DHS Website Running Outdated and Insecure Version of Drupal

Ahead of a vote on the CISPA legislation the head of the Department of Homeland Security (DHS) will be briefing members of the House of Representatives today on cybersecurity. Maybe the briefing should be on how not to do cybersecurity as the DHS is failing to take a basic security measure with their website. If you visit their website with our Drupal Version Check extension installed in your web browser (available for Chrome and Firefox) you will see that they are running an outdated version of Drupal:

Department of Homeland Security Website is Running Outdated Drupal Version

Keeping software up to date is one the basic steps and easier steps when it comes to cybersecurity and the DHS is failing at that. The larger question that this raises is what else they might be failing to do when it comes to cybersecurity, since they fail to do something so basic.

Further checking shows that the website is running Drupal 7.14, so the DHS has failed to update the software for over 8 months, the next version was released back in August of 2012, and they have missed the last 4 security updates.

Leave a Reply

Your email address will not be published.