A new federal study uncovers vulnerabilities in the Internal Revenue Service's cyber security.
The Treasury Inspector General for Tax Administration (TIGTA) reviewed twenty indicators and concluded that only 3 were efficient.
"The IRS is the Holy Grail for hackers," said co-host of the show What the Hack, Beau Friedlander.
"This is a big organization. Last year, they collected nearly 250 million tax filings.
It's a wealth of details to corral and keep within check, and they're certainly not doing as well as they should."
TIGTA determined that the IRS should do a better job of keeping an exhaustive and reliable assessment of its data systems.
monitoring and reporting on a current hardware and software asset inventory keeping secure system configuration.
assuring that all security mechanisms for the protection of Personally Identifiable Information are applied.
It should be providing uniform and timely defect correction and fixing.
The Internal Revenue Service must take additional measures to address program flaws and enact all security program elements in accordance with FISMA regulations.
Or else, taxpayer information could be susceptible to unauthorised use, manipulation, or exposure.
"One that jumped out to me was the need for revisions and a registry of equipment in operation."
The used software was not frequently controlled and measured.
Therefore, it is possible that unpatched software is in use. There could be insecure machines, according to Friedlander.
This must change very quickly, and it is capable of changing quickly.