[ISN] Report Says Interior Dept. Failed to Secure Network

From: InfoSec News <alerts_at_private>
Date: Mon, 6 Apr 2009 00:33:36 -0500 (CDT)
http://www.washingtonpost.com/wp-dyn/content/article/2009/04/04/AR2009040403162.html

By Brian Krebs
Washington Post Staff Writer
April 5, 2009

Years after the Interior Department was warned that its computer network 
was dangerously exposed to hackers and was ordered by a federal judge to 
fix the problem, the vulnerabilities remained, to the point that the 
department probably could not tell if outsiders had gained access to its 
data, according to a newly disclosed internal report.

The report was written last spring by Interior's then-inspector general, 
Earl A. Devaney, but it became public only Wednesday, when it was filed 
with a federal appeals court as part of a decade-old, 
multibillion-dollar lawsuit by Native Americans against the federal 
government.

"It is unfathomable anyone could give assurance the Department's network 
is secure," Devaney wrote, adding that the department had "persistently 
failed to meet minimum standards in information security."

"According to the Department's own analysis, nearly 70% of the network 
traffic leaving the Department through a single one of its Internet 
gateways during the month of January 2008 was bound for known hostile 
countries and the Department lacked the capability to even determine 
what the traffic was," the report reads.

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Sun Apr 05 2009 - 22:33:36 PDT

This archive was generated by hypermail 2.2.0 : Sun Apr 05 2009 - 22:49:31 PDT