Washington still doesn’t get cybersecurity ADVERTISING Washington still doesn’t get cybersecurity The U.S. government should protect personal information about its employees and citizens as if it were gold. Sadly, cyberthieves routinely are carrying digital bullion out of federal computers these
Washington still doesn’t get cybersecurity
The U.S. government should protect personal information about its employees and citizens as if it were gold. Sadly, cyberthieves routinely are carrying digital bullion out of federal computers these days. Fort Knox, this isn’t.
Among the latest cringeworthy heists is the theft of records involving at least 22.1 million federal employees, job applicants, contractors and their family members from databases at the Office of Personnel Management. In two separate breaches, Social Security numbers, details gleaned from security-clearance background checks and even fingerprints were stolen.
Federal officials repeatedly have said outdated “legacy” computer systems are to blame. They also point out the private sector also has a problem keeping a tight grip on Social Security numbers and other sensitive data.
Those excuses and look-over-there tactics are wearing thin. According to the Government Accountability Office, 19 of 24 major federal agencies identified cybersecurity as a “significant deficiency” or “material weakness.”
They’re not exaggerating — the number of security breaches at federal offices involving personal information hit 27,624 in fiscal year 2014. That is more than double the figure from five years earlier. …
National security hawks in Washington have insisted they need a “back door” into software and hardware produced by the private sector. They want law enforcement agencies to be able to bypass passwords and encryption when they deem it necessary to protect public safety.
That built-in security flaw is just the sort of weakness hackers could exploit. Moreover, seeing as the federal government cannot protect its own sensitive information, how well would it protect everyone else’s? …
The Obama administration and Congress need to quit talking about significant deficiencies and material weaknesses in their digital assets and find the funding — and the expertise — to shore up the federal government’s vast computer systems.
— The Kansas City Star
Killings followed failed gun check
The FBI acknowledged a tragic and inexcusable failure in the federal background check system that enabled the suspect in the killings of nine African-Americans in Charleston, S.C., to buy a gun.
The admission by 21-year-old Dylann Roof to possessing illegal drugs when he was detained by police in February should have barred him from buying the weapon. The examiner of Roof’s federal background check did not see the police report because the wrong arresting agency was listed in the database. …
In this case, a .45-caliber pistol was sold to Roof by a South Carolina gun store April 16, three days after the FBI began to process the background check. That gun was linked to the attack in Emanuel African Methodist Episcopal Church in Charleston.
Predictably, FBI Director James Comey’s revelations put both sides in the gun-control debate in attack mode. Gun control advocates asserted the country needs better and wider controls and checks. The gun rights lobby proclaimed the futility of such measures to stop crime and gun violence.
The gun crowd has a point: Any system with flawed execution is practically worthless.
At a minimum, the nation needs to fix problems in the current system. …
We won’t hold our breath while we wait for Congress to act.
— Pittsburgh Post-Gazette