The Incredibly Dumb Way the Government Is Guarding Top-Secret Data

Federal departments have made themselves pretty easy to hack, says a new report.

National Journal
Alex Brown
Feb. 4, 2014, 10:46 a.m.

Some of the fed­er­al gov­ern­ment’s most sens­it­ive data are pro­tec­ted by pass­words that wouldn’t pass muster for even the most ba­sic ci­vil­ian email ac­count, ac­cord­ing to a new con­gres­sion­al re­port.

Pass­words like “pass­word,” “qwerty,” and users’ names have left Home­land Se­cur­ity De­part­ment data vul­ner­able, says a re­port re­leased Tues­day by the Re­pub­lic­an staff of the Sen­ate Home­land Se­cur­ity and Gov­ern­ment­al Af­fairs Com­mit­tee.

And the pass­word fiasco, the re­port says, is only the tip of the ice­berg — plenty of oth­er agen­cies have lost sens­it­ive data as well.

The Nuc­le­ar Reg­u­lat­ory Com­mis­sion left nuc­le­ar-plant se­cur­ity de­tails on a shared drive with no pro­tec­tion. Hack­ers swiped In­form­a­tion on the na­tion’s dams — in­clud­ing their weak­nesses and cata­stroph­ic po­ten­tial if breached — from an Army Corps of En­gin­eers data­base.

All that’s too much for Sen. Tom Coburn of Ok­lahoma, the pan­el’s top Re­pub­lic­an. “Weak­nesses in the fed­er­al gov­ern­ment’s own cy­ber­se­cur­ity have put at risk the elec­tric­al grid, our fin­an­cial mar­kets, our emer­gency-re­sponse sys­tems, and our cit­izens’ per­son­al in­form­a­tion,” he said.

So far, the se­cur­ity fail­ings have been more comed­ic than cata­stroph­ic (in one in­stance, hack­ers used the Emer­gency Broad­cast Sys­tem to warn TV view­ers of a zom­bie out­break). But the re­port warned we may not be so lucky in the fu­ture — and the prob­lem ap­pears to be wide­spread:

In ad­di­tion, hack­ers have pen­et­rated, taken con­trol of, caused dam­age to, and/or stolen sens­it­ive per­son­al and of­fi­cial in­form­a­tion from com­puter sys­tems at the De­part­ments of Home­land Se­cur­ity, Justice, De­fense, State, Labor, En­ergy, and Com­merce; NASA; the En­vir­on­ment­al Pro­tec­tion Agency; the Of­fice of Per­son­nel Man­age­ment; the Fed­er­al Re­serve; the Com­mod­ity Fu­tures Trad­ing Com­mis­sion; the Food and Drug Ad­min­is­tra­tion; the U.S. Copy­right Of­fice; and the Na­tion­al Weath­er Ser­vice.

“These are just hacks whose de­tails be­came known to the pub­lic,” the re­port ad­ded.

At the Nuc­le­ar Reg­u­lat­ory Com­mis­sion — re­spons­ible for safe­guard­ing the na­tion’s nuc­le­ar plants — faith in IT is so bad that em­ploy­ees have star­ted buy­ing their own com­puters and set­ting up sep­ar­ate net­works, which cre­ates a whole new series of se­cur­ity con­cerns.

Things aren’t much bet­ter at the De­part­ment of Home­land Se­cur­ity. “To take just one ex­ample, weak­nesses found in the of­fice of the Chief In­form­a­tion Of­ficer for ICE in­cluded 10 pass­words writ­ten down, 15 FOUO (For Of­fi­cial Use Only) doc­u­ments left out, three keys, six un­locked laptops — even two cred­it cards left out,” the re­port stated.

NRC spokes­man Eli­ot Bren­ner said many of that agency’s safety is­sues have already been ad­dressed. All 44 se­cur­ity re­com­mend­a­tions in re­ports cited by the com­mit­tee have been closed or re­solved pending fi­nal im­ple­ment­a­tion, he said. “The NRC takes in­form­a­tion se­cur­ity very ser­i­ously and works con­tinu­ously to­ward im­prove­ments,” Bren­ner said.

What We're Following See More »
DO THEY NEED TO GET TO 15%?
Will Romney Endorse the Libertarian Ticket?
1 hours ago
THE DETAILS

"Libertarian presidential candidate Gary Johnson told CNN Thursday that Mitt Romney was considering endorsing him for president this fall." He said the two had recently spoken. Johnson's running mate, Bill Weld, agreed that they have a good chance of winning the endorsement, especially if they meet the 15% polling threshold for participating in the presidential debates.

Source:
FIRST WOMAN NOMINATED BY MAJOR PARTY
Hillary Clinton Accepts the Democratic Nomination for President
9 hours ago
THE DETAILS

"It is with humility, determination, and boundless confidence in America’s promise that I accept your nomination for president," said Hillary Clinton in becoming the first woman to accept a nomination for president from a major party. Clinton gave a wide-ranging address, both criticizing Donald Trump and speaking of what she has done in the past and hopes to do in the future. "He's taken the Republican party a long way, from morning in America to midnight in America," Clinton said of Trump. However, most of her speech focused instead on the work she has done and the work she hopes to do as president. "I will be a president of Democrats, Republicans, and Independents. For the struggling, the striving, the successful," she said. "For those who vote for me and for those who don't. For all Americans together."

COUNTER-CHANTS AT THE READY
Protesters Make Good on Threat to Disrupt Speech
10 hours ago
THE LATEST

Supporters of Bernie Sanders promised to walk out, turn their backs, or disrupt Hillary Clinton's speech tonight, and they made good immediately, with an outburst almost as soon as Clinton began her speech. But her supporters, armed with a handy counter-chant cheat sheet distributed by the campaign, immediately began drowning them out with chants of "Hillary, Hillary!"

SUFFOLK POLL
New Survey Shows Clinton Up 9 in Pennsylvania
18 hours ago
THE LATEST

If a new poll is to be believed, Hillary Clinton has a big lead in the all-important swing state of Pennsylvania. A new Suffolk University survey shows her ahead of Donald Trump, 50%-41%. In a four-way race, she maintains her nine-point lead, 46%-37%. "Pennsylvania has voted Democratic in the past six presidential elections, going back to Bill Clinton’s first win in 1992. Yet it is a rust belt state that could be in play, as indicated by recent general-election polling showing a close race."

Source:
THREE NIGHTS RUNNING
Democrats Beat Republicans in Convention Ratings So Far
19 hours ago
THE DETAILS

Wednesday was the third night in a row that the Democratic convention enjoyed a ratings win over the Republican convention last week. Which might have prompted a fundraising email from Donald Trump exhorting supporters not to watch. "Unless you want to be lied to, belittled, and attacked for your beliefs, don't watch Hillary's DNC speech tonight," the email read. "Instead, help Donald Trump hold her accountable, call out her lies and fight back against her nasty attacks."

Source:
×