Chris Brook of Threatpost writes:
Like the Office of Personnel Management before it, the Department of Education has failed to heed repeated warnings that its systems contain multiple weaknesses. In a House Committee on Oversight and Government Reform hearing held this week, Congressman and committee chair Jason Chaffetz (R-Utah) excoriated Danny Harris [YouTube video; 6:40], the department's Chief Information Officer, over some of those weaknesses for nearly two hours.
Most of the hearing was based around a report released last Friday by the Office of Inspector General's (OIG) Kathleen Tighe.
To illustrate just how poorly protected the department's systems are, Tighe claims in one part of the report that OIG testers "were able not only to gain full access to the Department's network, but also to use this access to pivot from this entry point and launch attacks on other systems connected to the Department, all undetected."
The full (1:49:49) review is available on YouTube.
(Score: 3, Interesting) by Runaway1956 on Saturday November 21 2015, @05:07AM
Seriously, which agency isn't vulnerable? Reading the news over the past couple decades, it seems that every agency at the state, local, and federal levels has been hacked multiple times. This article suggests that maybe education is the sloppiest agency at the moment, but come on - they all get hacked!
One of the most ironic cases of insecure computers, was the Royal Navy's submarine fleet.
http://www.telegraph.co.uk/technology/news/4289158/Computer-virus-disrupts-Royal-Navy-email-and-internet.html [telegraph.co.uk]