NEWNow you can listen to Fox News articles!

EXCLUSIVE: The Department of Homeland Security’s inspector general said sensitive data stored on USCIS systems could be vulnerable to cyberattacks by attackers, saying weaknesses in the agency’s IT security could “limit” DHS’s ability to “overcome a major cybersecurity incident “.

Fox News Digital has exclusively obtained the report from DHS Inspector General Joseph Kufara. The Office of Inspector General notified USCIS of its findings and recommendations for improving controls to limit unauthorized access to its systems and information.

“USCIS did not take all necessary measures to ensure proper access by privileged users and did not adequately manage and control service account access,” the report said, adding that USCIS also failed to implement necessary security settings and updates for IT systems and workstations to help reduce exposure if access control vulnerabilities were exploited.

WHITE HOUSE HOLDS GLOBAL MEETING ON BROTHERHOOD-EXTORM-ORDERING; RUSSIA IS NOT INVITED

The inspector general warned in the report that USCIS’s access control weaknesses “increase the attack surface and potential opportunities for attackers to launch cyberattacks.”

The inspector general also said that until the flaws are fully addressed, DHS may be limited in its ability to “overcome a major cybersecurity incident.”

USCIS, however, according to the inspector general, is “taking steps” to address its security deficiencies.

USCIS collects sensitive data for immigration processing, including identification and biometric data.

The inspector general warned that unauthorized individuals could gain access to this sensitive information, and said USCIS’s recent efforts to digitize information for electronic use make it a “high-visibility target for attackers.”

“DHS’s security posture relies on all components to implement effective IT security processes; therefore, deficiencies in USCIS’ system access control and security settings may limit the Department’s ability to reduce the risk of unauthorized access to its network and disruption of mission operations,” the statement said. This is according to the IG report.

A spokesman for the inspector general declined to comment.

HACKERS TARGETED US ENERGY COMPANIES BEFORE INVASION OF UKRAINE: SOURCE

USCIS did not immediately respond to Fox News’ request for comment.

Improper patches have led to cyberattacks such as the SolarWinds cyberattack. The Biden administration imposed sanctions on Russia over the hack, which began in 2020 when malicious code was stolen in an update to popular software that monitors corporate and government computer networks.

The malware, which affected a product from US firm SolarWinds, gave elite hackers remote access to the organization’s networks so they could steal information.

Since then, the Biden administration has warned of the possibility of “malicious cyber activity” against the US, particularly from Russia amid its war against Ukraine.

US COUNTER-INTELLIGENCE OFFICERS WARN OF NEW TECHNOLOGY THREATS FROM CHINA, RUSSIA

Earlier this year, DHS warned US organizations at all levels that they may face cyber threats stemming from the Russian-Ukrainian conflict.

The Biden administration has been working to strengthen cyber defenses after a series of ransomware attacks last summer. (Reuters/Dado Ruvic/Illustration)

The Biden administration has been working to strengthen cyber defenses after a series of ransomware attacks last summer in which foreign attackers targeted parts of critical US infrastructure.

CLICK HERE TO GET THE FOX NEWS PROGRAM

Last year, Biden signed a national security memo that ordered his administration to develop cybersecurity goals for critical infrastructure in the U.S. — entities such as electric power companies, chemical plants and nuclear reactors.

The memorandum also formally established the Biden Cybersecurity Initiative, a voluntary collaboration between the federal government and critical infrastructure entities to promote the deployment of technologies and systems that provide threat visibility and detection.

Source by [author_name]

Previous articleCrypto mining could hinder the fight against climate change: White House
Next articleAppellate Special General Ordinance of the United States