Advertisements
The Latest:

Cyber-Disaster: Investigation finds Interior Dept. computers trying to ‘talk’ to Russia

(National SentinelCyber-Insecurity: Three years after U.S. investigators discovered the Chinese had hacked into Office of Personnel Management computers hosted on Interior Department servers and stolen the identities and security clearances of more than 22 current and former government workers, a new probe has found that the department’s computers are still unable to detect “some of the most basic threats,” including malware that is actively trying to make contact with Russian systems.

As reported by Fox News, the department’s Office of Inspector General has just completed a 16-month investigation into its ability to detect and respond to cyber-threats. Investigators found that the Interior Department’s technicians “simply did not implement a sweeping array of mandatory, government-wide defensive measures ordered up after the disastrous OPM hack, didn’t investigate blocked intrusion attempts, and left ‘multiple’ compromised computers on their network ‘for months at a time,'” Fox News reported, citing the IG’s redacted report, issued last month.

The most sensitive security clearance files have since been relocated to Pengaton computers. However, the IG’s office found, among other things, according to Fox News:

Live Fire Original

  • sensitive data at Interior could be taken out of the department’s networks “without detection.”
  • network logs showed that a computer at the U.S. Geological Survey, an Interior bureau, was regularly trying to communicate with computers in Russia. The messages were blocked, but “the USGS facilities staff did not analyze the alerts.”
  • dangerous or inappropriate behavior by network users — including the downloading of pornography and watching pirated videos on Russian and Ukrainian websites — was not investigated.
  • computers discovered to be infected with malware were scrubbed as soon as possible and put back into use—meaning little or no effort went into examining the scope and nature of any such threats to the broader network. This happened, the OIG team noted, with one intruder they discovered themselves.
  • simulated intrusions or ransomware attacks created by the examiners were carried out with increasing blatancy without a response—in the case of ransomware, for nearly a month.
  • After the devastating OPM hack, which was discovered in April 2015, the department didn’t even publish a lessons-learned plan for its staffers based on the disaster. The OIG inspectors reported that Interior started to draft an “incident response plan” that month to deal with future intrusions, but “did not publish it until August 2017”— two months after the OIG team had finished their lengthy fieldwork.
  • Distressingly, the report also notes that the department’s cybersecurity operations team was not privy to a list of Interior’s so-called “high-value IT assets” prepared by the Chief Information Officer, “due to its sensitive nature.” In other words, the people tasked with protecting Interior’s most important information sites were not told what they were.



The report noted that the important assets include “IT systems, facilities and data that are of particular interest to nation-state adversaries, such as foreign military and intelligence services.” They also often “contain sensitive data or support mission-critical Federal operations.”

To summarize, “there hasn’t been a lot done” following the massive OPM hack, an official in the Inspector General’s office told Fox News.

What’s more, the OIG official said, “it’s likely that the same tests at other [federal] agencies would yield the same results.”

One former congressman who was in office during the OPM hack was outraged.

“This is totally unacceptable and absurd,” Jason Chaffetz, former head of the House Committee on Oversight and Government Reform and current Fox News contributor said. His committee issued a deeply critical report on the OPM hack in 2016 regarding the system security lapses.

“With one good trip to Best Buy we might be better off,” he said.

As to why Russia may have placed malware on Interior’s computers, Fox News noted:

Interior’s nine bureaus may be best known for managing the nation’s national parks and vast land resources. But federal lands and waters also supply some 30 percent of U.S. oil and gas production, and the department’s bureau of reclamation is the country’s second-largest provider of electrical power. The U.S. Geological Survey monitors water resources and harvests satellite data on a global basis.

In addition, the Interior Department maintains information about the nation’s dams, geothermal, solar, and wind sources.

Never miss a single story! Sign up for our daily newsletter by clicking here!

Advertisements

Have something to say?

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: