House panel seeks results of computer security tests

A House subcommittee Friday asked 15 federal agencies to report how they have been testing and securing their computer systems from outside attack.

Under a law passed last year, agencies have to do their own security testing and hire an outside auditor to do "penetration testing," in which hackers are paid to try to break into a network.

Energy and Commerce Oversight and Investigations Subcommittee Chairman Jim Greenwood, R-Pa., signed the letter that asks for proof the 15 agencies are complying with that law.

The letter went to the Environmental Protection Agency, Food and Drug Administration, Federal Communications Commission and Federal Trade Commission, as well as the Centers for Disease Control and Prevention, Health Care Financing Administration, Office of the U.S. Trade Representative, National Highway Traffic Safety Administration, Nuclear Regulatory Commission, National Institutes of Health, Federal Energy Regulatory Commission, Consumer Product Safety Commission and the departments of Health and Human Services, Energy and Commerce.

In August, a congressional report found EPA's computers were "highly vulnerable to tampering." An Energy and Commerce Committee spokesman told the Associated Press that congressional investigators are testing the FDA's computers, and have asked the General Accounting Office to try to hack into the Commerce Department.