Why We Did This Report
The U.S. Environmental Protection Agency Office of Inspector General has identified concerns regarding the installation and use of unauthorized software, specifically jiggler software, on EPA computers and networks. Commonly referred to as “mouse jigglers,” jiggler software simulates activity on a laptop, preventing the laptop from entering sleep mode and locking out its user. After running network scans in two EPA regions in November and December 2024, the Agency discovered 120 employees and contractors using jiggler software.
Summary of Findings
Our investigation found that jiggler software could bypass the Agency’s Windows Installer settings, that some of the EPA’s information technology specialists believed they were exempt from the policy, and that other EPA employees and contractors installed the software without authorization. Furthermore, we discovered inconsistencies in how quickly the regional offices acted to remove the jiggler software after it was detected. The installation and use of unauthorized software on EPA computers and networks represent critical cybersecurity risks and ethics violations for the Agency.