FMCSA audit used to highlight cybersecurity concerns

December 3, 2021

Mark Schremmer

|

As part of a review of the cybersecurity levels of the FMCSA web servers, investigators were able to gain access to more than 13 million unauthorized records.

The audit by the U.S. Department of Transportation’s Office of Inspector General was used as an example of the importance of protecting the nation’s transportation infrastructure during a U.S. House of Representatives hearing on Thursday, Dec. 2.

“If breached, these systems could have cost the department millions of dollars in credit-monitoring fees to protect affected individuals from identity theft,” wrote Kevin Dorsey, assistant inspector general for information technology audits of the Department of Transportation. “We also identified recurring weaknesses that we could exploit, including poor security practices, such as weak administrative-level login credentials, unpatched servers and workstations, and a lack of encryption of sensitive data.”

The Office of Inspector General released the findings of the audit in October, saying the breach could have cost up to $570 million.

Audits also were conducted into the Volpe National Transportation Systems Center, and the Maritime Administration.

“Many of the weaknesses we found at FMCSA also tie into the same persistent enterprise-level security risks we found during our audits of MARAD and Volpe’s IT networks and systems,” Dorsey wrote. “These weaknesses are of particular concern given that these operating administrations’ networks process, store and transmit a substantial amount of sensitive information and are connected to DOT’s overall network.”

According to the report released in October, OIG offered 13 recommendations and all 13 had been resolved.

“DOT’s cybersecurity program is critical to protect its vast network of IT systems from malicious attacks and other breaches that pose a threat to the U.S. transportation system,” Dorsey wrote. “In today’s rapidly evolving cybersecurity landscape, and as the nation embarks on a new journey to upgrade and improve its transportation infrastructure, DOT faces significant challenges in strengthening its systems while adapting to new and rising challenges and threats.” LL

Related News

FMCSA

Federal

FMCSA denies Florida agency’s exemption from CDL testing rules

FMCSA has denied a Florida agency’s request for an exemption from regulations that require the CDL skills tests be completed in succession.

By Mark Schremmer | April 18

FMCSA

Federal

FMCSA’s Safety Research Forum open for registration

The Federal Motor Carrier Safety Administration will have its annual Safety Research Forum later this month. It is open to the public.

By Mark Schremmer | April 17

CVSA

Federal

CVSA petitions FMCSA to amend inspection report requirements

CVSA has petitioned the Federal Motor Carrier Safety Administration to remove one of the requirements involving inspection reports.

By Mark Schremmer | April 16

Tax fairness

Federal

Tax fairness bill would reinstate per diem for company drivers

As Tax Day approaches, there is a bill in the House and Senate that would restore the per diem tax deduction for employee truck drivers.

By Mark Schremmer | April 11

Mark Schremmer, senior editor, joined Land Line in 2015. An award-winning journalist and former assistant news editor at The Topeka Capital-Journal, he brings fresh ideas, solid reporting skills, and more than two decades of journalism experience to our staff.