The U.S. Department of Homeland Security is having some homeland cyber security issues on its systems providing remote access to telecommuters, according to a newly-released report by the DHS Inspector General’s office. Earlier this year security auditors armed with ISS’s Internet Scanner, @stake’s L0phtCrack and Sandstorm Enterprises’ PhoneSweep 4.0 spent five months probing hosts, attacking passwords and war dialing the Department. They found that some of the hosts designed to allow home workers and other trusted users access to DHS networks by modem or over the Internet lacked the authentication measures called for by official NIST guidelines and recommendations by the National Security Agency, like minimum password lengths and password aging. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.