Feeds

Lawmakers worry over government network breaches

Congress interests itself in cyber security

The Essential Guide to IT Transformation

All three agencies currently in the Congressional spotlight have had subpar grades. The Departments of Commerce and State both received an 'F' in the latest report, while the Department of Homeland Security improved its string of failing grades to a 'D' in 2006, but still has not found the resources to mitigate more than two-thirds of the flaws found in its systems, according to a report from the Department's Inspector General.

Rep. Thompson stressed that the grade should not be a mark of pride. "The American people are tired of hearing that getting a 'D' is an improvement," he said last week.

Such criticism is unlikely to subside any time soon.

On Thursday, the subcommittee will hear from the Department of Homeland Security's US-VISIT program regarding issues that the agency has had in protecting the program's database of traveler information. A report on the security of the program conducted by the Government Accounting Office (GAO) has found that the systems are "riddled with significant information security control weaknesses that place sensitive and personally identifiable information at increase risk of unauthorized disclosure and modification, misuse, and destruction possibly without detection, and place program operations at increased risk of disruption," according to Rep. Langevin.

And a handful of other incidents have attracted the attention of lawmakers. Last week, the Department of Defense shut down e-mail service to an estimated 1,500 employees following a breach, according to reports. The Department of Energy has also come under fire for allowing classified information to be sent over the public Internet.

The incidents underscore that the nation has a larger problem to deal with, Rep. Langevin said in prepared remarks opening April's hearing on the Departments of State and Commerce breaches.

"We don't know the scope of our networks. We don't know who's inside our networks. We don't know what information has been stolen," he said. "We need to get serious about this threat to our national security."

This article originally appeared in Security Focus.

Copyright © 2007, SecurityFocus

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.