FierceCIOFierceCIOTechWatchFierceMobileITFierceContentManagementFierceGovernmentIT   FierceVoIPFierceHealthITFierceFinanceIT

IRS failed to look out for hack attackers

December 17, 2008 — 10:19pm ET | By Judi Hasson
Tools
Tags
Inspector General
Hacking
firewalls
Computer Network
traffic
Internal Revenue Service

The Internal Revenue Service let its guard down in a big way. It failed to save and review records adequately that could indicate if hackers were trying to break into the agency's systems. That finding was issued this week by the IRS inspector general. The IRS did a good job of tightening the security of its computer network, but it failed to comply with its own guidelines for saving and reviewing the audit logs that show what traffic the agency's routers and firewalls had blocked.

"Audit logging is critical...to detect potential security events such as hacking attempts and other malicious threats," the IG reported. The audit showed that "audit logs were not adequately saved and reviewed."

The action was like baking half a loaf when a full loaf was essential; in terms of making sure the IRS systems were airtight, the agency failed. It's not too comforting to know that the government may not be protecting your personal and company records.

For more on IRS stumbling:
- check out this Nextgov.com article

Related Articles:
Hackers news from FierceCIO
Security risks increase as companies cut budgets
Auditing news from FierceCIO

Bookmark and Share
Get Your FREE FierceCIO Email Newsletter:
Be the first to comment

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

To combat spam, please enter the code in the image.