Featured eBooks
Open Season 2025 Guide
Health Tech
Space Trends
Insights & Reports
Access Management: Core to CISA’s Zero Trust Maturity Model 2.0
Presented By Carahsoft
Download Now
Identity Modernization for Government Service Excellence
Presented By Okta
Download Now
Magazine

More than one way to break in

any agency officials are paying attention to their organizations' Internet connections and taking steps to ensure that electronic mail and World Wide Web use don't compromise information security. But there are other ways invaders can gain access to systems.
M

During extensive tests at the State Department in 1996 and 1997, General Accounting Office investigators, with assistance from a major accounting firm, succeeded in breaking into State networks by dialing in from modems. The investigators also thwarted building security and walked into areas where there were unattended computers and servers. A user identification and password were taped to one computer.

Once inside State's networks, GAO reported, "we were able to access sensitive information. In addition, we could have performed system administration actions that would have allowed us to download, delete and modify these data, add new data, shut down servers and monitor network traffic." The systems GAO penetrated held performance appraisals, international financial data, travel arrangements, e-mail and passwords, it said in the report, "Computer Security: Pervasive Serious Weaknesses Jeopardize State Department Operations."

As its title suggests, the report is highly critical of State for neglecting most aspects of security. The one area where GAO found adequate information security measures in place was, of all things, the Internet.

NEXT STORY: Top 200 Contractors 1998<br /> Top Travel Vendors