U.S Treasury Intelligence Network was vulnerable to hacking



07/24/2015 1:59 PM


The Treasury Foreign Intelligence Network wherein officials routinely share top secret financial information and keep a tab on the impact of sanctions on countries and individuals, was vulnerable to remote hacking. As per S. Leslie Ireland, its top intelligence officer, the vulnerabilities have now been patched.



According to an audit conducted by the government, computers used by the U.S Treasury Departments, which are a backbone for U.S financial systems, are vulnerable to hacking and thus these computer systems need urgent hardening.
 
 
U.S security agencies routinely share top-secret information and keep a tab on the impact sanctions are having on countries such as Iran and Russia using the Treasury Foreign Intelligence Network. This network is also used to keep a tab on the financial dealings of terrorist organizations such as Pakistan based L.E.T and the likes of Hezbollah.
 
The Government audit of this financial network, prepared in September 2014, gave no clue as to whether any system was compromised and hacked. However, computer security auditors have found that 29% of devices used in the U.S Treasury Intelligence Network did not meet Federal cybersecurity standards.
 
"As a result ... devices may not be protected with the most secure recommended configurations, increasing the risk of being compromised," said the Treasury's Office of Inspector General.
 
When asked regarding the OIG Audit Report, an official from the Treasury said, that the issue the OIG had identified was a "minor issue on a very secure system."
 
He went to add, that "Since the release of the audit, Treasury has remedied this matter."
 
With the news that hackers have accessed the personnel filed of U.S Government employees, the OIG report hit the spotlight. Many of these cyberattacks, as per America's intelligence chief have been traced back to China. The U.S government though has not publicly blamed China for the attacks.
 
As per Jack Lew, the U.S Treasury Secretary, the prospect of a cyberattack on the U.S. financial system was a "real threat" to U.S national security.
 
Initially in 2004, the Foreign Intelligence Network was designed to be used by a limited number of personnel, but as America stepped up its global war on terror, the system had to accommodate many more users than it was designed for.
 
During an annual review conducted by OIG auditors on the computers of the U.S Treasury, they found that many computers using Microsoft Windows had not even been properly configured. This would naturally result in computers not being updated with security softwares, along with their servers and printers.
 
This is not the first time that auditors from OIG have reported vulnerabilities to the network used for top-secret purposes. In their 2008 audit report, the OIG found that the Treasury Foreign Intelligence Network was slow in upgrading a system and had relied on "antiquated hardware and software."
 
S. Leslie Ireland, the Treasury's top intelligence officer, has responded to the OIG audit report saying she agreed to its findings and that treasury officials were working closely to close the security gap and planned to finish that job by April 2015 – roughly six months after the audit.
 
References:
http://www.reuters.com/article/2015/07/24/us-cybersecurity-usa-treasury-idUSKCN0PX2KG20150724


More