Security is substandard at some government agencies.
According to a new Senate report issued by the Homeland Security and Governmental Affairs Committee, the data of U.S. citizens is at risk at some government agencies due to poor cybersecurity patches such as running legacy systems and applications no longer supported by the vendor.
Eight federal agencies were reviewed by the Senate and seven of them were found running on unsupported systems for applications, six failing to install security patches quickly, and six running systems without current authorizations to operate them. In addition, seven of the eight agencies fail to protect personally identifiable information adequately. The agencies carried a C- report card for failing short of federally-mandated standards.
Agencies relying on outdated systems include the Department of Homeland Security, the State Department, and the Social Security Administration. Data such as names, dates of birth, income, social security numbers, and credit card numbers have not been protected.
“All agencies failed to comply with statutory requirements to certify to Congress they have implemented certain key cybersecurity requirements including encryption of sensitive data, least privilege, and multi-factor authentication,” the report said.
The review was prompted in part by an April 2021 Chinese state-sponsored hacking that breached the federal agencies through vulnerabilities in products from a popular Utah-based software company. Russian-linked criminals compromised nine federal agencies and around 100 private sector groups through a supply chain hack of SolarWinds, first discovered in December 2020.
As the Lord Leads, Pray with Us…
- For federal agencies to comply with updates and increase security to safeguard America’s data from cyberattacks.
- For U.S. officials working to strengthen protections from ransomware attacks.
- For wisdom for members of Congress as they hold the executive branch accountable for protecting infrastructure from cyber breaches.
Sources: CBS News, Washington Examiner
