Wireless audit finds unauthorized hotspots at IRS offices

Posted by Humphrey Cheung

Washington DC -In an internal audit, inspectors at the Internal Revenue Service have found unauthorized wireless devices at several offices which could allow hackers to compromise taxpayer information.  Last year, IRS techies scanned several officers and found one unauthorized wireless access point and indications of three other ones.  Michael Phillips the Deputy Inspector General for Audit has released a report documenting the audit and recommends that the agency continue proactively scanning for wireless networks.

The audit was done from April to November in 2006.  IRS technicians used Kismet to scan 20 buildings in 10 cities, mainly concentrating in the Washington DC area.  The techs found one unauthorized wireless access point in the Denver Colorado office and strong wireless signals in three other offices, but the techs were unable to track them to their source.

The Denver access point was connected to a DSL line being used by IRS criminal investigators for undercover assignments.  The access point was open to everyone, but the IRS says its network was safe because the wireless device and associated computer only connected to the DSL.  Interestingly enough, the techs discovered the hotspot in the morning, but when they returned later in the day, the hotspot had been turned off.  The hotspot has since been removed from service.

There is one authorized wireless network at the IRS offices in Bloomington Illinois, but the agency says it is aware of the dangers caused by unauthorized devices.  “If unauthorized wireless devices are installed and connected to the IRS network, sensitive financial data for over 226 million taxpayers could be at risk,” says Phillips.

Only 6% of offices were scanned in the audit and Phillips recommends that the agency perform regular proactive scans of its offices.  Regular employee training about unauthorized access points has also been recommended.

This is the second piece of IT-related bad news in recent weeks.  On April 5th we reported on another audit that documented hundreds of lost and stolen laptops.

You can read the 22 page wireless audit here .