Passwords written down on desks. Outdated anti-virus software. “Perceived ineptitude” in information technology departments.
The federal government, which holds secrets and sensitive information ranging from nuclear blueprints to the tax returns of hundreds of millions of Americans, has for years failed to take basic steps to protect its data from hackers and thieves, records show.
In the latest example, the Office of Personnel Management is under fire for allowing its databases to be plundered by suspected Chinese cyberspies in what is being called one of the worst breaches in U.S. history. OPM repeatedly neglected to implement basic cybersecurity protections, its internal watchdog told Congress.
But the departments of Treasury, Transportation, State and Health and Human Services have significantly worse records, according to the most recent administration report to Congress under the Federal Information Security Management Act. Each of those agencies has been hacked in the last few years.
“Last year, across government, we the American people spent almost $80 billion on information technology, and it stinks,” said Rep. Jason Chaffetz, R-Utah, chairman of the House Oversight and Government Reform Committee. “It doesn’t work.”
Congress can hardly escape all blame. While President Barack Obama’s latest budget plan called for a $14 billion increase for cyberdefenses, the House proposed a budget in March that didn’t include specific funding for cybersecurity. Nor has Congress imposed much accountability on agencies that suffer breaches.
Full Story @ [matthewaid]