As reported by BleepingComputer, a report issued by the U.S. Government Accountability Office (GAO), states that Federal Reserve Bank (FRB) systems are exposed to an increased risk of unauthorized access because of security weaknesses found in the U.S. Treasury Department’s computing systems. These security weaknesses included the information systems used by the Treasury Department to keep track of and otherwise manage the federal debt.
Experts Comments Below:
Steven Rogers, CEO at Centripetal:
“There’s not a clear indication yet of what the vulnerability was. It could be something as simple as a bad password, or some other server update that wasn’t done, allowing unauthorized access to malware. We just don’t know.
However, all of these systems should employ more advanced intelligence in their security stacks. For example, external threat intelligence-based and internal rule-based systemsare increasingly used by enterprises to protect themselves, and reduce security team burdens and discovery times (as well as the organization’s dependence on its teams). They shouldn’t wait for a vulnerability to be exposed before doing anything. With the aforementioned technologies in place, the practical effect of a vulnerability would be mitigated. The agency should still find and fix potential vulnerabilities, but if these protective systems are in place, the attacker will be stopped anyway.
It’s great that an audit found this key vulnerability. However, well-designed network security systems should already employ both internal and external protective technologies to prevent successful attackers from stealing data. These new protective systems, such as Threat Intelligence Gateways, can protect the enterprise from yet unknown vulnerabilities, long before an audit finally discovers them.”
Bob Noel, VP, Strategic Partnerships at Plixer:
“Governance frameworks and their associated audit processes are done to provide independent oversight for organizations, with an intended result of improved security processes. The system works well when appropriate follow-up occurs, but it breaks when organizations fail to act upon identified deficiencies. Recent independent audits of the Federal Reserve System (commissioned by the US Government Accountability Office) and of the Pentagon (performed by The Defense Department Inspector) showed that deficiencies identified in previous audits had not yet been remediated. In the case of the Pentagon, the number was alarming; only 19 of 159 recommended actions had been taken. Although this is concerning, it is not uncommon. What this information demonstrates is that every organization operates with known vulnerabilities every day. It is only a matter of time for these vulnerabilities to be exploited. In other words, security incidents are inevitable. To reduce the risks, every organization must be monitoring their network traffic for the anomalous behaviors. Network Traffic Analytics platforms are key to monitoring every digital transaction for the tell-tale signs of a breach. They mine the infrastructure for metadata, allowing the existing network to tell the story.”
Todd Peterson, IAM evangelist at One Identity:
“Without knowing the root weakness in this particular case, it is fair to assume that it makes authentication too easy for bad actors and authorisation is too broad to adequately control this access. Just like any other security programme, effective Identity and Access Management will mitigate most of these risks and effective Privileged Account Management will lock down the systems so that even if a bad actor gains access, they are ineffective with that access. And multi-factor authentication is always a good idea to make it harder for attackers to gain a foothold in the organisation.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.