According to a recent government report, multiple government agencies have demonstrated extremely poor security practices, even while handling sensitive data. While this in itself is not surprising, the sheer vulnerability of our government’s network should concern the entire population of the US.
Several of the included agencies are The Nuclear Regulatory Commission, the FCC, and the Department of Homeland Security. Security flaws found include: poor or default passwords set, out of date programs and anti-virus definitions, using programs/services that have known security vulnerabilities, not properly implementing any form of physical security (ie. allowing passwords to be written down, allowing government machines to be connected to personal networks), as well as several other unique cases.
Nearly all of the listed vulnerabilities are a direct result from poor training and poor management, rather than complex, directed attacks. With a government that has cyber warfare on it’s mind, at least the most basic steps should be taken to protect the sensitive data that each agency controls. Instead, it appears that multiple agencies within our government have only been able to stumble about and create vulnerabilities, rather than patch them.