|
 The Treasury Foreign Intelligence Network is used by U.S. spy
agencies to share top-secret information and to keep tabs on the
impact of sanctions against countries such as Iran and Russia, as
well as militant groups like Hezbollah.
The report, prepared in September 2014, gave no indication the
foreign intelligence network had been hacked. But auditors found up
to 29 percent of Treasury's devices connected to the intelligence
network did not meet federal cybersecurity standards.
(http://bit.ly/1IgUM5K)
"As a result ... devices may not be protected with the most secure
recommended configurations, increasing the risk of being
compromised," the Treasury's Office of Inspector General, or OIG,
said.
A copy of the audit was obtained on Thursday through a U.S. Freedom
of Information Act request. A Treasury official said the OIG had
identified a "minor issue on a very secure system."
"Since the release of the audit, Treasury has remedied this matter,"
the official said.
The report comes to light following the revelation of the theft by
hackers of millions of U.S. government personnel files. America's
intelligence chief has said that hack was linked to China, although
U.S. officials say the government does not plan to publicly blame
Beijing.
Intelligence analysts use the Treasury's system to identify overseas
threats to America's economy and finances. Treasury Secretary Jack
Lew said last year the prospect of a cyber attack on the U.S.
financial system was a "real threat" to national security.
The Treasury's intelligence system is also used to assess the
economic disruption caused by U.S. sanctions on targeted countries,
groups and individuals.
In a controversial deal that faces fierce opposition in Congress,
the Obama administration has agreed to ease sanctions on Iran if
Tehran scales back its nuclear program.
[to top of second column] |
Treasury originally designed its foreign intelligence network in
2004 to be used by about 30 officials but built up the system to
accommodate more users as America stepped up its global campaign
against al Qaeda and other militant groups.
Between March and May of 2014, OIG auditors conducting an annual
review of the Treasury's cybersecurity found some computers using
Microsoft Corp's <MSFT.O> Windows had not been properly configured.
That meant network engineers would have trouble updating security
software for the sensitive network's computers, servers and
printers, the audit said.This was not the first time auditors had
found the top secret Treasury system lacking. In a 2008 audit, the
OIG found the Treasury Foreign Intelligence Network was slow in
upgrading a system that had relied on "antiquated hardware and
software."
In a letter attached to the 2014 report, the Treasury's top
intelligence officer, S. Leslie Ireland, said she agreed with the
OIG's findings. Treasury officials were already working to close the
security gap and planned to finish that job by April 2015, about six
months after the audit, Ireland said.
(Reporting by Jason Lange; Additional reporting Yeganeh Torbati;
Editing by Kevin Krolicki and Lisa Shumaker)
[© 2015 Thomson Reuters. All rights
reserved.]
Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
