Federal Employee Disregards Technology Compliance, Leaving Network Exposed
After an audit of the U.S. Geological Survey department, a federal report was released confirming government networks had been compromised. According to the report, a federal employee exposed U.S. government systems to malware after visiting multiple pornographic sites. During the follow-up investigation, the malware exposure was tracked down to a single employee’s noncompliance to technology standards. This unnamed employee visited pornographic websites approximately 9,000 times. In addition, they saved the images to USBs and their cell phone.
According to The Washington Post, U.S. government employees are not allowed to visit pornographic websites, or connect unauthorized devices to federal networks. The employee, who is no longer employed with the USGS department, directly violated those regulations.
Since the incident was discovered, the Office of Inspector General has encouraged U.S. government departments to implement a list of known rogue sites. They would then d prevent employees from accessing any websites listed on this list, known as a blacklist. Unfortunately, like any other blacklist methodology, it can be bypassed. It only takes finding a malicious or ill-intended website that hasn’t been included on the list, for users to bypass this level of “protection”.