[Infowarrior] - Report labels U.S. computer security "embarrassing"
Richard Forno
rforno at infowarrior.org
Fri May 1 13:02:17 UTC 2009
Report labels U.S. computer security "embarrassing"
Wed Apr 29, 2009 3:28PM EDT
http://tech.yahoo.com/blogs/null/141067
In his first days in office as President, Barack Obama ordered a
report to be generated investigating the state of our "cybersecurity"
infrastructure, concerned with how our computer networks could
withstand threats from terrorism and other attacks.
Now that report is in, and the results are sad, filled with terms like
"broken," "childlike," and "embarrassing."
The report and experts in the industry point to our antiquated
approach to computer security as the primary reason for the rotten
verdict: User names and passwords have been the basis for security
protocols since the beginning of computing, and now experts are saying
that method is simply obsolete, unable to compete with hackers who've
long since figured out ways to steal or crack passwords on a massive
scale.
Already politicians are looking for ways to beef up the nation's
security infrastructure. One noteworthy bill would give to the
president the power to disconnect just about anyone -- government,
business, or individual -- from the Internet in the event of a
national computer security emergency.
But naturally, the security industry would prefer to address the issue
from a prevention standpoint rather than the blunt tactic of pulling
the plug when an attack is detected. Those technologies include the
use of token-based authentication (as with smart cards or
code-generating gizmos that constantly change your password),
biometrics, and other related tools.
Meanwhile, attacks continue to arrive online from all fronts, not just
consumer-level malware attacks that leave many users panicked and cost
billions to clean up, but organized infiltrations into essential
computer networks too, as was the case with the recent,
well-publicized invasion into the national power grid earlier this
month.
The official government report will be formally opened up for review
and comment by the public in the coming days.
More information about the Infowarrior
mailing list