Report: U.S. Computers Open to Hackers

posted onAugust 5, 2001
by hitbsecnews

A new GAO report claims that many of the nation's business secrets, lodged at the U.S. Commerce Department, are open to computer hackers. Senior officials of the U.S. Commerce Department go before Washington lawmakers Friday as a new government report details that the nation's business secrets are open to computer hackers.

A new General Accounting Office (GAO) report says investigators were able to gain Internet access to Commerce Department computer systems, and that the government division is unable to detect outside intruders.

The GAO will tell Congress that hackers could read and alter confidential business information. Other problems included using the word "password" for system access, misconfigured functions, and abuse of top-level security clearances.

Task Force Planned

The Commerce Department plans to create a task force to study security problems and is shaking up its technology division, says Commerce deputy secretary Samuel W. Bodman in written testimony to be delivered before the House Commerce Oversight and Investigations Subcommittee.

Subcommittee chairman James Greenwood (R-Pennsylvania) said the Clinton administration was to blame for the security failure.

"It is appalling that after years of nicely packaged Clinton-era cyber-security initiatives we continue to find such pervasive security weaknesses at nearly every agency our committee and others have examined," Greenwood said in a prepared statement.

Clinton Security Guidelines

Last year, former President Clinton signed the Government Information Security Reform Act (GISRA), setting network security guidelines for federal agencies.

Greenwood said he was encouraged by the Commerce Department's announced steps for improving the security of government information.

Earlier this year, Greenwood called for 15 federal agencies to review their security. At an April hearing by the U.S. House Oversight Committee, Greenwood said he had gotten little response.

Earlier Attacks Reported

A witness from the Commerce Department appeared at the earlier hearing, where lawmakers heard that 32 U.S. agencies were attacked last year. Defense Department officials revealed at the time that 99 percent of assaults on Pentagon computers had succeeded, using existing security holes that had been left uncorrected.

Rep. W.J. "Billy" Tauzin (R-Louisiana), chairman of the House Energy and Commerce Committee, said that while there have been some security improvements, federal agencies are "just treading water."

Sallie McDonald, assistant commissioner for the General Services Administration's Office of Information Assurance and Critical Infrastructure, said earlier that nearly 80 percent of federal computer intrusions slip by undetected and unreported.

A number of other federal agencies have reported security problems. Earlier this year, the GAO reported that it gained access in 2000 to tax returns filed electronically with the Internal Revenue Service.

Other targets for security scrutiny include the Interior Department, Veterans Affairs, Environmental Protection Agency and the Health and Human Services agency.

Poor Security the Rule

"Poor information security is the rule, not the exception," said the GAO's Jack Brock, Jr. After giving federal agencies a failing grade on computer security, the GAO called for a federal chief information officer (CIO).

"I believe very strongly that there needs to be a federal CIO to address information management vulnerabilities across agencies," said Brock.

Those scheduled to testify before the subcommittee include Bodman, as well as Commerce Department inspector general Johnnie Frazier, the department's acting CIO Thomas Pyke, and the GAO's Robert Dacey.

Ecommercetimes

Source

Tags

Networking

You May Also Like

Other Articles In This Section

Recent News

Tuesday, July 9th

China's APT40 gang is ready to attack vulns within hours or days of public release
AI-Powered Super Soldiers Are More Than Just a Pipe Dream
The president ordered a board to probe a massive Russian cyberattack. It never did.
Massive car dealer ransom attack is mostly over after 2 weeks of work-arounds

Wednesday, July 3rd

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux
Two of the German military’s new spy satellites appear to have failed in orbit

Friday, June 28th

Indonesian Airports, Data Centres Hit By Worst Cyberattack in Years
Cisco Talos warns of wider security implications following Snowflake breach

Thursday, June 27th

I Wore Meta Ray-Bans in Montreal to Test Their AI Translation Skills. It Did Not Go Well
Researchers upend AI status quo by eliminating matrix multiplication in LLMs
YouTube tries convincing record labels to license music for AI song generator
Critical MOVEit vulnerability puts huge swaths of the Internet at severe risk
Julian Assange to plead guilty but is going home after long extradition fight

Thursday, June 13th

Hackers show off jailbroken checkm8-vulnerable iPad and Apple TV running iPadOS 18 & tvOS 18 respectively
One of the major sellers of detailed driver behavioral data is shutting down
Turkish student creates custom AI device for cheating university exam, gets arrested

Wednesday, June 12th

Chinese-Made Biometric Access System Has 24 Vulnerabilities
Apple and OpenAI currently have the most misunderstood partnership in tech
Adobe to update vague AI terms after users threaten to cancel subscriptions
China state hackers infected 20,000 Fortinet VPNs

Tuesday, June 11th

Russia Is Targeting Germany With Fake Information as Europe Votes
Apple announces macOS 15 Sequoia with window tiling, iPhone mirroring, and more
Apple integrates ChatGPT into Siri, iOS, and macOS
British police to scan 480,000 Formula 1 fans’ faces at Silverstone
Hackers steal “significant volume” of data from hundreds of Snowflake customers

Friday, June 7th

7,000 LockBit decryption keys now in the hands of the FBI, offering victims hope
FCC pushes ISPs to fix security flaws in Internet routing
Can a technology called RAG keep AI models from making stuff up?
How to Lead an Army of Digital Sleuths in the Age of AI

Thursday, June 6th

Mystery object waits nearly an hour between radio bursts
Apple refused to pay bug bounty to Russian cybersecurity firm Kaspersky Lab
Ex-Microsoft security expert torches Windows' new 'Recall' feature
The Age of the Drone Police Is Here

Wednesday, June 5th

Ukrainian Systems Hit by Cobalt Strike Via a Malicious Excel File
TikTok Hack Targets ‘High-Profile’ Users via DMs