Right Now
Feb 04 2014
Dr. Coburn Releases New Report on Cybersecurity
(WASHINGTON, D.C.) – U.S. Senator Tom Coburn, M.D. (R-OK), ranking member of the Homeland Security and Governmental Affairs Committee, today released a new report: “The Federal Government’s Track Record on Cybersecurity and Critical Infrastructure.” The report details serious vulnerabilities in the government’s efforts to protect its own civilian computers and networks, and the critical, sensitive information they contain. The report notes that “Since 2006, the federal government has spent at least $65 billion on securing its computers and networks, according to an estimate by the Congressional Research Service.”
“Weaknesses in the federal government’s own cybersecurity have put at risk the electrical grid, our financial markets, our emergency response systems and our citizens’ personal information,” Dr. Coburn said. “While politicians like to propose complex new regulations, massive new programs, and billions in new spending to improve cybersecurity, there are very basic – and critically important – precautions that could protect our infrastructure and our citizens’ private information that we simply aren’t doing.”
The report compiles problems identified in over 40 audits, investigations and reviews by agency Inspectors General, the Government Accountability Office and others. In many cases, simple fixes like using stronger passwords, and applying patches and updates in a timely manner, would fix critical vulnerabilities.
“More than a decade ago, Congress passed a law making the White House responsible for securing agency systems. It’s still not happening,” Dr. Coburn added. “They need to step up to the job, and Congress needs to hold the White House and its agencies accountable.”
The report highlights numerous government cyber failures, including:
- Last February, hackers broke into the U.S. Emergency Alert System and broadcast warnings of zombie attacks to several U.S. cities.
- Internal Revenue Service computers were been found to have literally thousands of serious vulnerabilities because critical software patches have not been installed.
- In 2012, the Securities and Exchange Commission mishandled and potentially exposed critically sensitive information, including diagrams of how to hack into trading exchanges.
To read the full report, click here.
CRS Memo on FISMA spending here.
###