WASHINGTON, Oct. 25 (UPI) -- Users of government Web sites tracking stimulus spending risk cyberattacks on their personal computers, a U.S. Transportation Department audit indicates.
The audit says the department's Web sites contain many vulnerabilities, including high-risk ones, that could disrupt not only stimulus-related activities but also everyday department functions and put users at risk, The Hill reported.
The Washington publication got an internal Department of Transportation report describing the audit expected to be released this week.
The audit says the department's 13 stimulus Web sites are weighed down by serious security risks and three of the sites publish information the public can access.
The audit indicated people using the Transportation Department's stimulus Web sites give hackers a chance to access sensitive data and provide a path to attack government networks.
"By exploiting the high-risk vulnerabilities, hackers could attack the computers used by the public to access the Web sites and gain access to sensitive data, such as password files stored on servers, take control of a server and attack other computers on DOT's networks," the report said.
The memo said the Transportation Department, which received $48 million in stimulus funding, should have taken greater care to ensure public Web sites are safe for users, The Hill said. The risks came about because the department didn't comply with existing security standards, the document said.
"DOT management needs to take immediate corrective actions to minimize the risk of cyberattacks on these systems," the report said.
