(National Sentinel)Â Cyber-Insecurity: Three years after U.S. investigators discovered the Chinese had hacked into Office of Personnel Management computers hosted on Interior Department servers and stolen the identities and security clearances of more than 22 current and former government workers, a new probe has found that the department’s computers are still unable to detectÂ â€œsome of the most basic threats,” including malware that is actively trying to make contact with Russian systems.
As reported byÂ Fox News, the department’s Office of Inspector General has just completed a 16-month investigation into its ability to detect and respond to cyber-threats. Investigators found that the Interior Department’s technicians “simply did not implementÂ a sweeping array of mandatory, government-wide defensive measures ordered up after the disastrous OPM hack, didnâ€™t investigate blocked intrusion attempts, and left ‘multiple’ compromised computers on their network ‘for months at a time,'”Â Fox News reported, citing the IG’s redacted report, issued last month.
The most sensitive security clearance files have since been relocated to Pengaton computers. However, the IG’s office found, among other things, according toÂ Fox News:
- sensitive data at Interior could be taken out of the departmentâ€™s networks â€œwithout detection.â€
- network logs showed that a computer at the U.S. Geological Survey, an Interior bureau, was regularly trying to communicate with computers in Russia. The messages were blocked, but â€œthe USGS facilities staff did not analyze the alerts.â€
- dangerous or inappropriate behavior by network users â€” including the downloading of pornography and watching pirated videos on Russian and Ukrainian websites â€” was not investigated.
- computers discovered to be infected with malware were scrubbed as soon as possible and put back into useâ€”meaning little or no effort went into examining the scope and nature of any such threats to the broader network. This happened, the OIG team noted, with one intruder they discovered themselves.
- simulated intrusions or ransomware attacks created by the examiners were carried out with increasing blatancy without a responseâ€”in the case of ransomware, for nearly a month.
- After the devastating OPM hack, which was discovered in April 2015, the department didnâ€™t even publish a lessons-learned plan for its staffers based on the disaster. The OIG inspectors reported that Interior started to draft an â€œincident response planâ€ that month to deal with future intrusions, but â€œdid not publish it until August 2017â€â€” two months after the OIG team had finished their lengthy fieldwork.
- Distressingly, the report also notes that the departmentâ€™s cybersecurity operations team was not privy to a list of Interiorâ€™s so-called â€œhigh-value IT assetsâ€ prepared by the Chief Information Officer, â€œdue to its sensitive nature.â€Â In other words, the people tasked with protecting Interiorâ€™s most important information sites were not told what they were.
The report notedÂ that the important assets include â€œIT systems, facilities and data that are of particular interest to nation-state adversaries, such as foreign military and intelligence services.â€ They also often â€œcontain sensitive data or support mission-critical Federal operations.â€
To summarize, â€œthere hasnâ€™t been a lot doneâ€ following the massive OPM hack, an official in the Inspector Generalâ€™s office told Fox News.
What’s more, the OIG official said, â€œitâ€™s likely that the same tests at other [federal] agencies would yield the same results.â€
One former congressman who was in office during the OPM hack was outraged.
â€œThis is totally unacceptable and absurd,â€ Jason Chaffetz, former head of the House Committee on Oversight and Government Reform and currentÂ Fox News contributor said. His committee issued a deeply critical report on the OPM hack in 2016 regarding the system security lapses.
â€œWith one good trip to Best Buy we might be better off,” he said.
As to why Russia may have placed malware on Interior’s computers,Â Fox News noted:
Interiorâ€™s nine bureaus may be best known for managing the nationâ€™s national parks and vast land resources. But federal lands and waters also supply some 30 percent of U.S. oil and gas production, and the departmentâ€™s bureau of reclamation is the countryâ€™s second-largest provider of electrical power. The U.S. Geological Survey monitors water resources and harvests satellite data on a global basis.
In addition, the Interior Department maintains information about the nation’s dams, geothermal, solar, and wind sources.
Never miss a single story! Sign up for our daily newsletter by clicking here!