My point precisely. It should be physically impossible. A request for secure records should go through a person, period. I feel the same way about hacking cars, airplanes, sewer systems, the power grid; it should be physically impossible without a cable connection at a secure location.
Should?! In my line of work, it WAS impossible. They were physically separated. Anything going in never came out again, unless is was secured and shredded, on site by ‘approved’ entities. Anything less and you would no longer be DOING business...let alone with the DoD/govt.
There’s NOTHING preventing the same in the public sector. Hell, I’m sure it’s all 20yrs behind anywhere since they piss our $$ away on everything ELSE...easy pickings; but why make it EASIER by plugging it into the ‘net?
Answer: Because it doesn’t effect THEM. NO accountability, no fines, no lose of job no JAIL.