PROVIDENCE, R.I. - Looking to gauge the risk of attacks against their networks, state officials this week will vote on new measures that would assess threats and dictate specific actions to take to protect key resources.
If adopted, the common alert-level procedures would color-code the threat to state networks and recommend action to take in response to specific threats. The proposed cybersecurity alert system would establish a secure Web site state officials could tap to determine why each state has the security ranking it does and whether they should take action based on what other states experience.
Homeland security ranked among the key topics considered last week at the National Association of State Telecommunications Directors (NASTD). The state network executives also shared experiences with VoIP, and concerns about public-safety networks, the threat of worms to state agencies, making more efficient use of existing infrastructure and getting enough staff to carry out their duties.
NASTD members were warned that coordinated attacks against their networks could be a tactic terrorists use. "We should regard cyberterrorism as a weapon of mass destruction," said William Pelgrin, chairman of the Multistate Information Sharing and Analysis Center (MS-ISAC), which he coordinates through the New York State Office of Cyber Security & Critical Infrastructure Coordination.
The system will be very specific, Pelgrin said. "If we went to yellow, it would tell you why and what you need to do right now. It might be: Block Port 445 until a patch comes out."
MS-ISAC has been developing for more than a year and already has helped out member states. During last August's week of worm outbreaks, Arkansas sought and received help to restore its affected network segments, said Claire Bailey, the director of its the state's department of information systems.
MS-ISAC is an informal group set up at the request of the Department of Homeland Security (DHS) to gather and share data about critical state government networks with the goal of protecting them from potential cyberattacks that could threaten public health and safety.
While Pelgrin said the full cyber-evaluation criteria are secret, he said the appraisal takes into consideration events outside the networks. For instance, New York has been ranked as blue or "guarded" solely because the Republican National Convention is being held this week in New York City, Pelgrin said, not because of network problems.
Montana, which shares a 600-mile border with Canada, is seeking grants to upgrade law-enforcement radio networks so local, county, state and federal agencies can talk to each other, said Carl Hotvedt, chief of the network technology services bureau for the state's information services division. "The problem is a lot of different systems that don't talk to each other," he said.
Federal agents at a remote border crossing recently needed help from the local police 10 miles away, but their radios used different frequencies. "The border patrol needed backup but couldn't contact the local sheriff," Hotvedt said.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment