Last week Department of Homeland Security Michael Chertoff outlined plans for a federal Manhattan Project to bolster cyber security. The big question is whether this project will bolster cyber security defenses as attacks on U.S. infrastructure escalate.
In a nutshell, Chertoff says federal agencies will cut the number of communication points through which agencies connect to the Internet from 4,000 to less than 100.
Will this be enough? It's highly doubtful given some recent findings from BusinessWeek.
In its cover story, BusinessWeek reported that government agencies are under repeated attacks. Meanwhile, key defense contractors are also under attack. Add it up and it's clear the U.S. is outgunned against hackers. The article didn't break a lot of new ground, but here are the key takeaways from the article, which is largely based on a spear phishing incident at defense contractor Booz Allen.
Weak links abound. BusinessWeek reports:
The U.S. government, and its sprawl of defense contractors, have been the victims of an unprecedented rash of similar cyber attacks over the last two years, say current and former U.S. government officials. "It's espionage on a massive scale," says Paul B. Kurtz, a former high-ranking national security official. Government agencies reported 12,986 cyber security incidents to the U.S. Homeland Security Dept. last fiscal year, triple the number from two years earlier. Incursions on the military's networks were up 55% last year, says Lieutenant General Charles E. Croom, head of the Pentagon's Joint Task Force for Global Network Operations. Private targets like Booz Allen are just as vulnerable and pose just as much potential security risk.
The reality is that the DHS could be the most secure agency on the planet, but critical infrastructure would still be vulnerable. Nearly all the networks that the DHS needs to be secure are out of its control and in private hands.
Attacks originate in China. BusinessWeek reports:
The military and intelligence communities have alleged that the People's Republic of China is the U.S.'s biggest cyber menace. "In the past year, numerous computer networks around the world, including those owned by the U.S. government, were subject to intrusions that appear to have originated within the PRC," reads the Pentagon's annual report to Congress on Chinese military power, released on Mar. 3. The preamble of Bush's Cyber Initiative focuses attention on China as well.
Nothing new there. Later in the story, BusinessWeek notes that China is the most controlling when it comes to the Internet. Nevertheless, China plays the "we can't stop these guys" card when it comes to hackers. These two positions don't exactly mesh.
Current defenses don't work. BusinessWeek reports:
Sophisticated hackers, say Pentagon officials, are developing new ways to creep into computer networks sometimes before those vulnerabilities are known. "The offense has a big advantage over the defense right now," says Colonel Ward E. Heinke, director of the Air Force Network Operations Center at Barksdale Air Force Base.
BusinessWeek specifically calls out antivirus vendors to note that few could detect the specific attack mentioned in the story. For security industry insiders, the inability of anti-virus software to adapt is well known.
There is a bright side to this mess. The government is at least creating a Manhattan Project to deal with the problem. With any luck this big project will be more than just a bunch of position papers and Congressional yapping. The hope, which may be naive, is that if the feds could build the Internet they can cook up an immune system to go with it.