Pentagon officials have decided to expand a program that brings the government and Internet service providers together in an effort to secure information resources used by the defense industry. In the past, it was often difficult to notify contractors of online threats in time to avert theft or damage. Now the government and private companies are working together to ensure information security, which is a necessary step forward if the federal government is to function effectively in an era of borderless economies and technology-driven dangers.
The program was initially established as a voluntary effort in May 2011. It permits Internet service providers to scan email and other online traffic for “signatures” and sequences that signal suspicious network activity flowing into major defense contractors’ networks. In certain well-defined circumstances, it allows the service providers to block traffic before it can reach intended destinations. Officials acknowledge that the program has limitations, but say it is one of a series of tools they must embrace to cope with the rising tide of espionage and criminality on the global information grid.
Cyber attacks threaten utilities, financial networks and security systems around the world. A cyber-attack is defined as any deliberate action aimed at exploiting, degrading, disrupting or destroying information resources and infrastructure. Lack of cybersecurity could potentially compromise computer systems and networks the nation depends on for everything from medical services to transportation grids to electrical transmission to credit card transactions.
The Department of Homeland Security’s U.S. Computer Emergency Readiness Team (US-CERT) provides response support and defense against cyber attacks for the Federal Civilian Executive Branch and private sector partners. US-CERT shares information with state and local government, industry, and international partners to address cyber threats and develop effective security responses. In 2011, US-CERT responded to more 100,000 incident reports.
According to the Congressional Cybersecurity Caucus, about one-third or more of U.S. cyber attacks originate abroad. China and Russia seem to be the most frequent perpetrators of online espionage and crime. While the media have focused on attacks originating overseas, anyone with a computer, Internet access and basic hacking knowledge potentially has the ability to enter a computer system or network. The sources of online attacks are almost impossible to identify if perpetrators take simple steps to conceal their identity. Hence, it is easy for foreign governments to play dumb and deny involvement in cyber aggression even as they are sustaining online campaigns. Examples of this occurred in 2001 and 2008 when Estonia and Georgia accused Russia of cyber attacks, and in 2010 and 2011 when Google accused China of an attack on its network that gained access to hundreds of email accounts (including those belonging to senior U.S. government officials and military personnel).
The federal program now being expanded is a part of a larger public-private partnership to protect the nation’s cyber networks and systems. Former Deputy Secretary of Defense William J. Lynn III stated, “We hope the… cyber pilot can be the beginning of something bigger. It could serve as a model that can be transported to other critical infrastructure sectors, under the leadership of the Department of Homeland Security.”
Skillfully implemented, cyber aggression can be inexpensive, anonymous, and devastatingly effective. Comprehensive programs and procedures must be implemented to secure the nation’s networks against subversion or outright destruction. The government’s embrace of public-private partnerships is an essential step in assuring that the full array of vital information resources can be protected from enemies who have been empowered by new technology.
Find Archived Articles: