Federal Agencies Lack Measures to Maintain Social Media Security

The Government Accountability Office submitted the report, which found that nearly all -- 23 of 24 -- major federal agencies are now using Facebook, Twitter and YouTube. The applications of the social media provide information about agency activities and interact with the public. Disappointingly, only seven agencies have identified and documented security risks. Those seven agencies have also taken procedures to prohibit hackers from exploiting those sites to obtain access to federal information systems.Interestingly, the State Department told investigators they had no immediate plans to measure the agency's social media security due to the fact that internal policies did not expect it.

An interesting report came out last week concerning federal agencies using social media. Less than one third have made the effort to create safeguards against hackers, who can exploit their accounts to launch cyber attacks against government networks.


The Government Accountability Office submitted the report, which found that nearly all — 23 of 24 — major federal agencies are now using Facebook, Twitter and YouTube. The applications of the social media provide information about agency activities and interact with the public.

Disappointingly, only seven agencies have identified and documented security risks. Those seven agencies have also taken procedures to prohibit hackers from exploiting those sites to obtain access to federal information systems.

Interestingly, the State Department told investigators they had no immediate plans to measure the agency’s social media security due to the fact that internal policies did not expect it.

The report documented a situation where hackers spammed President Obama’s Twitter followers in 2009 by offering a chance to win $500 in free gasoline in exchange for filling out a survey.

The report also explained the two common techniques implemented by hackers against federal agencies: spear phishing, where hackers trick employees into opening an attachment with a virus, and social engineering, where hackers dupe employees into giving out their passwords.

Another security situation to note for the federal government is that in February 2011 the Director of National Intelligence testified the amount of malicious software targeting U.S. computers and networks had more than tripled in the past two years.