FMCSA’s website security to undergo audit
The U.S. Department of Transportation’s Office of Inspector General wants to take a closer look at the security of FMCSA’s information technology infrastructure in the form of an audit.
“Due to the importance of FMCSA’s programs to the nation’s transportation system and the sensitivity of some of the agency’s information, we are initiating an audit of FMCSA’s IT infrastructure,” the office said in an October memorandum. “Our objective will be to determine whether security weaknesses exist in FMCSA’s IT infrastructure that could lead to the compromise of FMCSA’s systems and data.”
The FMCSA audit comes after a security breach took down the FMCSA’s National Registry of Certified Medical Examiners website in December 2017. The breach caused the website to be down for months, but the agency said no personal information was exposed.
“The Federal Motor Carrier Safety Administration is ensuring the stability of the National Registry of Certified Medical Examiners website, the security of the data, and the privacy of drivers and medical examiners,” the agency said in an April 2018 news release. “This is of paramount concern. There was an unsuccessful attempt by someone to compromise the website. It is conclusive that there was no personal information exposed.”
There was concern that if the license numbers of the medical examiners had been exposed that there would be the potential for fake medical certificates to be issued. The FMCSA also said that the personal information of the drivers wasn’t compromised.
While the agency said no personal information was compromised during the hack of national registry website, the incident does highlight the potential dangers.
“Specifically, the audit is going to look to see if there are any security weaknesses in FMCSA’s IT infrastructure that could lead to the compromise to the systems or the data they have,” Bryce Mongeon, OOIDA’s director of legislative affairs, told Land Line Now. “Obviously, with all of the information FMCSA has and all of the programs they have and all of the information they are responsible for, this is a very important issue.” LL