Federal employees and contractors are undermining a 10 billion dollar effort to protect governmental data, from Social Security numbers to military secrets from cyber-attacks.
According to Associated Press, workers around several agencies, from the National Weather Service to the Defense and Education departments are accountable for at least half of the cyber incidents reported every year since 2010. They are responsible for opening malware websites, being fooled by scammers into sharing important information and having clicked on phishing emails.
Some of the incidents are cause by accidents but some of them are intentional. An intentional act was when Edward Snowden, the former National Security Agency employee, leaked documents on the internet regarding the government’s collection of email and phone records.
To see just how much federal cyber incidents happen, the AP filed several Freedom of Information Act requests, interviewed cyber security experts, hackers and government officials, and gathered documents which describe digital cracks in the system.
The study reveals that $100 billion and 40 years after the first law regarding federal data protection was enforced, the government is fighting to close holes without staff, systems or knowledge on how to defeat the hazard.
As claimed by the U.S. Computer Emergency Readiness Team the number of reported breaches only on federal computers rose from 26,942 to 46,605 from 2009 to 2013. At least half of these problems can be blamed on employees.
About 21 percent of federal breaches were last year traced to workers in violation of policies; 6 percent gave away private information, at least 8 percent installed or ran malware, 12 percent improperly handled information that was printed from computers and 16 percent of employees lost or had stolen their devices.
Cyber security adviser and Assistant Secretary of Defense, Eric Rosenbach said:
“We’ll always be vulnerable to … human-factor attacks unless we educate the overall workforce,”
Even though the government is believed to spend 65 billion dollars on security contracts from 2015 to 2020, experts believe this is not enough to counter the attacks of a continually growing “market” of hackers.
For every hostile state or thief there are a multitude of victims and only a small fraction of hackers are being caught by the government.