U.S. Government Plans New Cyber Security
When is secure really secure? The nation is still in uncharted waters.
To highlight National Cyber Security Month, U.S. Homeland Security Secretary Michael Chertoff expressed his desire for an aggressive computer infrastructure that would provide an aggressive defense, much like an anti-aircraft weapon.
The initial effort of the federal government, often referred to as Einstein, was designed protect the government computer network from internet and computer attacks by limiting the number of portals to government computer systems and searching for signs of cyber tampering.
Einstein 2.0 is a new system being tested to detect computer intrusions as they happen in real time. How strange when Chertoff announced that would like to see a program that looked for early indication of tampering and stop that tampering before any further efforts could be made. Isn’t that what Einstein 2.0 is all about? Apparently, even Einstein 2.0 is not strong enough medicine for Chertoff.
For years, government information has been compromised. Notable was an event made public in 2003 where Chinese government hackers routinely entered National Defense computers. Chertoff is fearful of terrorist activity that could “cause potentially very serious havoc” to government systems. He isn’t referring to the physical system as much as the compromised details those systems would hold. Potentially secret and private data would be lost to an enemy attacker forever. He plans on making the investment now instead of waiting for a catastrophe.
He admits that since the internet is seen as a place of freedom and privacy, coming in and taking over the national internet would create a great deal of discomfort. “We are deliberately going slowly because we recognize that the issue of government involvement in the Internet is fraught with all kinds of potential concerns and potential anxieties about not having the government have a big-foot impact on an area of communication and commerce that has traditionally been viewed as really independent and free.”
The Bush administration released a new National Cyber Security Initiative in January 2008 that spelled out increased security for federal government computer systems. Current anti-virus and firewall protection is not seen as robust enough. The other Bush plan in the security initiative is to develop cooperative measures with the private sector to address threats to businesses. This includes not only protection from hackers, but also from counterfeit parts, which an individual or another nation could use to create computer vulnerabilities in the United States.
One item is being publicly overlooked. The reality is that with the current complexity of programs today, a system could be easily compromised on the inside by savvy programmers. Sending computer and data work overseas as well as using foreign workers with temporary visas are highly questionable in a time when security seems to be the chief concern of some governmental authorities. Yet, that is exactly what U.S. industry and government continues to do, subverting the U.S. employment market with the pretense of saving money and failing to mandate secure procedures. How will a program that is written in a foreign land by foreign programmers meet the real security test? The best security program can be easily compromised by internal or planted terrorists. Keep in mind that one man’s terrorist is another man’s hero.
The U.S. government is clearly interested in stepping up surveillance and protection in the name of security. Do we trust them enough to do the job right using taxpayer money or does the U.S. government have any business meddling with internet any more than they do now? ~ E. Manning