GAO: VA systems open to cyberattack

Thursday - 5/20/2010, 8:30am EDT

Cybersecurity Update - Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on The Federal Drive with Tom Temin and Amy Morris (6-10 a.m.) and The DorobekInsider with Chris Dorobek (3-7 p.m.). Listen live at FederalNewsRadio.com or on the radio at 1500 and 820 AM in the Washington, D.C. metro area.

  • Cyber security at the Veterans Affairs Department was slammed on Capitol Hill. Testifying before the House Veterans Affairs Committee, auditors from the Government Accountability Office said they found numerous problems. These ranged from weak server passwords to unsecured internet connections. Auditors said VA systems are vulnerable to penetration by hackers. While acknowledging progress, GAO said VA still has a list of 11,000 security action items, NextGov reports.

  • It's the law, but NASA's top information security chief has ordered his staff to break away from it. A memo from Jerry Davis calls on NASA IT staffers to shift away from a provision that requires them to certify network compliance with the Federal Information Security Management Act (or FISMA). NextGov reports he wants them to focus on real-time monitoring of threats instead. To support his move, Davis points to an April White House order for agencies to begin continuous cybersecurity reporting.

  • Microsoft will share technical details about security holes with selected federal agencies before the security patches for them are released to the public. FCW reports, the early warning to government is part of the company's experimental Defensive Information Sharing Program. The program gets underway this summer, according to Microsoft security officials.

Check out all of Federal News Radio's coverage of cybersecurity issues here.