Science and Tech

Actions

What The Government Is Doing About Its Hackable Sites

The White House Office of Management and Budget issued the HTTPS-only standard directive Monday because the government just keeps getting hacked.
Posted

The White House is working to fix a security problem. On Monday the Office of Management and Budget issued the HTTPS-Only Standard directive.

The instruction requires all publicly accessible government websites to use the more secure HTTPS protocol.

OK, so what does this mean? Basically, the government is finally stepping up its data security game to make sure any of the websites where users submit private data are better protected from hackers.

HTTPS — you've probably seen it before on sites like Google, Facebook or Twitter. And those five letters might not seem like a big deal, but they are.

The "S" at the end of "HTTP" means a site is secure. The security is added when a site uses a secure sockets layer connection.

"All we're really saying is that the data that gets transmitted from the web browser to the web server — and vice versa — is encrypted," according to a report from a YouTube channel that discusses tech.

You might be asking yourself, why weren't the government's sites already secured? The short answer is — we don't know.

In March, the Office of Management and Budget first proposed the HTTPS-only standard. The office also requested the public's feedback on GitHub to help get the new, more secure framework up to snuff.

Now that the directive is officially official and there are guidelines for all government bodies to follow, the whole system — .gov and beyond — has until the end of 2016 to make the switch to HTTPS. But that might not be soon enough.

You don't need to look far back to find instances where the U.S. government's cyber security wasn't up to par. Since 2013, the State Department, U.S. Postal Service, National Weather Service and even the Department of Energy have suffered security breaches.

And just last week the Office of Personnel Management was hacked. Up to 4 million federal employees had their data stolen, and The Wall Street Journal reports those hackers were likely in China.

With the recent examples like these, is a year-and-a-half deadline to make the switch really soon enough to prevent the next hack? Good question. I guess we'll find out.

This video includes images from Getty Images and music by Bensound / CC BY ND 3.0.