FAA's Web Security Audit: 3,857 Vulnerabilities
Just how secure are the government's IT systems? You'd think that at the very least, critical systems would be protected and invulnerable, but you'd be wrong.
On the heels of news that the DoD had been penetrated and the electrical grid suffered a breach comes news that our air traffic control systems have been attacked numerous times and are poorly defended.
A security audit of the Web applications used in the Federal Aviation Administration's (FAA) air traffic control (ATC) systems found 763 high risk, 504 medium risk, and 2,590 low risk vulnerabilities. Issues included such basic security errors as the use of default passwords in applications, failure to patch applications in a timely manner, and failure to deploy intrusion detection systems (IDS) (define) throughout the organization.