August 03, 2007   LIEBERMAN CITES VULNERABILITY OF TERRORIST TRACKING DATA GAO Says US-VISIT Program Vulnerable to Hacking, Deletions, and Changes Entire System Could Be Jeopardized   WASHINGTON - Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman, ID-Conn., Friday said the information controls of a crucial border security program that tracks visitors to this country are so weak that terrorists could hack into and compromise the integrity of the entire system. Lieberman’s comments came as the Government Accountability Office released a report that Lieberman requested on the information security of the US-VISIT databases. The US-VISIT program collects sensitive information about all people crossing U.S. borders by air, land, or sea as a means of tracking terrorists and other criminals. GAO said that hackers could gain access to numerous federal databases and delete or change visitor records. "The security flaws GAO discovered in this critical border security program jeopardize the integrity of the program and could make it easier for terrorists to enter the country,” Lieberman said. “DHS is spending $1.7 billion of taxpayer money on a program to detect potential terrorists crossing our borders yet it isn't taking the most basic precautions to keep them from hacking into and changing or deleting sensitive information. DHS must immediately put the recommended controls in place to secure US-VISIT.” The GAO found “significant information security control weaknesses” in all areas. For example, the Customs and Border Protection division of DHS did not: · Adequately identify and authenticate users in systems supporting US-VISIT; · Sufficiently limit access to US-VISIT information and information systems; · Ensure that controls adequately protected internal and external networks boundaries; · Effectively implement physical security at several locations; · Consistently encrypt sensitive data traversing the communication network; and · Provide adequate logging or user accountability for the mainframe, work stations, or servers. “These weaknesses collectively increase the risk that unauthorized individuals could read, copy, delete, add, and modify sensitive information, including personally identifiable information, and disrupt the operations of the US-VISIT program,” GAO said. -30-   ###   Printable Version   « previous Press Release next Press Release »   1998 - 1999 - 2000 - 2001 - 2002 - 2003 - 2004 - 2005 - 2006 - 2007 - 2008 August 2007 Press Releases   August 29 - SENATORS SEEK KATRINA ANNIVERSARY ANALYSIS OF RECOVERY   August 24 - DODD, LIEBERMAN ANNOUNCE MORE FIRE GRANTS FOR CONNECTICUT   August 21 - LIEBERMAN POINTS TO CIA IG FINDINGS AS DEMONSTRATING VALUE OF 2004 INTELLIGENCE REFORMS   August 17 - DODD, LIEBERMAN ANNOUNCES NEARLY 2 MILLION DOLLARS IN PORT SECURITY AND EMERGENCY MANAGEMENT GRANTS   August 17 - DODD, LIEBERMAN ANNOUNCE NEW FIRE GRANTS FOR CONNECTICUT   August 15 - LIEBERMAN APPLAUDS PIONEERING REPORT ON HOMEGROWN ISLAMIST RADICALIZATION   August 15 - LIEBERMAN, AKAKA, THOMPSON, LANGEVIN URGE DHS TO CONSIDER COST-EFFECTIVENESS OF RADIATION MONITORS   August 7 - LIEBERMAN CALLS FOR MORE TRANSPARENCY, ACCOUNTABILITY AT PRIVATE PRISONS   August 3 current Press Release   August 3 - GAO TO INVESTIGATE GOVERNMENT LAPSES IN TB CASE   August 2 - LIEBERMAN: BILL SHOULD RESTORE PUBLIC TRUST IN CONGRESS   August 1 - COMMITTEE APPROVES NUSSLE FOR OMB DIRECTOR   August 1 - LIEBERMAN SEEKS MORE EFFECTIVE USE OF CAMERA SURVEILLANCE
Committee on Homeland Security and Governmental Affairs 340 Dirksen Senate Office Building Washington, D.C. 20510