DATE=3/29/2000
TYPE=CORRESPONDENT REPORT
TITLE=COMPUTER SECURITY (L-ONLY)
NUMBER=2-260749
BYLINE=CANDACE WILLIAMS
DATELINE=WASHINGTON
INTERNET=YES
CONTENT=
VOICED AT:
INTRO: U-S government and private industry computer
analysts say U-S federal agencies must do more to
protect their computer networks from hackers and
others seeking unauthorized access. The warning was
issued Wednesday in Washington during a House
subcommittee hearing on computer security. V-O-A's
Candace Williams has more.
TEXT: Recent audits and other reviews have uncovered
lapses in computer security practices at virtually
every major federal government agency.
Jack Brock, a computer expert from the General
Accounting Office, said one weak spot was the
Environmental Protection Agency. Mr. Brock said a
recent investigation showed how easily unauthorized
users could break into its networks.
/// FIRST BROCK ACT ///
We were able to penetrate the firewall, which
was largely ineffective, penetrate limited
access controls and essentially could have had
access to most of the information and processes
that ran throughout the entire agency. The
entire agency in this case was vulnerable.
/// END ACT ///
Mr. Brock said reviews also uncovered lapses at the U-
S Defense Department, the U-S Space Agency, the State
Department and Veterans Administration. But he said
that the agencies had taken what he called significant
strides to better safeguard their systems.
Mr. Brock said many agencies do not have relevant
security program planning and management policies. He
stressed that effective computer security systems must
be tailored to the needs of a particular agency.
/// OPT ///
/// SECOND BROCK ACT ///
Computer security programs have to support the
organizational mission and goals of the agency.
They can't be divorced from what the agency does
or they're not relevant.
/// END ACT ///
An official at the National Space Agency, David
Nelson, says computer security is most effective when
management, technical support staff, and network users
fully understand the importance of the issue and work
together.
/// NELSON ACT ///
Over the last two years, NASA has developed or
acquired new training material for managers,
system administrators and users. This training
is now mandatory for all civil servants.
/// END ACT ///
/// END OPT ///
The experts told lawmakers the best defense is common
sense. They say computer systems become vulnerable to
intruders when passwords are shared or when anti-viral
software programs and other firewalls are not in
place.
They say agencies must take advantage of readily
available tools -like encryption codes and special
software - to protect themselves, given the increasing
sophistication of computers and the people who use
them. (Signed)
NEB/CAW/TVM/gm
29-Mar-2000 18:44 PM EDT (29-Mar-2000 2344 UTC)
NNNN
Source: Voice of America
.
NEWSLETTER
|
Join the GlobalSecurity.org mailing list
|
|