planet Friday, by expanding a national marine monument off the coast of his native Hawaii to encompass 582,578 square miles of land and sea."