WASHINGTON — In a report issued Friday, the US Department of Transportation (USDOT) said a recent investigation found multiple critical vulnerabilities on web servers that function within the Federal Motor Carrier Safety Administration (FMCSA).
“FMCSA did not detect our access or placement of malware on the network in part because it did not use required automated detection tools and malicious code protections,” the DOT report stated.
“We also gained access to 13.6 million unencrypted (personal identity) records. Had malicious hackers obtained (these records) it could have cost FMCSA up to $570 million in credit monitoring fees. Furthermore, the agency does not always remediate vulnerabilities as quickly as DOT policy requires. These weaknesses put FMCSA’s network and data at risk for unauthorized access and compromise.”
The FMCSA uses 13 web-based applications to aid vehicle registration, inspections and other activities.
“Many of FMCSA’s information systems contain sensitive data, including personally identifiable information,” the DOT report stated.
“Due to the importance of FMCSA’s programs to the transportation system and sensitivity of some Agency information, we conducted this audit of FMCSA’s information technology (IT) infrastructure. Our objective was to determine whether FMCSA’s IT infrastructure contains security weaknesses that could compromise the Agency’s systems and data.
The DOT said it recommended 13 different points of action that FMCSA officials need to take in order to better secure their information.
“We consider all 13 recommendations resolved but open pending FMCSA’s completion of planned actions,” DOT officials said.
The Trucker News Staff produces engaging content for not only TheTrucker.com, but also The Trucker Newspaper, which has been serving the trucking industry for more than 30 years. With a focus on drivers, the Trucker News Staff aims to provide relevant, objective content pertaining to the trucking segment of the transportation industry. The Trucker News Staff is based in Little Rock, Arkansas.