Windows 10 News and info | Forum
April 20, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: U.S. Federal Reserve System Exposed to Increased Risk of Unauthorized Access  (Read 37 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 29912


I Do Windows


WWW Email
« on: March 27, 2019, 10:30:17 AM »
ReplyReply

Federal Reserve Bank (FRB) systems are exposed to an increased risk of unauthorized access because of security weaknesses found in the U.S. Treasury Department's computing systems according to a management report issued by the U.S. Government Accountability Office (GAO).

GAO used "an independent public accounting (IPA) firm, under contract, to assist with information system testing, including follow-up on the status of FRBs’ corrective actions to address control deficiencies contained in our prior years’ reports that were not remediated as of September 30, 2017."

As part of its audit for the fiscal year that ended on September 30, 2018, performed an extensive review of all computing system controls over key financial systems maintained and operated by FRBs connected to the Schedule of Federal Debt.

As explained by GAO:

Quote
This year our audit found new weaknesses in the security of the information systems that the Treasury Department uses to keep track of and otherwise manage the debt—including one in a Federal Reserve Bank system that Treasury relies on. This new weakness, along with some unresolved earlier ones, could lead to an increased risk of unauthorized access to Federal Reserve Bank systems.

One new and two continuing security weaknesses found by GAO

During the fiscal year 2018 audit, GAO found "one new information system general control deficiency" affecting configuration management which is designed to block unauthorized or untested modifications to critical information on computing systems.

GAO also discovered two not yet addressed deficiencies found in the prior year in information system controls over key financial systems, operated by FRBs and also relevant to the Schedule of Federal Debt.

Fiscal Service's information system controls were also found to contain deficiencies which, when taken into account with previously unearthed unresolved control deficiencies, collectively classify as a significant flaw in internal control over Schedule of Federal Debt's financial reporting.

According to GAO, "Until these new and continuing control deficiencies are fully addressed, there will be an increased risk of unauthorized access to, modification of, or disclosure of sensitive data and programs."

Federal Reserve Bank currently addressing the found deficiencies

In response to the audit's findings and recommendations, the Board of Governors of the Federal Reserve System stated that FRB management is "currently addressing the new and continuing information system general control deficiencies" impacting Treasury Department's computing systems during the last fiscal year.

As further detailed in GAO's "Areas for Improvement in the Federal Reserve Banks’ Information System Controls" management report, the agency will follow up to learn of the status of the corrective procedures undertaken to rectify the deficiencies it found during the audit.

As previously reported by BleepingComputer in January, GAO released a report last year which demonstrated how poorly 23 federal civilian agencies secured their systems, with the U.S. government having to get a quick handle on the same cybersecurity issues it had to address in 2018 since, in the case of some state agencies, subpar performance is anticipated for years to come.

In a previous report issued by the Office of Inspector General (OIG), the Department of Defense (DoD) was also shown to be still lacking when it comes to the speed of addressing cybersecurity recommendations designed to reduce security risks affecting the Pentagon's network, with 266 unresolved issues dating as far as 2008 being discovered during an extensive audit.

Similar findings were also detailed in a report regarding the Audit of the DoD FY 2018 Financial Statements, where the DoD OIG said that "Across multiple DoD Components, auditors found significant control deficiencies regarding IT systems."

source
« Last Edit: March 27, 2019, 01:20:52 PM by javajolt » Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page April 12, 2019, 01:19:56 AM