Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it's official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Penetration Test of the Administration for Children and Families' Computer Networks and External Web Applications

We assessed Administration for Children and Families' (ACF) network's exposure to cyber attacks by performing penetration testing of its network and Internet-facing systems. Specifically, we performed Web vulnerability testing from Office of Inspector General facilities and wireless testing onsite at ACF offices in Washington, DC.

We found that ACF needs to strengthen the information security controls over its external Web applications and wireless networks. Although we did not obtain unauthorized access to the ACF network, we identified vulnerabilities that could lead to a cyber security incident involving ACF systems and data, given enough time and persistence by malicious computer hackers.

We recommended that ACF implement our detailed recommendations to address the specific findings we identified.