Many government databases have pathetic cybersecurity—leaving Americans vulnerable.
You may remember that time and again, among the many other problems with Healthcare.gov, we had to point out the lack of security in the website. Even when fixes were put in place to make the website operational, security was not addressed. In fact, the government was given repeated warnings about the lack of security; rather than fix it the bureaucrats engaged in cover-ups. It turns out that the government has had similar problems with past healthcare websites.
According to a recent Washington Times story, that is only the tip of the iceberg.
Even though there have been at least two dozen mass breaches of government computer systems since 2013, many federal agencies continue to have a lax culture and poor security provisions to repel the growing threat from hackers and cyberattacking states such as Russia, Iran and China, internal investigative reports show.
From the State Department to the Transportation Department, internal inspectors general have flagged, over the last few months, widespread vulnerabilities while noting that prior security recommendations have gone unheeded, the reports reviewed by The Washington Times show.
One of the nation’s premier cybersecurity experts said the ugly truth is that the U.S. government hasn’t done much more than private industry to fortify itself against the growing threat of cyberwarfare.
“It would be wrong to suspect that the federal government is any better at this than the private sector. They aren’t necessarily worse; they are about the same,” said Paul Rosenzweig, a former top Department of Homeland Security policy aide and now a visiting fellow at the Heritage Foundation.
The think tank recently released a report documenting at least 23 publicly disclosed computer system breaches at federal agencies. And experts say the actual number is likely much higher, with some breaches never disclosed.
Ignoring documented problems seems like a problem caused by apathy.
We constantly hear that the government is supposed to lead the way and make sure companies are protected from cyber-attacks. If they can’t secure their own databases, then how can we expect them to protect us?