1 min read

US Homeland Security systems run on outdated, unpatched software, audit finds

Luana PASCU

March 08, 2018

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
US Homeland Security systems run on outdated, unpatched software, audit finds

The US Department of Homeland Security is pretty bad at digitally protecting national security interests, says an audit report released on March 7 by the agency”s watchdog, the Office of Inspector General (OIG).

According to the findings, the agency is working with systems running on old, outdated software that haven”t had a security patch in five years. For example, some systems were still running un-patched Flash, anonymous users had access to shared network drives and user emails could be easily manipulated because exchange folders were indexed in cache mode.

“Windows 2008 and 2012 operating systems were missing security patches for Oracle Java, an unsupported version of Internet Explorer, and a vulnerable version of Microsoft”s Sidebar and Gadgets applications,” the report says. “Some of the missing security patches dated back to July 2013.”

On top of that, workstations using Windows 8.1 and 7 did not have the WannaCry security patch.

As many as 64 vulnerable systems were detected in the network, including 16 that contained national security classified documents. Without immediate measures to secure critical systems, top secret data could be leaked or exposed to other risks, including unauthorized alteration or destruction.

But this is not the only obstacle DHS faces in achieving more effective system and network protection. The biggest concern is that the US government lacks the qualified workforce needed to meet cybersecurity requirements, because too few specialists ARE on the market in general.

DHS is not the only agency to suffer from the skill gap; the Coast Guard and Secret Service also lack the proper security training and mechanisms to protect their data FROM cybersecurity threats. Even though Microsoft no longer offers support for Windows Sever 2003, the three organizations were still using it at the time of the report.

“Until DHS overcomes challenges to addressing its systemic information security weaknesses, it will remain unable to ensure that its information systems adequately protect the sensitive data they store and process,” says the report.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chinese criminals scam kids desperate to play games for more than three hours a week Chinese criminals scam kids desperate to play games for more than three hours a week
Graham CLULEY

August 12, 2022

2 min read
Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach
Silviu STAHIE

August 09, 2022

1 min read
Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down
Silviu STAHIE

August 05, 2022

1 min read