Heartbleed lives, D.C. loses power and the Fed gets high marks
News and notes from around the federal IT community.
Heartbleed vulnerabilities persist
A year after the massive Heartbleed vulnerability was discovered, a huge number of enterprise servers remain unprotected, says a new report by cybersecurity firm Venafi.
Venafi said it had new research based on its Trustnet technology that reevaluated the risk of attacks that exploited incomplete Heartbleed remediation in the top 2,000 public companies worldwide.
Seventy-four percent of the firms in the Forbes Global 2000 list still have external servers that remain vulnerable to cyberattacks due to Heartbleed, according to Venafi.
"That's 1,223 of the world's largest and most valuable businesses still exposed to attacks. Only 419 Global 2000 organizations have completed Heartbleed remediation -- up just two percent from 387 in August 2014," said an April 6 statement by the company.
Power outage hits D.C.
Widespread power outages hit the White House, the Capitol, train stations and tourist sites all over Washington, D.C., and its suburbs on April 7, reportedly the result of an explosion at a Maryland power plant.
Many of the outages were brief, but some were longer and forced evacuations, the Associated Press reported.
Federal Reserve Banks info systems get good grade
A Government Accountability Office audit of the Schedules of Federal Debt data for fiscal years 2013 and 2014 found that the Department of the Treasury's Bureau of the Fiscal Service had addressed "information systems control-related deficiencies" in four of six reviewed cases, and was making progress on the other two.
The information systems with control over key financial systems maintained and operated by Federal Reserve Banks on behalf of the Treasury Department could use some tweaks to improve performance, the GAO report said, particularly in security management and IS controls. The data is critical to keeping track of U.S. financial transactions.
Federal Reserve Information Technology Computing Centers maintain and operate key financial systems to process and reconcile funds disbursed and collected on behalf of Treasury. Detailed data initially processed at Federal Reserve Banks are summarized and then forwarded electronically to Fiscal Service's data center for matching, verification and posting to Fiscal Service's general ledger.
IBM opens network tech testing facilities
IBM has opened two labs where clients can evaluate and test software-defined networking, network function virtualization and analytics-driven automation in near-real environments, GCN reports.
Tailored for large enterprise networking systems and telecommunications operators, the centers -- one in Dallas and the other in Nice, France, will let clients experiment with solutions that feature resilient, high-performing and continuously available networks.