It almost seems like with each day we read about a new breach into the US government or how the agencies cyber security audits have run afoul of standards. Here we are again, this time the US Treasury’s intelligence network has been determined vulnerable to hacks after a Inspector Generals audit (emphasis added):
The Treasury Foreign Intelligence Network is used by U.S. spy agencies to share top-secret information and to keep tabs on the impact of sanctions against countries such asIran and Russia, as well as militant groups like Hezbollah.
The report, prepared in September 2014, gave no indication the foreign intelligence network had been hacked. But auditors found up to 29 percent of Treasury’s devices connected to the intelligence network did not meet federal cybersecurity standards.
“As a result … devices may not be protected with the most secure recommended configurations, increasing the risk of being compromised,” the Treasury’s Office of Inspector General (OIG) said.
A copy of the audit was obtained on Thursday through a U.S. Freedom of Information Act request. The Treasury did not respond to a request for comment.
The report comes to light following the revelation of the theft by hackers of millions of U.S. government personnel files. America’s intelligence chief has said that hack was linked toChina, although U.S. officials say the government does not plan to publicly blame Beijing.
Intelligence analysts use the Treasury’s system to identify overseas threats to America’seconomy and finances. Treasury Secretary Jack Lew said last year the prospect of a cyber attack on the U.S. financial system was a “real threat” to national security.
The Treasury’s intelligence system is also used to assess the economic disruption caused by U.S. sanctions on targeted countries, groups and individuals.
I never would have expected the US treasury to have access to a Top Secret network, much less a network the US intelligence community has access to as well.