Employee-responsible government breaches have doubled in the US

According to a survey of US federal computer networks conducted by the Associated Press, government workers and contractors are responsible for more than half of all breaches, which last year amounted to almost 47,000 forty. This demonstrates a significant rise — from 27,000 reported breaches in 2009—according to data released by the US Computer Emergency Readiness team and cited in the AP report, meaning the number of employee-responsible breaches currently accounts for nearly the total number of breaches just two years ago.

Filing dozens of Freedom of Information Act requests, reviewing documents describing the security failures, and interviewing everyone from cyber-security experts and government officials to hackers, AP was able to determine the nature of how the breaches occurred, but unable to sufficiently uncover the resulting damages and the extent of their reverberations.

Of the employee-responsible breaches, about a fifth of them were traced to workers who violated policies, while lost/stolen devices and the improper handling of printed data were close behind. Those who ran or installed malicious software, most often after opening malware contained in email, accounted for roughly eight percent.

“Many of the attacks had a criminal element behind them, trawling employee records for profit and identity theft in a way that treats the US Government like any other business target,” John Dunn wrote on the Techworld blog. But given the recent revelation that Russian hackers found a way into the unclassified admin network of the White House, a sizable number will also have been the work of hostile foreign actors.

Reflecting on their findings, AP warns that “for every thief or hostile state, there are tens of thousands of victims.”