So while wandering around itsecurity.com, I found a very important blog post that relates to literally every single American citizen. The IRS is leaving our tax information vulnerable for attack by hackers. The Treasury Inspector General for Tax Administration requests that the IRS boosts their security policies, because an expert and experienced hacker can steal and use tax payers information just by tapping into the IRS’s database. Over 300 million tax records are stored in the government for their personal use and if their security standards are not increased, these records can be accessed and there will be some pretty upset taxpayers. According to the article investigators found that of the 374 accounts for IRS employees and contractors with access to perform system administration duties, 141 accounts were expired or were not properly authorized.
The IRS lacks security in many different areas. For example they have no central and main security agency to watch over the everyday operation of their systems. Also, They use weak passwords, they do not delete inactive accounts for employees or contractors that do not work for the government anymore, and lastly the agency allows user and administrator login information to be transmitted without encryption, fails to install patches in a timely matter, and ineffectively verifies that even the most basic security actions are complete. According to the Government Accountability Office (GAO), in 2008, the GAO identified 89 weaknesses and deficiencies in the IRS, but only resolved 69 percent of them. The GAO quotes firmly, “Information security weaknesses — both old and new — continue to impair the agency’s ability to ensure the confidentiality, integrity, and availability of financial and taxpayer information.”