http://www.nextgov.com/nextgov/ng_20120323_1655.php By Joseph Marks Nextgov 03/23/2012 Agencies that deal with national security data and programs must do more to secure their information technology supply chains, a government watchdog said Friday. Federal agencies aren't required to track "the extent to which their telecommunications networks contain foreign-developed equipment, software or services," the Government Accountability Office report said, and they typically are aware only of the IT vendors nearest to them on the supply chain, not the numerous vendors downstream. That has left IT systems at the Energy, Homeland Security and Justice departments more vulnerable to malicious or counterfeit software installed by other nations' intelligence agencies or by nonstate actors and hackers. U.S. enemies could use that malicious software to secretly pull information from government systems, erase or alter information on those systems, or even take control of them remotely. [...] ______________________________________________________________________________ Certified Ethical Hacker and CISSP training with Expanding Security gives the best training and support. Get a free live class invite weekly. Best program, best price. www.ExpandingSecurity.com/PainPillReceived on Sun Mar 25 2012 - 22:51:59 PDT
This archive was generated by hypermail 2.2.0 : Sun Mar 25 2012 - 22:57:34 PDT