Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Networking

    Federal Network Security Breaches Jump 650% in Five Years

    By
    Fahmida Y. Rashid
    -
    October 10, 2011
    Share
    Facebook
    Twitter
    Linkedin

      Security incidents at federal agencies have soared 650 percent over the past five years, according to a report from the Government Accountability Office.

      In the past five years, the number of reported events has grown from 5,503 in 2006 to 41,776 in 2010, federal auditors wrote in a Government Accountability Office report released Oct. 3. The GAO compiled the report based on information from security-related reports and data from 24 federal agencies and departments that were collected between September 2010 and October 2011.

      Nearly 30 percent of incidents involved malware infections, making it the most prevalent cyber-event, the report found. Other common issues included violations of acceptable use policies and intrusions into networks, applications and other data resources.

      “Of the 24 major agencies, none had fully or effectively implemented an agency-wide information security program,” Gregory C. Wilshusen, GAO director for information security issues, wrote in the report.

      Agencies are vulnerable to cyber-attack and other security issues because they have failed to implement proper security controls, GAO auditors wrote. Agencies do not always adequately train system security personnel, regularly monitor safeguards, fix vulnerabilities or resolve incidents in a timely manner when they do occur, according to the report. These problems leave the departments vulnerable to both external and internal threats, Wilshusen said.

      “As long as agencies have not fully and effectively implemented their information security programs, including addressing the hundreds of recommendations that we and inspectors general have made, federal systems will remain at increased risk of attack or compromise,” wrote Wilshusen.

      The audit found that the Internal Revenue Service does not block employees from accessing databases not required for their jobs. As a result, financial and taxpayer information “remain unnecessarily vulnerable” to insider threats. The fact that any employee has access to the systems means there is an increased risk of “unauthorized disclosure, modification or destruction,” the report said.

      Another incident involved a network user who clicked on a malicious link in an email. The employee was told he’d won a new car in a lottery he’d supposedly entered when he answered some questions on a survey about his pets. The employee discovered later that several credit cards had been opened in his name and large amounts of pet supplies ordered without his knowledge, according to the report.

      The GAO periodically updates Congress on how well federal departments are complying with the 2002 Federal Information Security Act. FISMA is supposed to help federal departments and agencies define security policies, conduct security awareness training and implement proper surveillance of computer safeguards. Under the law, passed in 2002, every agency in the federal government has to have information security programs and plans for managing risks in place.

      This is not the first time in recent months the GAO has called out departments on lax information security. In an August report, the GAO issued an audit report of the Federal Deposit Insurance Corporation that showed the FDIC did not use strong passwords, review user access and failed to encrypt sensitive financial information. The August GAO report found weaknesses in FDIC controls that are supposed to manage system configurations, deploy patches and segregate certain network activities.

      Fahmida Y. Rashid
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×