Skip to main content

The U.S. government is worse at cybersecurity than just about everyone else

Cybersecurity Act of 2012 SECURE IT Act
Image used with permission by copyright holder
Looking for another reason to mistrust the government? Its shoddy cybersecurity practices may be just the ammunition you need. New data from security risk benchmarking startup SecurityScorecard suggests that when it comes to safe practices online, U.S. federal, state, and local government agencies rank dead last in comparison to 17 major private industries, including transportation, retail, and healthcare. The report examined the “overall security hygiene and security reaction time” of government institutions, paying special attention to NASA, the FBI, and the IRS, all of which were hacked earlier this year.

Topics of interest included vulnerability to malware infections, exposure rates of passwords, and susceptibility to social engineering, among other criteria.

The results were none too complimentary for our government. “Across all industries surveyed by SecurityScorecard,” the report notes, “U.S. government organizations received the lowest security scores. SecurityScorecard tracked 35 data breaches among all U.S. government organizations between April 2015 and April 2016.”

The biggest deficiencies were found within three categories of security; Malware Infections, Network Security, and Software Patching Cadence. Shockingly, 90 percent of state organizations scored an “F” in Software Patching Cadence, and 80 percent received the same score in Network Security.

But the worst offender of all was NASA, who received the lowest score among all 600 U.S. government organizations surveyed. Joining the bottom feeders were the U.S. Department of State, and the IT systems of Connecticut, Pennsylvania, and Washington.

The Obama administration has certainly made attempts to address the overarching insufficiency of cybersecurity practices currently in play across a range of agencies. President Obama has asked for $19 billion from Congress to improve tech defenses, including $3.1 billion to modernize the IT infrastructure at a number of federal agencies.

“With serious data breaches making headlines on what seems like a weekly basis, our team felt compelled to turn a spotlight on government agencies and determine which of them are demonstrating a commitment to securing their infrastructure and which are falling short,” said Dr. Luis Vargas, senior data scientist at SecurityScorecard. “The data we uncovered clearly indicates that while some are improving their security postures, too many are leaving themselves dangerously exposed to risks and vulnerabilities, especially at the larger federal level.”

Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
U.S. airports safer after software upgrades aimed at preventing taxiway landings
American Airlines Boeing 737 Max 8

Accidental taxiway landings by aircraft at busy airports are rare, but they nevertheless present a serious threat to passenger safety. At the current time, these so called “wrong-surface landings” are among the Federal Aviation Administration’s (FAA) top five five safety hazards in the national airspace system.

With planes using taxiways prior to takeoff, the consequences of such an erroneous landing are potentially catastrophic. And a number of near-misses have indeed occurred in the U.S. over the years.

Read more
As ransomware hits this U.S. hospital, lives could be at risk
The CommonSpirit Health’s logo appears over the silhouette of a hacker.

A large U.S. hospital chain has been suffering from a serious security breach that has led to its computer records being taken offline. What seems to be a ransomware attack could be affecting the quality of health care provided, possibly even putting lives at risk.
According to the industry-focused news site HealthCareDive, the attack was described as an IT incident by CommonSpirit Health and reported on October 3, 2022. This is a huge hospital chain with 1,000 care sites and 140 hospitals nationwide so thousands of patients are affected. The current solution, according to a statement on CommonSpirit Health’s website, has been to take certain systems offline.

Like the rest of us, doctors and nurses are accustomed to the technology of the 21st century and have come to rely on computer records to take care of patients, plan care options, and organize data. Reverting to paper in an already hectic healthcare system must make the job torturous. We'll never know how many critical details slip through the cracks during a busy day.

Read more
Nreal’s Air AR glasses head to the U.S., ready to rock with iPhones
Nreal Air AR glasses

Nreal is bringing its augmented reality (AR) glasses to the U.S., and this time the company is porting over all that immersive fun to the iOS ecosystem. The Nreal Air, which have been available in the U.K. since May, carry a price tag of $379 and will be available via Amazon and authorized retail outlets starting today.

The Nreal Air is a watered-down version of the Light AR glasses, but the package is still quite compelling for the asking price. Rocking a more consumer-friendly wayfarer design similar to Facebook’s Ray-Ban Stories, the Nreal Air feature an OLED display offering an effective resolution of 3840 x 1080, the same as the pricier Light version.

Read more