The following article, TSA Blasted for Weak Cyber Security Defenses Leaving Systems Open to Terrorist Infiltration, was first published on .
The Transportation Safety Administration is under fire for its thoroughly weak defense systems to keep out computer hackers that leaves terrorists a multitude of back doors to get into our law enforcement and homeland security systems.
The security lapses are leaving U.S. airline and train passengers in danger, a report says.
The TSA isn’t just deficient in a few areas of cybersecurity. It is deficient in nearly all of them.
According to Just the News:
The Transportation Security Administration (TSA) was found deficient in 8 of 10 categories, incapable of ensuring “it will be able to quickly detect, respond to, and recover from a cyberattack,” Homeland’s inspector general declared in a report released this week ahead of one of the busiest travel weekends of the year with the Labor Day holiday.
In 2015, in response to increasing cyber threats, the Office of Management and Budget created the High Value Asset (HVA) security initiative tasking federal agencies with identifying their most important assets. These assets include “federal information systems, information, and data for which unauthorized access, use, disclosure, disruption, modification, or destruction could cause a significant impact to national security interests, foreign relations, the economy, safety, and the security of the American people.”
Some of the problems are the TSA’s own fault, according to Homeland’s inspector general, the TSA “did not implement effective controls to protect the sensitive information processed by the selected HVA system.”
“The IG noted that this leaves the agency particularly vulnerable to cyberattacks which could undermine its functions and endanger our security,” Just the News added.
There is more…
The IG report concluded the TSA also had deficiencies in supply chain management in the HVA system it analyzed. The report noted that “system administrators stated that TSA did not currently have a system-specific plan for managing the selected HVA system’s supply chain risks.” Yet, the NIST requires organizations to have a plan to address and mitigate supply chain risks. These requirements were reinforced by Executive Order 14028, signed by President Biden at the beginning of his term, which directed agencies to improve guidelines and requirements for “software supply chain security.”
More troubling, the watchdog report warned the HVA system administrators relayed that “TSA does not have an overall supply chain risk management plan for its IT assets but was developing a draft at the time of [their] review.” This potentially leaves many of the TSA’s systems and hardware vulnerable to supply chain security issues after NIST guidelines and President Joe Biden’s executive order were developed to mitigate these very issues.
The TSA is essentially an open door for our enemies.
What a joke.