Network Security Breaches at Federal Agencies Jump 650% in Five Years
Security incidents at federal agencies have soared 650 percent over the past five years, according to a report from the Government Accountability Office.
In the past five years, the number of reported events has grown from 5,503 in 2006 to 41,776 in 2010, federal auditors wrote in a Government Accountability Office report released Oct. 3. The GAO compiled the report based on information from security-related reports and data from 24 federal agencies and departments that were collected between September 2010 and October 2011.
Nearly 30 percent of incidents involved malware infections, making it the most prevalent cyber-event, the report found. Other common issues included violations of acceptable use policies and intrusions into networks, applications and other data resources.
"Of the 24 major agencies, none had fully or effectively implemented an agency-wide information security program," Gregory C. Wilshusen, GAO director for information security issues, wrote in the report.
Agencies are vulnerable to cyber-attack and other security issues because they have failed to implement proper security controls, GAO auditors wrote. Agencies do not always adequately train system security personnel, regularly monitor safeguards, fix vulnerabilities or resolve incidents in a timely manner when they do occur, according to the report. These problems leave the departments vulnerable to both external and internal threats, Wilshusen said.
"As long as agencies have not fully and effectively implemented their information security programs, including addressing the hundreds of recommendations that we and inspectors general have made, federal systems will remain at increased risk of attack or compromise," wrote Wilshusen.
The audit found that the Internal Revenue Service does not block employees from accessing databases not required for their jobs. As a result, financial and taxpayer information "remain unnecessarily vulnerable" to insider threats. The fact that any employee has access to the systems means there is an increased risk of "unauthorized disclosure, modification or destruction," the report said.