Report Says Interior Dept. Failed to Secure Network
Brian Krebs writes on The Washington Post:
Years after the Interior Department was warned that its computer network was dangerously exposed to hackers and was ordered by a federal judge to fix the problem, the vulnerabilities remained, to the point that the department probably could not tell if outsiders had gained access to its data, according to a newly disclosed internal report.More here.
The report was written last spring by Interior's then-inspector general, Earl A. Devaney, but it became public only Wednesday, when it was filed with a federal appeals court as part of a decade-old, multibillion-dollar lawsuit by Native Americans against the federal government.
"It is unfathomable anyone could give assurance the Department's network is secure," Devaney wrote, adding that the department had "persistently failed to meet minimum standards in information security."
"According to the Department's own analysis, nearly 70% of the network traffic leaving the Department through a single one of its Internet gateways during the month of January 2008 was bound for known hostile countries and the Department lacked the capability to even determine what the traffic was," the report reads.
The report by Devaney appears to challenge statements Interior officials made last summer in federal court that the department's computer network security had been sufficiently improved.