All sectors of government are now fully aware that cyber attacks from terrorist groups are increasingly posing a serious threat to national security and continuity. Government officials from more than 150 countries gathered in the USA in 2007 and submitted a strategic direction document on cyber and related issues. This followed a similar Canada – US alliance in 2000 that produced the National Strategy for Homeland Security.
What was the impetus for the change
The new Canadian strategy notes that threat changes and evolves, with the jihadi threat centering on terrorist groups specifically targeting government and private sites, and the potential for asymmetric threats such as cyber-attacks. Posed a direct threat to the National Security and Defense, Canada’s new government website was compromised by hackers.
The US government insists that the new US strategy address “cyberattacks that put lives at risk”. The document does not use the specific term “cyberwar” but describes actions against those who launch attacks using computer networks and devices.
The US Defense Department is acknowledging the potential for cyberattacks against the United States but warns that initial attacks against the United States will be aimed at supporting local groups and stopping covert operations by terrorist groups.
The new US strategy is expected to be formally released by the administration of US President Barack Obama this week. It is expected to include a section on cybersecurity that will set out the administration’s cybersecurity strategy.
On Tuesday, journalist Michael MacLean was arrested in his home in Dartmouth, New York, along with his colleague, after being accused of leaking highly classified information.
The US Department of Justice is investigating possible crimes committed by government employees and contractors. Attorney General Eric Holder has said that MacLean’s arrest is a reminder that Americans face a wide range of threats from hackers, malicious attacks, and state-sponsored cyber-attacks.
Since November 2009, 700,000 computers have been hijacked and taken over each day. Hackers behind the attacks are looking to Next Level and involved in developing next-generation attacks that involve thousands of computers and can shut down hospitals, regulators, and government agencies.
Therossuspense@usdoj.gov has been tracking hack attacks and has identified more than 860 attacks that have hit US comm systems. The most-reported attacks happened between November of 2009 and December of 2010.
The Harvard Law Review has published several articles on SCADA related issues recently. One of the articles, “Cyber-Attacks on Justice: The Law of Cyber-Attacks in the Public Forum” (McGraw-Hill, January 2011). Suggests that SCADA system hackers may Militarize networks for military use.
David Digregor, an attorney with the FTC, spoke about SCADA systems in a speech to the University of Florida in November 2009. He stated that SCADA systems are an extension of the Internet for critical systems and that we need to ensure that we maintain the same level of investment in infrastructure that we have seen in the past.
However, some experts dispute the Militarization notion, maintaining that such an approach to cybersecurity is counterproductive. They warn that such an approach will only encourage further hacking since would-be hackers know that the consequences of attacking a specific target will be much less severe than the risks of attacking an entire system.
Whether or not you agree with the latter position, the fact is that serious questions about spending and priorities need to be addressed.
What is being done to change the situation
The United States Government spends approximately $160 billion annually on federal IT programs. The majority of this spending is for IT security, resulting in roughly 75% of all legal disabled for corporations. The largest sector of the attack on government systems is from malicious attacks, with “cyber-crime” making up approximately 26% of all federal crimes.
If we are serious about pursuing the goals of Digital Certificates and other security initiatives. Then we need to recognize that we are dealing with a massive update to security infrastructure that has been undertaken in the open-source community over the last decade. The Joint Defense will include aspects of digital certifications as part of its framework for enabling a policy that puts the nation’s digital infrastructure at risk.
The National Strategy for Homeland Security, which is being developed by the departments of Defense and Homeland Security, and the National Strategy Office (Palestinian Defense), each has its digital security groups. The departments of Homeland Security and Defense are each included within the National Strategy Office.
The Department of Homeland Security (DHS) is the department primarily responsible for the domestic control of all cyber military and federal cybersecurity. The Office of Management and Budget (OMB) within the OMB administers and directs all federal cybersecurity programs, regarding information security risk and risk tolerance.
The legislation mandates that the federal government operate a common information security effort among all federal executives. This would include things like creating common standards and editing processes for us to follow.
Read my other posts: