NewsDude
09-17-2008, 04:00 PM
The federal government cybersecurity team with primary responsibility for protecting the computer networks of government and private enterprise isn't up to the job, according to a draft Government Accountability Office report obtained by BusinessWeek.
The U.S. Computer Emergency Readiness Team, known as US-CERT, mans the front line in any cyber-attack. The group monitors computer networks for hacker threats, investigates suspicious activity online, and is supposed to issue timely alerts to information technology security professionals from the White House to corporations and electric utilities. But the GAO draft report describes US-CERT as bedeviled by frequent management turnover, bureaucratic challenges that prevent timely sounding of alarms, a lack of access to networks across wide swaths of critical terrain, and an inability to fill large numbers of positions with qualified workers.
Five years after the Homeland Security Dept. took charge of the team as a critical safeguard against threats to national security, US-CERT "still does not exhibit aspects of the attributes essential to having a truly national capability," according to the draft report.
Vulnerable to Foreign Adversaries
Privately, many within government and industry have grown increasingly concerned about the lack of such a capability. Without being able to effectively monitor a wide variety of computer networks across the country and quickly issue warnings of possible attacks, the government is, in effect, flying blind, or at least partially blind, despite the best of intentions. As BusinessWeek reported in April, the concern these days is not merely that a pimply teenager in Bratislava will hack a corporate network or that Russian hackers will shut down a retailer's Web site with a so-called "denial-of-service attack." Rather, it's that there could be a sophisticated intrusion of sensitive computer networks by a potential foreign adversary such as China.
An independent bipartisan commission of corporate executives, network security specialists, and military and intelligence officials...
More... (http://www.toptechnews.com/story.xhtml?story_id=61890)
The U.S. Computer Emergency Readiness Team, known as US-CERT, mans the front line in any cyber-attack. The group monitors computer networks for hacker threats, investigates suspicious activity online, and is supposed to issue timely alerts to information technology security professionals from the White House to corporations and electric utilities. But the GAO draft report describes US-CERT as bedeviled by frequent management turnover, bureaucratic challenges that prevent timely sounding of alarms, a lack of access to networks across wide swaths of critical terrain, and an inability to fill large numbers of positions with qualified workers.
Five years after the Homeland Security Dept. took charge of the team as a critical safeguard against threats to national security, US-CERT "still does not exhibit aspects of the attributes essential to having a truly national capability," according to the draft report.
Vulnerable to Foreign Adversaries
Privately, many within government and industry have grown increasingly concerned about the lack of such a capability. Without being able to effectively monitor a wide variety of computer networks across the country and quickly issue warnings of possible attacks, the government is, in effect, flying blind, or at least partially blind, despite the best of intentions. As BusinessWeek reported in April, the concern these days is not merely that a pimply teenager in Bratislava will hack a corporate network or that Russian hackers will shut down a retailer's Web site with a so-called "denial-of-service attack." Rather, it's that there could be a sophisticated intrusion of sensitive computer networks by a potential foreign adversary such as China.
An independent bipartisan commission of corporate executives, network security specialists, and military and intelligence officials...
More... (http://www.toptechnews.com/story.xhtml?story_id=61890)