قالب وردپرس درنا توس
Home / Health / Hackers could have hurt BioWatch for years, records show

Hackers could have hurt BioWatch for years, records show



The Department of Homeland Security has stored sensitive data from the National Bioterrorism Defense Program on an insecure website that has been attacked by hackers for more than a decade, according to government documents reviewed by The Times.

Locations of at least some BioWatch air samplers installed at subway stations and other public places in more than 30 US cities and designed to detect anthrax or other biological weapons in the air, officials said of Homeland Security. It also included the results of tests for possible pathogens, a list of detectable biological agents and response plans that were prepared in the event of an attack.

The information contained on a dot-org website is executed by a private contractor ̵

1; was placed behind a secure firewall of the Federal Government, and the site was closed in May. However, Homeland Security officials acknowledge that they do not know if hackers ever got access to the data.

Homeland Security Agency's internal emails and other documents show that the question of whether the information held on dot-org's website has led to a bitter conflict within the agency poses a threat to national security. A former BioWatch security manager filed a rogue ad alleging he was targeting retaliation after criticizing the careless safety of the program.

The site shared information with local, state, and federal officials. It was easily identifiable through online search engines, but user name and password had to be provided to access confidential data.

A security review completed in January 2017 identified "critical" and "high-risk" vulnerabilities, including weak encryption, which made the site "extremely vulnerable" to online attacks. The audit found that, according to a Homeland Security report summarizing the findings, "no site protection monitoring appears to have occurred."

A report by a Inspector General published later this year stated that confidential information had been stored on the BioWatch portal since 2007 and was susceptible to hackers. The report recommended postponing the data behind the government firewall, and it was stated that Homeland Security officials had agreed to it.

It is unclear how valuable the data would have been for a terrorist group or a hostile state. Scientists have warned that BioWatch technology is unreliable. The system detects only a limited number of microbes and struggles to distinguish between typical environmental bacteria and dangerous threats.

Yet, several biological defense experts said it was worrying that Homeland Security officials could not adequately protect a country's confidential information anti-terrorism programs.

"Advertising your vulnerabilities is never a good thing. I think it's a national security risk to give your opponents quick access to your vulnerabilities, "said Tom Ridge, who was the first US Secretary of State to oversee BioWatch's launch in 2003 and has since denounced the program as ineffective. "Any American citizen would wonder what else is so accessible to the rest of the world?"

James F. McDonnell, a deputy secretary appointed by President Trump, oversees the new Homeland Security (WMD) weapons destruction checkpoint. According to BioWatch, the data outside the secure government firewall was not important enough to to trigger a national security threat. He said, however, that the authorities had taken steps to strengthen cybersecurity throughout the department. He noted that the problem occurred before his appointment.

"What happened before happened before. You can not put the ghost back in the bottle, "he said." Cybersecurity concerns are in full swing. "

Long List of Issues

The security issues add a long list of issues to BioWatch. [19659002] The program has cost taxpayers more than $ 1.6 billion, was launched two years after letters containing anthrax spores killed five people and sickened 17 shortly after the terrorist attacks of September 11, 2001 BioWatch became part of the Homeland Security Health Department in 2007.

A 2012 review of the Times revealed grave deficiencies, including false alarms and doubts as to whether BioWatch could be used to identify a bioterrorism event Government Accountability Office concluded that the program could not be used to detect an attack, and Bi From 2003 to 2014, oWatch generated 149 false positives.

Every day, public health workers across the country collect air samplers and conduct content tests to look for signs of dangerous pathogens in the air. In some cases, reports of suspicious laboratory results are uploaded to the BioWatch portal for review by other officials.

Some local officials objected to the storage of these and other sensitive documents on a federal server that other government officials could access without their knowledge or consent, according to the Inspector General's report. As a result, according to the report, the health department decided not to move the portal into the firewall of the Ministry of Homeland Security.

Security Warnings

In August of 2016, Harry Jackson worked for a branch of Internal Security. The topic of information security was assigned to the BioWatch program. Three months later, he said in an interview with The Times, he learned from biowatchportal.org and asked the agency to cease its use on the grounds that it contained classified information and the portal's security measures were inadequate.

Two more officers were hired to monitor the handling of confidential information, the concerns in emails sent to BioWatch managers were confirmed, according to records reviewed by The Times.

BioWatch officials pushed back. Michael Walter, the program's program manager, said in a teleconference with other homeland security officials that information about the location of the network's air samplers would not compromise its effectiveness, as they aim to expose a massive attack on biological warfare. According to a record of Jackson's appeal, which was reviewed by The Times, the samplers were in sight.

Larry "Dave" Fluty, Assistant Secretary-General of Health Affairs, argued during the same call The Authority had previously decided that treating the information as classified – and thus triggering stricter access rules – would require security checks for about 1,000 local officials which are involved in the collection and analysis of data of the air collection units.

"It was determined From a political point of view, that can not happen," he said.

Weeks after the conference call, Steven Lynch, then head of Homeland Security's special security program department, wrote in a memo planned by the agency that was reviewed by The Times. Move the portal to a dot-gov site behind the safe Firewall of the federal government. Experts, however, concluded that there was "no evidence of criminal or suspicious activity" related to the dot-org portal and "no or minimal risk of unauthorized access".

However, a complaint to the inspector's general hotline has already been triggered. Internal audit by biowatchportal.org.

The audit found 41 vulnerabilities, and a scan detected a potential hacker attempt to access the portal. The auditing team was unable to validate the scan findings, and the team recommended that the contractor monitoring the site investigate. It is unclear if this has been done.

The contractor, the Logistics Management Institute, declined to comment.
Walter, Fluty, and Lynch did not respond to emails or phone calls from The Times.

"DHS will never know"

In January 2017, Jackson published his concerns about the portal in the Journal of Bioterrorism & Biodefense. His article described what he called "negligent" security, which required only single-factor authentication to access the site.

Homeland Security officials removed BioWatch from Jackson's portfolio, then suspended his security clearance and later put him on administrative leave. They informed him that he had not obtained the proper authorization to publish his article and that it contained information that should not have been published. They also relied on his recent conviction for drunk driving.

Jackson filed complaints about whistleblowing with several federal agencies claiming he had been the victim of retaliation for criticizing the safety of the program. In one case, he wrote that a successful hacker can "monitor the system, manipulate data, and create false flags to pinpoint the response of federal, state, and local governments to a possible incident."

The complaint continued: "Until this date DHS will never know what damage this has done, as there is no intrusion detection feature.

The Inspector General's report published later that year found that no classified information was found on the BioWatch portal. "High-risk vulnerabilities" could allow an attacker to gain access to sensitive information on the site.

In October 2017, Homeland Security restored Jackson's security clearance, but gave him a warning. A letter informing him of the decision did not respond to his whistleblower claim. He left the agency a few weeks later.

No federal agency has agreed to investigate Jackson's complaints. In May, he appealed to the Office of the Inspector General of Intelligence. He is waiting for an answer.


Source link