快猫短视频

The weakest link

US government gets shaming F grade for cyber security

LAX security is leaving the US government wide open to cyber-attack,
according to a Congressional report. In this year鈥檚 computer security assessment
by a House committee, the government scored a dismal F grade.

One of the main problems highlighted in the report was the failure of users
and administrators to change the default passwords for their software. The
default is often as easy to guess as the word 鈥減assword鈥.

Departments were also criticised for failing to close down old or lapsed
login accounts. This allows people who have left, or who no longer have
authorisation, continued access to that department鈥檚 computers and files.

The report was compiled by the House of Representatives Subcommittee on
Government Efficiency, Financial Management and Intergovernmental Relations,
chaired by Congressman Steve Horn. In an announcement last week, Horn called the
results 鈥渁bysmal鈥, and warned that the security loopholes pose a serious
risk.

Twenty four federal departments were assessed and given an individual grade,
determining an overall grade. 鈥淚 regret to report that the federal government
received an overall F for computer security,鈥 Horn said last week.

Last year the government scored a D. 鈥淯nfortunately, this year鈥檚 grades
clearly demonstrate that the federal government as a whole is not making
progress in addressing its cyber-security weaknesses,鈥 says Horn.

Not all the departments were shamed. The National Science Foundation scored
an admirable B+. Only two others scored a C minus or above, and 16 departments
got an F.

Among the worst offenders were the Departments of Defense, Justice and
Energy. The computer systems at risk were responsible for anything from
processing taxes or benefits to national defence and emergency services
networks.

Part of the grading was based on a General Audit Office report released in
early November which looked at six areas of computer security, including
software and human error.

鈥淭hese weaknesses can be exploited by terrorists, everyday hackers or other
kinds of criminals,鈥 explains Horn. The Central Intelligence Agency has
identified at least 20 countries that it says are developing information warfare
strategies that specifically target US military and private-sector computer
systems.

Computer security is the weakest link in US national security, says Chey
Cobb, a former technical security officer for the National Reconnaissance Office
which manages spy satellites for the US government. 鈥淎 breach can bring down our
entire infrastructure,鈥 she says. The biggest problem in defending against cyber
attacks is cultural. Often top brass don鈥檛 see the need for security, and fail
to invest in it.

In their defence, says Cobb, many computers that were previously inaccessible
from the outside are now being connected to each other via the Internet as part
of government policy. 鈥淭his opens the door into confidential and secret systems
that did not previously exist,鈥 she explains.

More from 快猫短视频

Explore the latest news, articles and features