Treasury OIG Audit: Inadequate Security Controls Over Routers and Switches Jeopardize Sensitive Taxpayer Information

Inadequate Security Controls Over Routers and Switches Jeopardize Sensitive Taxpayer Information, March 26, 2008. Reference Number: 2008-20-071

  • “Because the IRS sends sensitive taxpayer and administrative information across its networks, routers on the networks must have sufficient security controls to deter and detect unauthorized use. Access controls for IRS routers were not adequate, and reviews to monitor security configuration changes were not conducted to identify inappropriate use. A disgruntled employee, contractor, or hacker could reconfigure routers and switches to disrupt computer operations and steal taxpayer information in a number of ways, including diverting information to unauthorized systems.”
    • LinkedIn
    Posted in: Cybercrime, E-Government, Government Documents, ID Theft, PC Security, Privacy