Most of us are pretty bad at coming up with secure passwords. But as it turns out, we may not be alone: U.S government agencies and their employees are just as challenged as the rest of us.
Several government agencies, including the Department of Homeland Security, the Internal Revenue Service and the Nuclear Regulatory Commission — all of which store highly sensitive data — are reportedly plagued with a host of serious vulnerabilities that leave their networks open to hackers. And according to the new Senate cybersecurity report, the agencies and the employees themselves are responsible for these weaknesses.
The report reveals that, much like the general population, "password" is a common password on the agencies' computers. It also says that the agencies' systems are vulnerable because they're not reliably updated with the newest security patches, or because they have outdated antivirus programs.
Published today, the report was written by the Republican staff of the Senate Homeland Security and Governmental Affairs Committee and based on more than 40 previous reports by inspectors general.
In one case, independent auditors inspecting the office of the Chief Information Officer for the Immigration and Customs Enforcement agency found that employees had left 10 passwords written down on paper, 15 sensitive documents, six unlocked laptops, and even two credit cards left in the open.