US Homeland Security’s $6B Firewall Has More Than a Few Frightening Blind Spots

A firewall run by the Department of Homeland Security meant to detect and prevent nation-state hacks against the government functions ineffectively, according to a sanitized version of a secret federal audit.

EINSTEIN relies on patterns of attacks, called signatures, to spot suspicious traffic, but it does not scan for 94 percent of commonly known vulnerabilities or check web traffic for malicious content.

Those are two of the many failings uncovered in a damning public version of a “for official use only” Government Accountability Office report. In addition, the prevention feature of the system is only deployed at five of the 23 major nondefense agencies.

Lawmakers in November 2015 suggested the then-confidential audit of EINSTEIN, formally called the National Cybersecurity Protection System, or NCPS, would prove the hacker surveillance system is not governmentwide.

The newly released audit corroborates their views and points out other misaligned objectives and technologies in a $6 billion project DHS cannot say helps combat hackers, according to auditors.

“Until NCPS’ intended capabilities are more fully developed, DHS will be hampered in its abilities to provide effective cybersecurity-related support to federal agencies,” GAOdirector of information security issues, Gregory C. Wilshusen, and Nabajyoti Barkakati, director of the GAO Center for Technology and Engineering, said in the audit, which was released Thursday.

The auditors focused their study on the departments of Energy and Veterans Affairs, as well as the General Services Administration, the National Science Foundation and the Nuclear Regulatory Commission...

No comments:

Post a Comment