January 2, 2014

WHAT COULD GO WRONG? Federal Election Commission Vulnerable To Hacking, Inspector General Warns.

Deficient computer security at the Federal Election Commission has already led to high-level breaches and puts the agency “at high risk” of continued hacking, according to a federal Inspector General report released this month.

FEC information systems, which in the previous election tracked more than $6 billion in political spending, “have serious internal control vulnerabilities and have been penetrated at the highest levels of the agency,” according to the FEC Inspector General’s final audit for fiscal 2013.

The report, which reiterates security concerns flagged by federal auditors for several years running, identifies two specific, high-level hacking incidents. In May of last year, an adversary identified as an “Advanced Persistent Threat” compromised a commissioner’s personal user account, as well as several FEC systems, for eight months running.

During that period, the unidentified hacker had potential access to such sensitive information as details of FEC investigations; General Counsel’s reports; briefs; subpoenas, and personal identifying information.

The second intrusion took place in August of this year and involved the FEC’s public disclosure website, forcing the agency to shut down portions of the system while it investigated. While the FEC was working on remediating the August breach, “another intrusion was detected on the agency’s website in early fiscal year 2014,” according to the report.

The country’s in the very best of hands.