[Infowarrior] - Chertoff pushes cybersecurity goals

Wed Apr 9 02:50:35 UTC 2008

 Chertoff pushes cybersecurity goals

http://news.yahoo.com/s/ap/20080409/ap_on_hi_te/chertoff_cybersecurity&print
er=1;_ylt=AvFNHn.507z99r25tnAzXNVk24cA

By JORDAN ROBERTSON, AP Technology Writer1 hour, 32 minutes ago

Federal cybersecurity officials are trying to develop an early warning
system that alerts authorities to incoming computer attacks targeting
critical U.S. infrastructure, Homeland Security Secretary Michael Chertoff
said Tuesday.

Chertoff's keynote speech at the RSA security conference, however, was light
on details about this and other initiatives, many of which he said were
classified.

Some security experts said the idea of an early warning system seemed
far-fetched.

Robert Graham, chief executive of Atlanta-based Errata Security and an
expert on computer-intrusion prevention, said current technology can only
detect when a hack has already occurred ‹ and even then the breaches usually
happen too fast for an early warning.

"Technologically, all we can do is a post-warning system ‹ you've been
hacked," he said. "It's instantaneous. It's not like a hurricane or missile
coming at you that you can track coming toward you. It's just there."

Chertoff did not say how the government plans to detect and flag computer
threats as they sneak into government networks. But he did acknowledge the
technical challenge in developing such a system.

"It's going to be hard. It's hard technically. It's hard because to some
degree it requires working together," Chertoff said in response to a
question. "The fact that something's hard doesn't mean, 'Let's not do it
because it's going to be difficult.' It means, `Let's roll up our sleeves
and get started.'"

Chertoff said the system would improve upon the government's current tools
for analyzing computer threats, which he said are built on "fundamentally a
backward-looking architecture" ‹ that is, they scrutinize threats coming
into the networks and work backward to identify the nature and source of the
attack.

He was referring to the "Einstein Program" run out of the United States
Computer Emergency Readiness Team, or US-CERT, a partnership of the homeland
security department, other public agencies and private companies. The
Einstein program is an automated process for collecting and sharing security
information.

U.S. officials have acknowledged that hackers have broken into the networks
of at least one government research laboratory and even the Pentagon over
the past year and are intensifying their attacks.

A well-targeted attack could cripple financial institutions or air traffic
control systems or expose U.S. secrets to enemies.

Chertoff said there are too many openings into government networks for
criminals to explore and exploit with viruses or other malicious code.

One of the homeland security department's goals is to winnow the number of
Internet access points into government agencies from the thousands that
exist today to about 50, Chertoff said. He gave no timetable or details on
how the plan would be implemented.

Chertoff's speech focused heavily on his pitch to recruit private-industry
security researchers as the government beefs up its cybersecurity staffing.
The government needs to recruit from private industry because many critical
networks are operated by private companies and they need each others'
expertise, he said.

He did not say how many new cybersecurity jobs the agency wants to fill with
private-industry professionals, but he said the initiative is a high
priority because the power of the government alone is "insufficient" to
fully combat the threat.

"The federal government cannot promise to protect every system or every home
computer from attack," he said.