US Treasury's intelligence network was susceptible to cyberattacks
Yet another government agency was found to have substandard cybersecurity measures in place after an internal audit -- worse, it exposed the organization's intelligence network to attacks. According to a late 2014 audit report obtained by Reuters, around 29 percent of the devices that connect to the US Treasury's Foreign Intelligence Network don't meet federal cybersecurity standards. Some of those are Windows computers that weren't properly configured, preventing the IT division from updating them on time and making sure they were secure. The country's spy agencies tap into that network to add info they want to share with each other and assess and detect international threats to America's economy. They also use it to keep track of what their peers know about militant groups and the effect of sanctions against organizations and countries like Iran and Russia.
Unlike what happened to the Office of Personnel Management, though, it seems like the auditors spotted the vulnerability before any hacker managed to advantage of it. The report that Reuters got didn't mention an attack or even hint that the network suffered a security breach, at least. It did say, however, that the agency was already patching up the security hole and was going to be finished by April 2015 (remember, the report was from 2014). That was corroborated by one of the agency's officials, who told Reuters that "since the release of the audit, Treasury has remedied this matter."
If you recall, OPM was attacked not once but twice in the past year. The hackers stole up to 20 million past and present federal workers' (even hopefuls who applied for positions but never got in) sensitive info, including SSNs and family history. It eventually led to the resignation of OPM director Katherine Archuleta who was severely criticized for her lack of tech and security experience.
[Image credit: Getty Images]
