A House subcommittee is holding a hearing tomorrow to try to understand "how deeply" US government computers have been penetrated by foreign forces and whether the government's IT response so far is adequate, ComputerWorld reports.
"The purpose of this hearing is to afford [House members] the opportunity to understand how deeply our systems have been penetrated," the briefing materials for the hearing said. "Experts believe that the remediation efforts that are currently underway are not able to completely clear out hackers from government networks."
Invited to testify are officials from the State and Commerce departments, Homeland Security, the Idaho National Laboratory and VeriSign Inc.
The State Dept. was attacked in June 2006 by hackers with Chinese IP addresses who stole passwords and other data and planted backdoor programs on the systems. A month later the Commerce Dept's Bureau of Industry and Security was hacked and theives attempted to access user account information.
"Members will understand that the penetrations on our systems were bad -- so bad that we don't even know whether we or the attackers now control our own systems," the briefing materials noted.
A key question is whether the agencies have ever implemented all the requirements of the Federal Information Security Management Act (FISMA) and whether FISMA controls are adequate in any case.
"I always hoped Congress would wake up one day and finally discover that the federal government had been deeply and broadly penetrated by cyberattackers from other countries," said Alan Paller, director of research at the SANS Institute, a security research and training company in Bethesda, Md. He also asserted "that the defenses they have in place have not protected them, that much of the money they have spent on FISMA reports has been wasted, and [that FISMA funding] should have been spent on actual security," he said.