Senator releases report on government's poor security track record

Share this article:

A senator has released a report detailing numerous oversights, which have threatened the security of sensitive government data and critical infrastructure operations.

On Tuesday, Sen. Tom Coburn, R-Okla., published the 19-page report (PDF), called “The Federal Government's Track Record on Cybersecurity and Critical Infrastructure,” which he prepared along with the Minority Staff of the Homeland Security and Governmental Affairs Committee.

The report highlighted concerning breaches that have cropped up in recent years, including a January 2013 incident where an unauthorized user accessed a national database containing sensitive information on the condition of U.S. dams.

In addition, more recent security lapses made their way into the report, namely, the inadequate security measures taken by the Department of Homeland Security, which had been tasked with securing 95 percent of its internet traffic last year.

The Office of Management and Budget (OMB), which consults with President Obama on budget issues and agency policies and procedures, set the goal for DHS, which failed to meet the objective as of last November.

“Just 72 percent of DHS internet traffic passed through [trusted internet connections] TICs,” the senator's report said. “It should be noted that DHS is responsible for the administration's efforts to consolidate federal internet traffic through TICs.”

The report also called to light issues within the U.S. Nuclear Regulatory Commission (NRC), which maintains sensitive data on the country's nuclear facilities.

Of note, NRC's inspector general revealed in a December 2013 audit report (PDF) that staff within the agency held a “lack of confidence” in NRC's information technology division.

“…NRC offices have effectively gone rogue – by buying and deploying their own computers and networks without the knowledge or involvement of the department's so-called IT experts,” Sen. Coburn's report said.

The practices were noted in the reported as exposing particularly critical processes, and data about nuclear reactors, to undue threat.

“The design and security plans of every nuclear reactor, waste storage facility, and uranium processing facility in the United States; records on every individual licensed to operate or supervise nuclear reactors; and information on the design and process of nuclear material transport all live on the NRC's system,” the report said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.