05:06 GMT +324 January 2019
Listen Live
    US Department of Homeland Security

    Secret Federal Audit Reveals Gaping Holes in Homeland Security’s Security

    CC BY 2.0 / killbox
    Get short URL

    The National Cybersecurity Protection System (NCPS), EINSTEIN, has some massive flaws with its security according to a recent audit.

    The firewall, run by the Department of Homeland Security (DHS) to protect their computers, does not scan for approximately 94% of common computer vulnerabilities, but that is not all, Defense One reports. EINSTEIN apparently also does not check for malicious content in web traffic.

    While the complete results of the Government Accountability Office (GAO) federal audit are secret, a public version containing some findings was released on Thursday.

    “Until NCPS’ intended capabilities are more fully developed, DHS will be hampered in its abilities to provide effective cybersecurity-related support to federal agencies,” GAO director of information security issues, Gregory C. Wilshusen, and Nabajyoti Barkakati, director of the GAO Center for Technology and Engineering, wrote in the audit findings.

    The audit of EINSTEIN was ordered by lawmakers in 2015 in an effort to prove that the system is not run across all government agencies. The results proved that the concerns were warranted, finding that EINSTEIN is only run at five of the 23 major nondefense agencies.

    The $6 billion EINSTEIN cybersecurity program is intended to protect against online-based threats to the country’s networks, but the audit found that the DHS-sponsored program failed to protect against advanced persistent threats.

    The DHS defended EINSTEIN, asserting that the firewall is only one layer of protection in a multi-layer system.

    Defense One reported that EINSTEIN was able to flag, to some extent, only 6% of all the security bugs tested, or 29 out of 489 known vulnerabilities.


    Crime-Related Threats Not Enough to Obtain Asylum in US - DHS
    Claims of DHS Misconduct to Illegal Aliens Attacked as 'Witch Hunt' - NGO
    Former NSA, DHS Heads Think Requiring Crypto Backdoors a 'Mistake'
    China, US Differ in Fundamental Understanding of Cybersecurity - DHS
    US House Republicans Need to Pass DHS Funding Before Deadline - White House
    Cyber Security, EINSTEIN, Government Accountability Office, DHS
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik