Tags: veterans affairs | cybersecurity | cyberattacks | GAO

GAO: Veterans Affairs Still Woefully Open to Cyberattacks

By    |   Wednesday, 19 Nov 2014 01:46 PM

The Department of Veterans Affairs has failed to take the steps necessary to protect private information, according to a new Government Accountability Office (GAO) report.

A series of cyberattacks in recent years have raised questions about VA computer security. In 2010, for example, attackers exploited weak technical controls to hack into the department’s information system.

In January, a software defect in the VA’s eBenefits system allowed users unimpeded access to other veterans’ information, compromising private data on 1,300 veterans or their dependents.

The GAO reported that the department has taken steps to correct some network vulnerabilities, and now must report to Congress each month on private data breaches. But it concluded that the Veterans Affairs Department had not done enough to protect its network from attack.

Following a 2012 cyberattack, the VA’s Network and Security Operations Center moved to correct network weaknesses exploited by hackers. But the GAO said the department could not demonstrate that its efforts had proven successful, because staffers couldn’t find a key "forensics analysis report" on the subject, Stars and Stripes reported.

"Without preserving such evidence, VA will be unable to demonstrate the effectiveness of its incident-response measures and may be hindered in assisting law enforcement agencies in investigating and prosecuting cybercrimes," GAO Information Security Issues Director Gregory Wilshusen said in testimony before the House Veterans Affairs Committee Tuesday, Stars and Stripes reported.

The GAO also faulted the department as slow to apply "patches" to correct known software vulnerabilities.

Through May of this year, it had failed to fix the top 10 critical vulnerabilities identified by its own security scans, despite the fact that in some cases the necessary patches had been available for several years, Stars and Stripes said.

© 2017 Newsmax. All rights reserved.

 
1Like our page
2Share
US
The Department of Veterans Affairs has failed to take the steps necessary to protect private information, despite a series of publicized cyberattacks, a new Government Accountability Office report states.
veterans affairs, cybersecurity, cyberattacks, GAO
284
2014-46-19
Wednesday, 19 Nov 2014 01:46 PM
Newsmax Inc.
 

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved