A report released by the Senate committee overseeing homeland security on Tuesday (August 3) revealed government agencies and major companies have reported cyberattacks by foreign hackers in Russia and China.
NBC News reports numerous federal agencies fear being unprepared for the foreign cyberattacks, while others "have not met the basic cybersecurity standards necessary to protect America's sensitive data," following the release of a review of the annual audit findings from the internal watchdogs of eight federal agencies for fiscal year 2020.
The eight agencies mentioned in the "Federal Cybersecurity: America's Data Still at Risk" report include the departments of Homeland Security, State, Transportation, Education, Housing and Urban Development, Agriculture, and Health and Human Services, along with the Social Security Administration.
The report confirmed seven of the agencies failed to comply with the Federal Information Security Modernization Act signed by former President Barack Obama in 2014, which aimed to help the government better confront an increase in attacks directed at federal departments and agencies.
According to the report, at least seven of the eight agencies included continued to operate unsupported legacy systems that were vulnerable.
Sen. Gary Peters (D-Mich.), chairman of the Homeland Security and Government Operations Committee, released a statement in response to the findings claiming little appears to have changed since the committee released its report on federal agency cybersecurity for fiscal year 2019, which confirmed systemic failures in relation to all eight agencies.
Peters credited the American Rescue Plan signed by President Joe Biden in March as helping bolster federal cybersecurity, but added that more work needs to be done in providing protection.
"It is clear that the data entrusted to these eight agencies remains at risk," the report concluded.
Federal agencies and American tech companies, including Microsoft, have reported hacking issues tracing back to Russia and China.
In March, NBC News reported suspected Russian hackers gained access to email accounts belonging to former President Donald Trump's administration's head of the Department of Homeland Security and members of the department's cybersecurity staff as part of the SolarWinds intrusion.
In May, a cyberattack believed to be linked to a criminal group in Russia caused a major oil pipeline run by a private company offline, NBC News reports.
"From SolarWinds to recent ransomware attacks against critical infrastructure, it's clear that cyberattacks are going to keep coming and it is unacceptable that our own federal agencies are not doing everything possible to safeguard America's data," said Sen. Rob Portman, (R-Ohio), the ranking member of the Homeland Security Committee, in a statement.
The panel also handed out grades for overall cybersecurity practices to Cabinet departments and large independent federal agencies which includes the following per NBC News:
- Department of Housing and Urban Development: C
- Department of Agriculture: C
- Department of Health and Human Services: C
- Department of State: D
- Department of Transportation: D
- Department of Education: D
- Social Security Administration: D
- Department of Homeland Security: B
- Environmental Protection Agency: C
- NASA: D
The federal agencies included in the report scored an average grade of C-minus, according to NBC News.