Report rips key government security efforts

Disruptive cyber activities will continue to plague US resources

You'd think maybe just once one of these examinations of government agency network security efforts would turn up some good news.  Not today.  

That's because the Government Accountability Office reports that efforts to deploy two of the Fed's most prominent security efforts the Trusted Internet Connections (TIC) and Einstein (or officially known as the National Cybersecurity Protection System) have largely gone unused, keeping the threat of cyber attacks on federal systems very real. 

FBI details most difficult Internet scams 

According to the GAO: As of September 2009, none of the 23 federal agencies it looked at had met all of the requirements of the TIC initiative. Although most agencies reported that they have made progress toward reducing their external connections and implementing critical security capabilities, most agencies have also experienced delays in their implementation efforts. TIC is supposed to secure and consolidate federal agencies' external network connections, including Internet connections, set baseline security and improve the government's response to infiltrations. Early this year the Office of Management and Budget is directing agencies to deploy a standard set of security tools and processes on all of their Internet connections, which may explain why many agencies haven't caught up.  

In the same time frame, fewer than half of the 23 agencies had executed Einstein and Einstein 2 had been deployed to 6 agencies. Agencies that participated in Einstein 1 improved identification of incidents and mitigation of attacks, but the Department of Homeland Security which oversees this efforts, will continue to be challenged in understanding whether the initiative is meeting all of its objectives because it lacks performance measures that address how agencies respond to alerts.  Einstein technology is intended to provide the DHS with Internet monitoring capability including intrusion detection.

While the GAO doesn't specifically link the lack of TIC and Einstein implementations to specific problems, its notes that federal security breaches have potentially allowed sensitive information to be compromised, and systems, operations, and services to be disrupted.  For example:

  • The Department of State experienced a breach on its unclassified network, which daily processes about 750,000 e-mails and instant messages from more than 40,000 employees and contractors at 100 domestic and 260 overseas locations.
  • The Nuclear Regulatory Commission confirmed that in January 2003, the Microsoft SQL Server worm known as "Slammer" infected a private computer network at the idled Davis-Besse nuclear power plant in Oak Harbor, Ohio, disabling a safety monitoring system for nearly 5 hours.
  • Officials at the Department of Commerce's Bureau of Industry and Security discovered a security breach in July 2006. In investigating this incident, officials were able to review firewall logs for an 8-month period prior to the initial detection of the incident, but were unable to clearly define the amount of time that perpetrators were inside its computers, or find any evidence to show that data was lost as a result. 

With agencies still in the process of implementing TIC and DHS in the early stages of deploying Einstein 2, the success of such large-scale initiatives will be in large part determined by the extent to which DHS, OMB, and other federal agencies work together to address the challenges of these efforts, the GAO stated. 

This report comes on the heals of another GAO study that found about 69% of the IRS' previously noted security flaws  remain unfixed and continue to jeopardize the confidentiality, integrity, and availability of the tax agency's  systems. The problems put the IRS at increased risk of unauthorized disclosure, modification, or destruction of financial and taxpayer information, the GAO concluded. 

The GAO recently issued another report stating that disruptive cyber activities are expected to become the norm in future political and military conflicts.

From the GAO: "The growing connectivity between information systems, the Internet, and other infrastructures creates opportunities for attackers to disrupt telecommunications, electrical power, and other critical services. As government, private sector, and personal activities continue to move to networked operations, as digital systems add ever more capabilities, as wireless systems become more ubiquitous, and as the design, manufacture, and service of information technology have moved overseas, the threat will continue to grow."

Follow Michael Cooney on Twitter: nwwlayer8  

Layer 8 Extra

Check out these other hot stories:

NASA: What's next?

NASA Juno spacecraft will target Jupiter

NASA space shuttle Discovery: What's left?

US one step closer to cyber guards for national electric grid

Europe's space agency wants to do what NASA can't: Fly to moon

NASA essentials

US in search of Apple, cell phone forensic tools as online crime morphs

NASA gives Mars rover extra smarts

US agencies hot on predicting climate change

IRS security faults leave taxpayer information at risk

US to develop smart machines with visual intelligence

Copyright © 2010 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022