The Incredibly Dumb Way the Government Is Guarding Top-Secret Data

Federal departments have made themselves pretty easy to hack, says a new report.

National Journal
Alex Brown
Add to Briefcase
Alex Brown
Feb. 4, 2014, 10:46 a.m.

Some of the fed­er­al gov­ern­ment’s most sens­it­ive data are pro­tec­ted by pass­words that wouldn’t pass muster for even the most ba­sic ci­vil­ian email ac­count, ac­cord­ing to a new con­gres­sion­al re­port.

Pass­words like “pass­word,” “qwerty,” and users’ names have left Home­land Se­cur­ity De­part­ment data vul­ner­able, says a re­port re­leased Tues­day by the Re­pub­lic­an staff of the Sen­ate Home­land Se­cur­ity and Gov­ern­ment­al Af­fairs Com­mit­tee.

And the pass­word fiasco, the re­port says, is only the tip of the ice­berg — plenty of oth­er agen­cies have lost sens­it­ive data as well.

The Nuc­le­ar Reg­u­lat­ory Com­mis­sion left nuc­le­ar-plant se­cur­ity de­tails on a shared drive with no pro­tec­tion. Hack­ers swiped In­form­a­tion on the na­tion’s dams — in­clud­ing their weak­nesses and cata­stroph­ic po­ten­tial if breached — from an Army Corps of En­gin­eers data­base.

All that’s too much for Sen. Tom Coburn of Ok­lahoma, the pan­el’s top Re­pub­lic­an. “Weak­nesses in the fed­er­al gov­ern­ment’s own cy­ber­se­cur­ity have put at risk the elec­tric­al grid, our fin­an­cial mar­kets, our emer­gency-re­sponse sys­tems, and our cit­izens’ per­son­al in­form­a­tion,” he said.

So far, the se­cur­ity fail­ings have been more comed­ic than cata­stroph­ic (in one in­stance, hack­ers used the Emer­gency Broad­cast Sys­tem to warn TV view­ers of a zom­bie out­break). But the re­port warned we may not be so lucky in the fu­ture — and the prob­lem ap­pears to be wide­spread:

In ad­di­tion, hack­ers have pen­et­rated, taken con­trol of, caused dam­age to, and/or stolen sens­it­ive per­son­al and of­fi­cial in­form­a­tion from com­puter sys­tems at the De­part­ments of Home­land Se­cur­ity, Justice, De­fense, State, Labor, En­ergy, and Com­merce; NASA; the En­vir­on­ment­al Pro­tec­tion Agency; the Of­fice of Per­son­nel Man­age­ment; the Fed­er­al Re­serve; the Com­mod­ity Fu­tures Trad­ing Com­mis­sion; the Food and Drug Ad­min­is­tra­tion; the U.S. Copy­right Of­fice; and the Na­tion­al Weath­er Ser­vice.

“These are just hacks whose de­tails be­came known to the pub­lic,” the re­port ad­ded.

At the Nuc­le­ar Reg­u­lat­ory Com­mis­sion — re­spons­ible for safe­guard­ing the na­tion’s nuc­le­ar plants — faith in IT is so bad that em­ploy­ees have star­ted buy­ing their own com­puters and set­ting up sep­ar­ate net­works, which cre­ates a whole new series of se­cur­ity con­cerns.

Things aren’t much bet­ter at the De­part­ment of Home­land Se­cur­ity. “To take just one ex­ample, weak­nesses found in the of­fice of the Chief In­form­a­tion Of­ficer for ICE in­cluded 10 pass­words writ­ten down, 15 FOUO (For Of­fi­cial Use Only) doc­u­ments left out, three keys, six un­locked laptops — even two cred­it cards left out,” the re­port stated.

NRC spokes­man Eli­ot Bren­ner said many of that agency’s safety is­sues have already been ad­dressed. All 44 se­cur­ity re­com­mend­a­tions in re­ports cited by the com­mit­tee have been closed or re­solved pending fi­nal im­ple­ment­a­tion, he said. “The NRC takes in­form­a­tion se­cur­ity very ser­i­ously and works con­tinu­ously to­ward im­prove­ments,” Bren­ner said.

What We're Following See More »
ALL 100 SENATORS
Dem Senator Calls North Korea Briefing “Sobering”
2 hours ago
THE DETAILS
SAYS CLINTON ADMINISTRATION BASICALLY GOT IT RIGHT
Pai Announces Plans to Roll Back Net Neutrality
4 hours ago
THE DETAILS

"Even as he acknowledged the importance of an open internet, FCC Chairman Ajit Pai on Wednesday set his telecom agency on a course to scrap the tough, broad net neutrality protections imposed by the Obama administration. During a major speech in Washington, D.C., Pai outlined the need for a total revision of existing federal rules that seek to prevent companies like AT&T, Charter, Comcast and Verizon from blocking or slowing down web content, including the movie or music offerings from their competitors." Separately, Pai told Reason's Nick Gillespie that the Clinton Administration "basically got it right when it came to digital infrastructure. We were not living in a digital dystopia in the years leading up to 2015."

Source:
WILL ANGER CONSERVATIVES
White House to Continue Paying Obamacare Insurers
4 hours ago
BREAKING
LOFTY GOALS
White House Proposes New Tax Plan
4 hours ago
BREAKING

The White House on Wednesday laid out its plan for tax reform, with Treasury Secretary Steven Mnuchin saying it would be "the biggest tax cut and the largest tax reform in the history of our country." The tax code would be broken down into just three tax brackets, with the highest personal income tax rate cut from 39.6 percent to 35 percent. The plan would also slash the tax rate on corporations and small businesses from 35 percent to 15 percent. "The White House plan is a set of principles with few details, but it’s designed to be the starting point of a major push to urge Congress to pass a comprehensive tax reform package this year," said National Economic Council Director Gary Cohn.

Source:
ORDERED BY PRESIDENT
DHS Launches Office for Victims of Crimes by Immigrants
4 hours ago
THE DETAILS

U.S. Immigration and Customs Enforcement today established the Victims of Immigration Crime Engagement (VOICE), as called for in a presidential executive order from January. The new office's website states that its staff "will be guided by a singular, straightforward mission—to ensure victims and their families have access to releasable information about a perpetrator and to offer assistance explaining the immigration removal process."

Source:
×
×

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.

Login