SoylentNews

chromas [soylentnews.org] writes:

Chris Brook of Threatpost writes [threatpost.com]:

Like the Office of Personnel Management before it, the Department of Education has failed to heed repeated warnings that its systems contain multiple weaknesses. In a House Committee on Oversight and Government Reform hearing held this week, Congressman and committee chair Jason Chaffetz (R-Utah) excoriated Danny Harris [youtube.com] [YouTube video; 6:40], the department’s Chief Information Officer, over some of those weaknesses for nearly two hours.

Most of the hearing was based around a report released last Friday by the Office of Inspector General’s (OIG) Kathleen Tighe.

To illustrate just how poorly protected the department’s systems are, Tighe claims in one part of the report that OIG testers “were able not only to gain full access to the Department’s network, but also to use this access to pivot from this entry point and launch attacks on other systems connected to the Department, all undetected.”

The full (1:49:49) review is available on YouTube [youtube.com].

Original Submission