EXCLUSIVE: The Department of Homeland Security inspector general said sensitive data held by United States Citizenship and Immigration Services systems could be vulnerable to cyberattacks by malicious actors, saying deficiencies in the agency’s IT security could “limit” DHS’s capability to “overcome a major cybersecurity incident.”
Fox News Digital exclusively obtained the report by DHS Inspector General Joseph Cuffari. The Office of Inspector General notified USCIS of the findings and recommendations to improve controls to restrict unauthorized access to its systems and information.
“USCIS did not take all necessary steps to ensure privileged user access was appropriate and did not adequately manage and monitor service account access,” the report states, adding that USCIS also did not implement required security settings and updates for IT systems and workstations to help reduce the impact if access control weaknesses were exploited.
WHITE HOUSE HOSTS GLOBAL ANTI-RANSOMWARE MEETING; RUSSIA NOT INVITED
The inspector general warned in the report that USCIS’ access control deficiencies “increase its attack surface and potential avenues for malicious actors to initiate a cyberattack.”
The inspector general also said that until the deficiencies are fully addressed, DHS may be limited in its capability to “overcome a major cybersecurity incident.”
USCIS, though, according to the inspector general, is “taking steps” to address the deficiencies in its security.
USCIS collects sensitive data for immigration processing, including identity and biometric data.
The inspector general warned that unauthorized individuals could gain access to that sensitive information and said that USCIS’ recent efforts to digitize the information for electronic use make it a “high visibility target for attackers.”
“DHS’ security posture relies on all components to implement effective IT security processes; therefore, the USCIS’ access control and system security setting deficiencies may limit the Department’s ability to reduce the risk of unauthorized access to its network and disrupting mission operations,” the IG report states.
A spokesperson for the inspector general declined to comment.
HACKERS TARGETED US ENERGY COMPANIES AHEAD OF UKRAINE INVASION: SOURCE
USCIS did not immediately respond to Fox News’ request for comment.
Faulty patching has led to cyberattacks, such as the SolarWinds cyberattack. The Biden administration imposed sanctions on Russia for that computer hack, which began in 2020 when malicious code was snuck into updates to popular software that monitors computer networks of businesses and governments.
The malware, affecting a product made by American firm SolarWinds, gave elite hackers remote access into an organization’s networks so that they could steal information.
The Biden administration has since been warning about the potential for “malicious cyber activity” against the United States, especially by Russia amid its war on Ukraine.
US COUNTERINTELLIGENCE OFFICIALS WARN OF THREATS FROM CHINA, RUSSIA TO EMERGING TECHNOLOGY
Earlier this year, DHS warned U.S. organizations at all levels that they could face cyberthreats stemming from the Russia-Ukraine conflict.
The Biden administration has worked to strengthen cyber defenses after a string of ransomware attacks last summer, with foreign malign actors targeting pieces of U.S. critical infrastructure.
Biden last year signed a national security memorandum directing his administration to develop cybersecurity performance goals for critical infrastructure in the U.S. — entities like electricity utility companies, chemical plants and nuclear reactors.
The memo also formally established Biden’s Cyber Security Initiative, a voluntary collaborative effort between the federal government and critical infrastructure entities to facilitate the deployment of technology and systems that provide threat visibility indicators and detections.