科技创新!
White House says its federal agencies can’t keep track of their own data
Most federal agencies have no way of effectively detecting when data is stolen, found a new, 22-page report published by the White House Office of Management and Budget last week.
But cybersecurity experts aren’t exactly surprised by the dismal findings. The Federal Cybersecurity Risk Determination Report and Action Plan is an Executive Order-mandated annual assessment of the federal government’s cyber defenses. This year, it concluded that 73 percent of federal agency programs simply can't detect when large amounts of information leave their networks.
"DHS and agencies acknowledge that more work and collaboration must be done to better protect federal networks," a Department of Homeland Security official said in a statement sent to Mashable. "Cyber threats to government networks and other critical infrastructure are one of our Nation’s most pressing security challenges."
The official said the department is working with federal enterprises to protect their information systems and will first focus on securing "the highest impact systems, assets, and capabilities."
The report says there were more than 30,000 cyber attacks on the federal government in 2016 that resulted in lost information and compromised systems, but in 38 percent of those attacks (nearly 12,000 of the incidents), the government had no idea where the attacks came from or how they got into the systems.
"What they're saying is that they don't have the resources to trace back and go probe through the logs — the network log of traffic — to identify exactly what happened or how the attack was structured," John Williams, a professor at MIT who teaches about cybersecurity, told Mashable. "We're not in a great situation at the moment. The attackers are probably learning faster than the cybersecurity community in the U.S., at the moment. We realize we're up against attackers with significant resources."
And what's even scarier about this statistic, he said, is that attackers "will usually be in the company or the agency — and certainly with corporations — for almost a year before they launch an attack." In other words, they familiarize themselves with how the computer systems function before deploying their cyber attack.
Although Williams said the report's findings have been common knowledge among cybersecurity professionals, he said the low rate of cyber awareness from federal agencies was abnormal.
University of Maryland, Baltimore County's cybersecurity graduate program director Richard Forno echoed Williams' analysis and said even a simple Google search could cull results that warned about our dire state of federal cybersecurity decades earlier.
"Government reports like this just literally say the same thing year after year: 'here are a couple of recommendations on how we can fix things' and a year goes by, and it says the exact same thing," Forno said.
"Looking at the recommendations — I mean, it's nice that they have recommendations — but again, why in 2018 are they still finding there's limited situational awareness? The federal government has been on the internet for 20-ish years, and they still don't know what's going on on their networks. I mean, 20 years is a long time, even by government standards," he added.
The report was released on the heels of the Trump administration eradicating the top cybersecurity position in the National Security Council last week. The new National Security advisor John Bolton deemed the position unnecessary, which prompted a bevy of senators to voice their opposition on social media.
"Here’s the point: we should be investing in our nation’s cyber defense, not rolling it back. We also need to articulate a clear cyber doctrine," tweeted Mark Warner of Virginia, an outspoken cybersecurity advocate. "I don’t see how getting rid of the top cyber-official in the White House does anything to make our country safer from cyber-threats."
Warner cofounded the bipartisan Cybersecurity Caucus in 2016, which focused on helping the Senate stay updated on cybersecurity developments, and he is currently working on a bill that would require devices purchased by the U.S. government to meet certain minimum security requirements.
SEE ALSO: 'Mr. Zuckerberg' explains the internet to elderly senators"Agencies don’t have the ability to understand how vulnerable they are, and where vulnerabilities exist. And because they’re not equipped to make those determinations, they are making poor and inefficient allocation decisions with their limited IT resources," Sen. Warner told Mashable. "This is a further indication that the existing model for cybersecurity isn’t working."
And it hasn't for a long time.
Williams said the decentralized nature of the federal agencies feeds into the high security risks, since it, like other bureaucratic systems, is hard to control and makes broad-sweeping change difficult.
He basically summed it up with his one-sentence takeaway from the report: "It's pretty clear that the government agencies are not in the greatest of shape in respect to cybersecurity."
Featured Video For You
Huawei's MateBook X Pro is a MacBook Pro killer
友链
外链
互链
Copyright © 2023 Powered by
White House says its federal agencies can’t keep track of their own data-声闻过情网
sitemap
文章
7672
浏览
5287
获赞
156
热门推荐
10 dogs who really loved their puppucinos
Forget the Dragonfruit Frappucino. Starbucks's best secret menu item is the puppuccino, and everyoneHow to use SharePlay in Messages with iOS 16
One of the best parts of watching or listening to something together is the banter that comes with iWe tested 3 major virtual makeup try
Makeup in the metaverse makes no sense to most people; beauty routines are deeply tangible experiencFluffy little rescue dog posing with food is our ideal Instagram account
Popeye The Foodie Dog's Instagram account combines two of our favorite things: Instagram food porn aLast minute iPhone 12 rumors: better zoom, more battery life
With Apple's fall iPhone event just a day away, you'd think we already know all there is to know aboResearchers used an algorithm to show how Twitter hurts the quality of news
UPDATE: Jul. 11, 2022, 3:20 p.m. EDT This article was updated for clarity purposes. The research useWoman's tweet to bookstore's Twitter account ends in love story
LONDON -- The people behind corporate Twitter accounts are a mystery to us all. Witty, creative andPolice capture 'Pokémon Go' player crashing into a cop's car
We shouldn't have to say this, but don't play Pokémon Goand drive. The Baltimore Police DeparThese 9 Devices Might Be a Waste of Your Money
Sometimes it pays to buy slightly older devices in place of tempting deals on newly released tech. BGoogle TV is adding 50 free live channels. Here's the list.
If you use Android TV's successor Google TV, brace yourself: 50 free live channels are on their way.How NFC tags save me time
I refuse to have a smart home for many reasons, the most important of which is that I watched the DiDyson spent over 10 years developing the 360 eye robot vacuum. How does it rank?
Fifteen years is a long time to work on any product and it’s like a century when it comes to tYouTuber lets followers redecorate his bedroom via Twitter bot
Tech vlogger Michael Reeves doesn't know much about interior design, so he's letting his followers dSamsung's Galaxy S22 to launch in new Bora Purple color
Samsung is in love with the color purple, and the company decided to profess that love with a new veHacked emails show Democratic party hostility to Sanders, results in Schultz's ouster
UPDATE (4:30 p.m. ET, July 24, 2016): On Sunday afternoon, Debbie Wasserman Schultz announced she wi