http://www.govexec.com/dailyfed/0401/040601j1.htm
By Joshua Dean
jdean@govexec.com
April 6, 2001
Members of Congress watched Thursday as an Energy Department
cybersecurity expert hacked into a computer hooked to the Internet,
underscoring the federal governments vulnerability to international
information warfare.
Members of the House Energy and Commerce Committees Subcommittee on
Oversight and Investigations looked on as Jason Bellone, a member of
Energys Office of Cybersecurity and Special Reviews, broke passwords
again and again with tools available for free download over the
Internet.
The federal government stores vast amounts of sensitive data, said
full committee chairman Billy Tauzin, R-La. And when it comes to
computer security we are barely treading water. In this increasingly
interconnected world, were either going to prioritize our resources
better to meet this challenges ... or were going to find ourselves in
deep, deep trouble, Tauzin said.
The demonstration was meant to heighten the federal governments
awareness of just how serious information security risks and threats
are. Defense Department data indicate that more than 100 countries
have or are creating information warfare capabilities. The nature of
the threat is difficult for even the experts to define. In cyberspace
we all look the same, said Ronald Dick, director of the FBIs National
Infrastructure Protection Center. Finding the origin of an intrusion
... is a huge challenge.
The statistics of cyber incidents and successful compromises are
frightening. In 1999, 580 incidents affected 1.3 million civilian
systems and 614 military systems, according to data provided by the
Federal Computer Incidence Response Capability (FedCIRC). But this
number barely scratches the surface of the problem. FedCIRC estimates
that 80 percent of all cyber incidents go unreported.
As government and industry systems and network interconnectivity
increase, the boundaries between the two begin to blur, said Sallie
McDonald, assistant commissioner of the General Services
Administrations Office of Information Assurance and Critical
Infrastructure Protection. With the rapid transition to a paperless
government and increasing dependence on e-government solutions, the
focus on secure technology approaches must be a high priority.
The threat of information warfare combined with the increased reliance
on computers for vital operations within the public and private
sectors frightens many already in the trenches.
The United States spends billions of dollars buying weapons and
gaining intelligence to protect our country from more conventional
kinds of attack, said Tom Noonan, president and CEO of Internet
Security Systems Inc., a computer security software developer based in
Atlanta. Our computer systems must also be adequately protected, or
our entire infrastructure could be compromised by one person with one
computer.
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Mon Apr 9 01:58 CDT 2001