The fear of attacks on any of our technology systems is what usually keeps CTOs awake at night. But when it’s a government system – and a big one at that – which might be subject to attack, people sit up and take notice. That’s why a new report about the vulnerability of our weather-reporting systems has some folks worried.
Word of the possible system vulnerability came from a report in HSToday.us, the online version of Homeland Security Today magazine. In it, Editor-in-Chief Anthony Kimery cites an audit report from the Commerce Department’s Inspector General that concludes the National Oceanic (News - Alert) and Atmospheric Administration’s (NOAA) National Environmental Satellite, Data, and Information Service (NESDIS) systems are in danger of an attack.
“We found that information systems connected to NESDIS' critical satellite ground support systems increases the risk of cyber attacks, [and] NESDIS' inconsistent implementation of mobile device protections increases the likelihood of a malware infection,” the IG wrote. In addition, Kimery noted in his story, the IG said “Critical security controls remain unimplemented in NESDIS' information systems, and improvements are needed to provide assurance that independent security control assessments are sufficiently rigorous.”
It all adds up to a cautionary tale that must be heeded.
“Part of the mission of the NOAA is to understand and predict changes in weather, oceans, climate and coasts and to share that knowledge and information with other agencies and the public,” HSToday.us noted in its story. “NOAA’s information systems are crucial to its ability to reliably perform its national critical mission. They provide hazardous weather forecasts and warnings, which are essential in protecting life, property and the nation’s economy.”
Restricting the flow of information between interconnected systems is a significant part of NESDIS’ IT security strategy to protect its mission critical assets -- POES and GOES satellite ground support systems -- from cyber attacks, the IG stated. “However, we found that both POES and GOES have interconnections with systems where the flow of information is not restricted, which could provide an attacker with access to these critical assets.”
This is where a solution from a company like Opengear (News - Alert) could come into play. Opengear designs, manufactures and delivers the most feature-rich, cost-effective, flexible solutions for secure remote infrastructure management. With Opengear, companies can access and manage mission critical systems, devices and equipment remotely and securely, even if the network is down, to save costs and maximize business continuity.
With hurricane season in full swing and storms touching down everywhere, the last thing we need is a weather-tracking failure. The government might be wise to look into a solution before a crisis hits.