The six greatest threats to US network security
Security threats from government insiders, foreign countries, terrorists all pose grave threats, GAO reports.
By Layer 8 on Tue, 11/17/09 - 9:15pm.
It's not a very good day when a security report concludes: Disruptive cyber activities expected to become the norm in future political and military conflicts. But such was the case today as the Government Accountability Office today took yet another critical look at the US federal security systems and found most of them lacking.
From the GAO: "The growing connectivity between information systems, the Internet, and other infrastructures creates opportunities for attackers to disrupt telecommunications, electrical power, and other critical services. As government, private sector, and personal activities continue to move to networked operations, as digital systems add ever more capabilities, as wireless systems become more ubiquitous, and as the design, manufacture, and service of information technology have moved overseas, the threat will continue to grow. "
Within today's report, the GAO broadly outline the groups and types of individuals considered to be what it called key sources of cyber threats to our nation's information systems and cyber infrastructures. From the GAO:
Foreign nations: Foreign intelligence services use cyber tools as part of their information gathering and espionage activities. According to the Director of National Intelligence, a growing array of state and nonstate adversaries are increasingly targeting-for exploitation and potential disruption or destruction-information infrastructure, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers in critical industries.
Criminal groups: There is an increased use of cyber intrusions by criminal groups that attack systems for monetary gain.
Hackers:Hackers sometimes crack into networks for the thrill of the challenge or for bragging rights in the hacker community. While remote cracking once required a fair amount of skill or computer knowledge, hackers can now download attack scripts and protocols from the Internet and launch them against victim sites. Thus, attack tools have become more sophisticated and easier to use.
Hacktivists: Hacktivism refers to politically motivated attacks on publicly accessible Web pages or e-mail servers. These groups and individuals overload e-mail servers and hack into Web sites to send a political message.
Disgruntled insiders: The disgruntled insider, working from within an organization, is a principal source of computer crimes. Insiders may not need a great deal of knowledge about computer intrusions because their knowledge of a victim system often allows them to gain unrestricted access to cause damage to the system or to steal system data. The insider threat also includes contractor personnel.
Terrorists: Terrorists seek to destroy, incapacitate, or exploit critical infrastructures to threaten national security, cause mass casualties, weaken the U.S. economy, and damage public morale and confidence. However, traditional terrorist adversaries of the United States have been less developed in their computer network capabilities than other adversaries. The Central Intelligence Agency believes terrorists will stay focused on traditional attack methods, but it anticipates growing cyber threats as a more technically competent generation enters the ranks.
Testifying before the Senate Judiciary Committee, Subcommittee on Terrorism and Homeland Security today, FBI Deputy Assistant Director, Cyber Division said that while the FBI has not yet seen a high level of end-to-end cyber sophistication within terrorist organizations, it is aware of and investigating individuals who are affiliated with or sympathetic to al Qaeda who have recognized and discussed the vulnerabilities of the U.S. infrastructure to cyber attack; who have demonstrated an interest in elevating their computer hacking skills; and who are seeking more sophisticated capabilities from outside of their close-knit circles.
"In addition, it is always worth remaining mindful that terrorists do not require long term, persistent network access to accomplish some or all of their goals. Rather, a compelling act of terror in cyberspace could take advantage of a limited window of opportunity to access and then destroy portions of our networked infrastructure. The likelihood that such an opportunity will present itself to terrorists is increased by the fact that we, as a nation, continue to deploy new technologies without having in place sufficient hardware or software assurance schemes, or sufficient security processes that extend through the entire lifecycle of our networks," Chabinsky said.
Layer 8 in a box
Check out these other cool stories:
NASA, Microsoft want you to be a Martian
Tracking the world's great unsolved math mysteries
NASA space shuttle's cosmic cuisine
NASA offers $400,000 prize for super space glove
NASA to power Mars rover out of sand trap
Military wants lightweight fiber lasers for unmanned aircraft
Damn the torpedoes: NASA, European Space agency want to go to Mars
Commercial space operations seeing big cash infusion
Airborne lasers make high-speed military network zip
Air Force: US decades behind on satellite protection
- About Layer 8
- Layer 8 is written by Michael Cooney, an online news editor with Network World
- Archives
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
Sponsored Links
- Educational Wi-Fi Reference Poster Program to help get you up to speed on Wi-Fi Standards, including 802.11n- Xirrus
- Driving Operational Efficiency in the Datacenter- Microsoft
- FREE Encryption Tool - Encrypt and share your confidential files easily- Sophos
- Microsoft Open Specifications - Fostering innovation, interoperability and vibrant developer communities – Learn more- Microsoft
- Learn the advantages of web app acceleration with Akamai- Akamai
- Compuware can help you optimize application performance. Find out how. - Compuware
- Linux and Unix in Your Environment? Don’t Leave Security to Chance- Quest Software
- Securing Virtualized Data Centers - eBook - Trend Micro
- Efficiency goes up. Costs come down.- Microsoft
- SQL Server Experts: Virtually unstoppable- Microsoft
-
Network World, Inc
The Leader in Network Knowledge
No problems...Only a Solution: Preventing Net Breaches
Attn: Michael Cooney: Why not stop consolidating news feeds and do some thing called being a correspondent for a change.
Here's a PR for a change and if any one is interested in a deliverable solution today, just send me your full contact info and questions to me: continuump@gmail.com.
Contact: Ted Faraone 212-489-1313 (ted.faraone@verizon.net)
FOR IMMEDIATE RELEASE
WORLD’S ONLY SECURE CYBER PROTECTION AGAINST HACKERS LAUNCHED COMMERCIALLY – CONTINUUM PARTNERS DEBUTS SNI
NEW YORK – In a development with major implications for the security of nations and businesses dependent on computer networks to function, the world’s only trusted commercial system for protecting networks from cyber assaults is being made available to new clients.
Secured Network Infrastructure (SNI), the only network protection that uses a hardware gate in addition to our Open OS to intercept hackers and keep a protected network up and running during a cyber attack, SNI will become available in quantity for the first time according to Continuum Partners LLC. As a “Standards” based enhanced network security protection system, SNI has been proven effective both scientifically and in the field.
SNI is a patented plug and play system compatible with all networks currently in use. It complies to the standards for “Trusted” systems as defined by the “Common Criteria Recognition Agreement” an international protocol. The National Security Agency (NSA) recognizes and supports Common Criteria.
SNI was developed following the 9 -11 attacks. “I worked as a volunteer at Ground Zero,” says Continuum Partners CEO Robert S. (Bob) Pollock. “I saw the destruction, and I realized that America is far more vulnerable to cyber attack than it is to another kamikaze attack from the air.” Pollock, a long time New York businessman and IT technology consultant, re-structured Continuum Partners to that of a developer/manufacturer and bring to market this remarkable invention of his Partner, Pierre Bergeron.
“Until Pierre created SNI, every network, no matter how critical, was vulnerable to cyber attack,” says Pollock. “All previous security systems used only software. Software alone as every security expert in the trade knows can be breached. Our solution is to augment the software firewall with a physical barrier called the SNI Matrix Unit. It’s a hardware device placed between the Internet and the network one needs to protect. The Matrix Unit, using proprietary autonomic software that is compatible with all computer systems, detects an intrusion attempt at the point of entry to the protected network. Then, in less than a millionth of a second, it dumps the hacker into a mirror of protected network, giving time for the hacker to be traced while preventing the protected network from going down. We estimate that this will cut network down time by up to 95% as well as protect sensitive data from theft or compromise.”
The need for protection offered by SNI cannot be overstated. Since 2007, China breached with the help of university computers a large US national security defense contractor over a long period of time. Hackers shut down Los Angeles International Airport, stole credit and debit card data of 130 million customers of Heartland Payment Systems, and Hannaford Brothers Co., a supermarket chain, and 7-11. Express Scripts has to date 700,000 records held for ransom. In October 2009 an ex-Ford Motor Company engineer was indicted for stealing more than 4,000 documents containing automotive trade secrets from a protected Ford computer. The US General Accounting Office reported recently that NASA (The National Aeronautics and Space Administration) was successfully hacked 1,120 times over the past two years. The government systems of Estonia were brought down by a massive hacker attack. In 2008, Panama’s Electrical Grid was held for ransom and brought down by a breach for four days. And in April 2009 a report surfaced in The Wall Street Journal that the electrical grid of the United States had been infiltrated by cyber-spies who left behind software that could shut it down. Such “cyber-warfare” could give an enemy an advantage in a future conflict that no fifth-column has ever been able to achieve.
“The security of the civilized world is at stake,” Pollock said. “If you can shut down the US electrical grid, you can put the country out of business. Our mission is to keep the critical networks of the US and its allies up and running.”
SNI has been sold to select customers, who have used it with great success. They include the US Navy and Air Force, Canada’s Department of Public Safety (DHS), Passaic County (NJ) Data Centers, L-3, the New York Board of Trade and Allied Irish Bank. The customer base reports “tech support” cost savings from 60 to 80 percent as well as increased network “up” time.
For its commercial roll-out, Continuum will launch a licensing program for major manufacturers in North America who are in good standing with the governments of the US and Canada. “We are offering the only commercially priced system to prevent network breaches. We can deliver it now,” Pollock says.
In the near term, Continuum will also be releasing it’s new “Real Time Administrator” which sits over all the popular network management systems (IBM’s Webshere, HP Oven View, etc) Additionally, there universal interface for Systems Controls (i.e., Johnson Controls, Trane, etc.) and any other physical security nets, etc.
The company is turning its attention to burgeoning military and civilian wireless networks, including emergency services which use new software-based narrow band radios. The company has developed and patented a line of “High-Assurance End Point” wired and wireless products to protect these new networks from attack. These same devices will be also used for End Point devices in the IT & SCADA networks.
We can't possibly scale up our manufacturing capability fast enough to harden up North America's alone. Therefore, we will soon be announcing a Licensing Program for all North American OEM's initially, provided that is in good standing with the Canadian and US Governments. Early next year we will expand this program to the countries that implement the Common Criteria Standards.
Your PR Sounds Great..
..but your site makes no mention of the fact. Also, your site looks like a interior design firm vs. an IT provider.
Any chance your related to Bernie Madoff?
GAO reporting on threats to security?
Did the GAO receive some extra powers and authority in the recent past? I can understand the GAO performing risk assessments (part of their "accountability" function), but for the GAO to "outline the groups and types of individuals considered to be what it called key sources of cyber threats to our nation's information systems and cyber infrastructures" seems a bit beyond the GAO's line of duty...
Post new comment