A [in]Seguran\c{c}a dos Sistemas Governamentais Brasileiros: Um Estudo de Caso em Sistemas Web e Redes Abertas

TL;DR

This paper evaluates the security of Brazilian government web systems, revealing multiple vulnerabilities and highlighting the need for improved security measures in public digital services.

Contribution

It provides a systematic security assessment of government systems, identifying vulnerabilities and emphasizing the importance of addressing security gaps in public institutions.

Findings

Multiple vulnerabilities identified in government web services

Unprotected services have inadequate security levels

Need for improved security practices in government systems

Abstract

Whereas the world relies on computer systems for providing public services, there is a lack of academic work that systematically assess the security of government systems. To partially fill this gap, we conducted a security evaluation of publicly available systems from public institutions. We revisited OWASP top-10 and identified multiple vulnerabilities in deployed services by scanning public government networks. Overall, the unprotected services found have inadequate security level, which must be properly discussed and addressed.