A $6 billion security system intended to keep hackers out of computers belonging to federal agencies isn't living up to expectations, an audit by the Government Accountability Office has found.
A public version of the secret audit — a secret version containing more sensitive findings was circulated to government agencies in November — released last week concerns the Einstein system, formally called the National Cybersecurity Protection System and operated by the U.S. Department of Homeland Security.
The GAO found that the system has limited capability to detect anomalies in network traffic that sometimes indicate attempts to attack a network. What it can do is scan for and detect attacks based on a list of known methods or signatures. Most of the signatures used to scan for the attacks are available in commercial-grade products, though a few were developed specially for the government.
More from Re/code: