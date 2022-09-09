Connect with us

US citizenship systems vulnerable to 'major' malicious cyberattacks, says Homeland Security watchdog

The Biden Administration Has Been Scrambling To Bolster Cyber Defenses After A Series Of Ransomware Attacks Last Summer. (Reuters/Dado Ruvic/Illustration)
EXCLUSIVE: The Department of Homeland Security’s inspector general said sensitive data held by U.S. Citizenship and Immigration Services systems could be vulnerable to cyberattacks by malicious actors, saying gaps in computer security of the agency could “limit” the ability of DHS to “overcome a major cybersecurity incident.”

Fox News Digital has exclusively obtained the report from DHS Inspector General Joseph Cuffari. The Office of Inspector General advised USCIS of the findings and recommendations to improve controls to restrict unauthorized access to its systems and information.

“USCIS failed to take all necessary steps to ensure privileged user access was appropriate and failed to adequately manage and monitor service account access,” the report said, adding that USCIS also failed to implement required security settings and updates to computer systems and workstations to help reduce the impact if access control weaknesses were exploited.

WHITE HOUSE HOSTS GLOBAL ANTI-RANSOMWARE MEETING; RUSSIA NOT INVITED

The inspector general warned in the report that gaps in USCIS’ access control “increase its attack surface and the potential opportunities for malicious actors to launch a cyberattack.”

The inspector general also said that until the deficiencies are fully corrected, DHS may be limited in its ability to “overcome a major cybersecurity incident.”

USCIS, however, according to the inspector general, is “taking steps” to address shortcomings in its security.

USCIS collects sensitive data for immigration processing, including identity and biometric data.

The inspector general warned that unauthorized individuals could access this sensitive information and said USCIS’ recent efforts to digitize information for electronic purposes make it a “high-visibility target for attackers.”

“DHS’s security posture relies on all components to implement effective IT security processes; therefore, deficiencies in USCIS’ system access control and security settings may limit the Department’s ability to reduce the risk of unauthorized access to its network and disruption of mission operations,” the IG report states.

A spokesman for the inspector general declined to comment.

HACKERS TARGET US ENERGY COMPANIES BEFORE INVASION IN UKRAINE: SOURCE

USCIS did not immediately respond to Fox News’ request for comment.

Faulty patches have led to cyberattacks, such as the SolarWinds cyberattack. The Biden administration imposed sanctions on Russia for this hack, which began in 2020 when malicious code was introduced into popular software updates that monitor corporate and government computer networks.

The malware, affecting a product made by US company SolarWinds, has allowed elite hackers to remotely access an organization’s networks so they can steal information.

The Biden administration has since warned of the potential for “malicious cyberactivity” against the United States, particularly by Russia in its war on Ukraine.

US COUNTERINTELLIGENCE OFFICIALS WARN OF THREATS FROM CHINA AND RUSSIA TO EMERGING TECHNOLOGIES

Earlier this year, DHS warned US organizations at all levels that they could face cyber threats stemming from the Russia-Ukraine conflict.

The Biden administration has been scrambling to bolster cyber defenses after a series of ransomware attacks last summer. (Reuters/Dado Ruvic/Illustration)

The Biden administration has been scrambling to bolster cyber defenses after a series of ransomware attacks last summer, with malicious foreign actors targeting parts of critical US infrastructure.

CLICK HERE TO GET THE FOX NEWS APP

Biden signed a national security memorandum last year directing his administration to develop cybersecurity performance goals for critical infrastructure in the United States — entities such as electric utility companies, chemical plants and nuclear reactors.

The memo also formally established the Biden Cybersecurity Initiative, a voluntary collaborative effort between the federal government and critical infrastructure entities to facilitate the deployment of technologies and systems that provide threat visibility and detection indicators. .

Brooke Singman is a Fox News Digital political reporter. You can reach her at [email protected] or @BrookeSingman on Twitter.

Trending