1 min read

US Homeland Security systems run on outdated, unpatched software, audit finds

Luana PASCU

March 08, 2018

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
US Homeland Security systems run on outdated, unpatched software, audit finds

The US Department of Homeland Security is pretty bad at digitally protecting national security interests, says an audit report released on March 7 by the agency”s watchdog, the Office of Inspector General (OIG).

According to the findings, the agency is working with systems running on old, outdated software that haven”t had a security patch in five years. For example, some systems were still running un-patched Flash, anonymous users had access to shared network drives and user emails could be easily manipulated because exchange folders were indexed in cache mode.

“Windows 2008 and 2012 operating systems were missing security patches for Oracle Java, an unsupported version of Internet Explorer, and a vulnerable version of Microsoft”s Sidebar and Gadgets applications,” the report says. “Some of the missing security patches dated back to July 2013.”

On top of that, workstations using Windows 8.1 and 7 did not have the WannaCry security patch.

As many as 64 vulnerable systems were detected in the network, including 16 that contained national security classified documents. Without immediate measures to secure critical systems, top secret data could be leaked or exposed to other risks, including unauthorized alteration or destruction.

But this is not the only obstacle DHS faces in achieving more effective system and network protection. The biggest concern is that the US government lacks the qualified workforce needed to meet cybersecurity requirements, because too few specialists ARE on the market in general.

DHS is not the only agency to suffer from the skill gap; the Coast Guard and Secret Service also lack the proper security training and mechanisms to protect their data FROM cybersecurity threats. Even though Microsoft no longer offers support for Windows Sever 2003, the three organizations were still using it at the time of the report.

“Until DHS overcomes challenges to addressing its systemic information security weaknesses, it will remain unable to ensure that its information systems adequately protect the sensitive data they store and process,” says the report.

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Malware Posing as Ransomware Responsible for Ukraine Cyberattack Malware Posing as Ransomware Responsible for Ukraine Cyberattack
Silviu STAHIE

January 17, 2022

2 min read
Russian Authorities Cuff Last Remaining REvil Suspects Russian Authorities Cuff Last Remaining REvil Suspects
Filip TRUȚĂ

January 17, 2022

2 min read
Android 12 protects phones from Stingray attacks, lets users disable 2G Android 12 protects phones from Stingray attacks, lets users disable 2G
Radu CRAHMALIUC

January 14, 2022

1 min read