CIA, NSA si Pentagon reaches the end of 2018 without implementing a security measure that would not make their infrastructure as vulnerable as in the case of other entities that use such services. More precisely, despite the fact that Homeland Security issued a directive in the US that obliges federal agencies to implement DMARC technology to protect emails, those from the CIA, NSA and the Pentagon have not rushed to implement it yet.
The CIA, the NSA and the Pentagon have not yet implemented this technology that allows the identification of the domain from which an email is sent to their servers, which can substantially reduce phishing attacks and even spam. The CIA is the federal agency that has technology implemented in the fewest areas it controls, the NSA is in no rush to do something similar, but even Homeland Security does not have total protection.
The CIA, the NSA and the Pentagon have a Serious Security PROBLEM
The CIA, the NSA and the Pentagon have over 100.000 employees working in the US, and various other corners of the planet, so protecting them should be a priority, but it seems that it is not, at least for now. It is possible that the CIA, NSA and the Pentagon have not implemented support for DMARC precisely because they use old technologies to carry out their activities, and to obtain unauthorized access to various computers, or even other servers.
"Fifteen percent of all US government domains still aren't employing DMARC, or domain-based message authentication, reporting, and conformance policy on their domains, which email systems use to verify the identity that the sender of an email is not an impersonator. But the CIA, the NSA, and the Department of Defense are among the outliers still haven't rolled out DMARC across their web domains."
The CIA, NSA and the Pentagon are not the only entities that have not implemented this technology, only a third of the companies present in the Forbes 500, i.e. the largest in the US, have integrated support for DMARC. If for private companies the problem remains with managers and shareholders, in the case of the CIA, NSA and the Pentagon, the problem is one of the government, but all the more serious, because the employees' computers also store information that falls into the category of state secrets.
