1 min read

US Homeland Security systems run on outdated, unpatched software, audit finds

Luana PASCU

March 08, 2018

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
US Homeland Security systems run on outdated, unpatched software, audit finds

The US Department of Homeland Security is pretty bad at digitally protecting national security interests, says an audit report released on March 7 by the agency”s watchdog, the Office of Inspector General (OIG).

According to the findings, the agency is working with systems running on old, outdated software that haven”t had a security patch in five years. For example, some systems were still running un-patched Flash, anonymous users had access to shared network drives and user emails could be easily manipulated because exchange folders were indexed in cache mode.

“Windows 2008 and 2012 operating systems were missing security patches for Oracle Java, an unsupported version of Internet Explorer, and a vulnerable version of Microsoft”s Sidebar and Gadgets applications,” the report says. “Some of the missing security patches dated back to July 2013.”

On top of that, workstations using Windows 8.1 and 7 did not have the WannaCry security patch.

As many as 64 vulnerable systems were detected in the network, including 16 that contained national security classified documents. Without immediate measures to secure critical systems, top secret data could be leaked or exposed to other risks, including unauthorized alteration or destruction.

But this is not the only obstacle DHS faces in achieving more effective system and network protection. The biggest concern is that the US government lacks the qualified workforce needed to meet cybersecurity requirements, because too few specialists ARE on the market in general.

DHS is not the only agency to suffer from the skill gap; the Coast Guard and Secret Service also lack the proper security training and mechanisms to protect their data FROM cybersecurity threats. Even though Microsoft no longer offers support for Windows Sever 2003, the three organizations were still using it at the time of the report.

“Until DHS overcomes challenges to addressing its systemic information security weaknesses, it will remain unable to ensure that its information systems adequately protect the sensitive data they store and process,” says the report.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chrome 96 Gets 22 More Security Fixes with New Incremental Update Chrome 96 Gets 22 More Security Fixes with New Incremental Update
Filip TRUȚĂ

December 08, 2021

1 min read
Most Employees Believe Passwords Affect Their Productivity, Research Finds Most Employees Believe Passwords Affect Their Productivity, Research Finds
Silviu STAHIE

December 06, 2021

1 min read
US State Department iPhones Infected with Pegasus Spyware – Report US State Department iPhones Infected with Pegasus Spyware – Report
Filip TRUȚĂ

December 06, 2021

2 min read