US Homeland Security Websites Vulnerable to Cyber-Attack, Audit Finds

US Homeland Security Websites Vulnerable to Cyber-Attack, Audit Finds
Advertisement
The US department charged with protecting government computers needs to secure its own information systems better, according to an audit released on Tuesday that showed lapses in internal systems used by the Secret Service and Immigration and Customs Enforcement.

The Department of Homeland Security also needs to establish a cyber training program for analysts and investigators, the audit said, with officials from several agencies blaming short-term budget allocations from Congress for their training cuts.

"We identified vulnerabilities on internal websites at ICE and USSS that may allow unauthorized individuals to gain access to sensitive data," according to the report by the Office of the Inspector General for DHS.

The websites are used by ICE and Secret Service agents to report investigation statistics, case tracking and information sharing, it said.

The audit said the 240,000-employee department has made progress in strengthening cyber coordination between agencies and made nine recommendations, which DHS accepted and said it was working to address.

The recommendations come as federal government's cyber-security practices are under intense public scrutiny following recent breaches at the Office of Personnel Management, White House, State Department and other agencies.

The report focused on ICE, Secret Service and the National Protection and Programs Directorate, which is charged with protecting government computers and the nation's critical infrastructure from cyber-attack. Responsibilities of ICE and the Secret Service include money laundering, financial and commercial fraud, bank and credit card fraud and identity theft.

Officials from ICE, NPPD and the Secret Service told investigators the agencies' ability to conduct proper training programs has been hampered by the stop-gap funding bills Congress has been passing because of its inability to approve yearlong spending in a timely way.

One ICE analyst told investigators he had not attended any formal training in four years, partly because of federal budget cuts known as sequestration, and invested his own time and money for cyber training.

"Without developing the department-wide training program, component personnel may not possess the skills necessary to perform their assigned incident response duties or investigative responsibilities in the event of a cyber-attack," the report said.

The inspector general also said the department needs to develop a strategic plan to coordinate cyber activities and would benefit from automated capability for near real-time incident information sharing.

© Thomson Reuters 2015

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Delhi Government Again Rejects Uber's Application to Ply Taxis
Wireless Executive Gets Sentenced to Prison After BlackBerry Leak
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »