Audit reveals flaws in US Homeland Security’s Firewall


A secret federal audit has revealed worrying flaws have been discovered in the National Cybersecurity Protection System utilised by US Homeland Security.

The system, which is known as EINSTEIN, was found to be failing to scan for 94 per cent of vulnerabilities that are common for computers. Its firewall was also found to be insufficient, as it did not detect and prevent hacks against the US Government as it was intended to do, the Government Accountability Office audit found. Another failure discovered was the fact that the prevention feature of Einstein was only deployed at 5 out of the 23 major nondefense agencies.

The newly released data shone a spotlight on the $6 billion system, and has backed up lawmakers who have in the past suggested that the EINSTEIN system showed that hacker surveillance was not Government-wide.

Gregory C. Wilshusen, US Government Accountability Office (GAO) director of information security issues and Nabajyoti Barkakati, director of the GAO Center for Technology and Engineering, said in the audit: "Until NCPS’ intended capabilities are more fully developed, DHS will be hampered in its abilities to provide effective cybersecurity-related support to federal agencies."

The audit also said that, while the "overall intent of the system was to protect against nation-state level threat actors,” the EINSTEIN system missed numerous 'advanced persistent threats.'

EINSTEIN also "did not possess intrusion detection signatures that fully addressed all the advanced persistent threats we reviewed,” the audit added.

About Lee Hazell

Lee Hazell is a cyber security consultant with a keen interest in anything tech or security related. Follow Lee on .

Leave a Reply

Your email address will not be published. Required fields are marked *