US Senator Tom Coburn and the Minority Staff of the Homeland Security and Governmental Affairs Committee have published a new report called “The Federal Government’s Track Record on Cybersecurity and Critical Infrastructure.”
The report highlights several cyber security incidents that demonstrate the US government’s inability to protect sensitive data and critical infrastructure against cyber threats.
The examples provided in the study focus on the Nuclear Regulatory Commission, the Security Exchange Commission (SEC), the US Army Corps of Engineers, the Emergency Broadcast Systems, the National Institute of Standards and Technology (NIST) and various other organizations.
In the case of the Nuclear Regulatory Commission, the organization stored sensitive information on nuclear plants on an unprotected shared drive. The SEC exposed “extremely sensitive data” about the New York Stock Exchange computer networks.
The Army Corps of Engineers lost a database containing data on 85,000 dams to hackers. In the case of NIST, the report points to the incident as a result of which the database of known software vulnerabilities was shut down for several days after hackers had breached servers belonging to the institute.
Other organizations named in the report are the Departments of Homeland Security, Justice, Defense, State, Labor, Energy, and Commerce, the Environmental Protection Agency, NASA, the Office of Personnel Management, the Commodity Futures Trading Commission, the Federal Reserve, the FDA, the Copyright Office, and the National Weather Service.
The incidents highlighted by the senator and the committee are just the ones that became public. In some cases, they became known because the hackers themselves (in most cases hacktivists) announced the attacks.
The report is worth checking out because it sums up pretty nicely all the data breaches suffered by US government organizations and the poor security practices they have.
“The Federal Government’s Track Record on Cybersecurity and Critical Infrastructure” is available on Senator Coburn’s website.