Menu Search Account

LegiStorm

Get LegiStorm App Visit Product Demo Website
» Get LegiStorm App
» Get LegiStorm Pro Free Demo

Computer Security: Hackers Penetrate DOD Computer Systems

  Premium   Download PDF Now (9 pages)
Report Type Reports and Testimonies
Report Date Nov. 20, 1991
Report No. T-IMTEC-92-5
Subject
Summary:

GAO testified on intrusions by a group of Dutch computer hackers into Army, Navy, and Air Force computer systems. During a 14-month period that covered the Persian Gulf War, hackers from the Netherlands penetrated 34 Defense Department (DOD) sites. DOD officials, however, are still unable to determine the full scope of the problem because security measures for identifying intrusions are often lacking. At many sites, the hackers had access to sensitive information on topics like (1) military personnel, (2) logistics, and (3) weapons systems development. Although such information is unclassified, information from at least one system, which was successfully penetrated at several sites, directly supported Operation Desert Storm/Shield. The security weaknesses that permitted the intrusions and prevented their timely discovery highlight DOD's inadequate attention to computer security. Poor password management, failure to maintain and review audit trails, and inadequate security training all contributed to the intrusions. GAO highlighted some of these very weaknesses in a report issued two years ago (GAO/IMTEC-89-57, June 12, 1989). Without proper resources and attention, these weaknesses will persist and be exploited, undermining the integrity and confidentiality of government information.

« Return to search Government Accountability Office reports