Posts Tagged ‘white house’

Melissa Hathaway, who was appointed earlier this year to conduct a 60-day review of the cyber security efforts of the U.S. Government, presented at the RSA Conference on information security, with the report set to be released in a few days.

Melissa notes that our global digital infrastructure is neither secure nor resilient, driven by interoperability and efficiency rather than security. She notes that previous attempts at cybersecurity have been made in isolation and have failed; the Federal government is not organized to address this growing issue because responsibilities for cyberspace are distributed widely across federal departments and agencies.

During the 60-day review, the cybersecurity team identified 250 needs, tasks and recommendations for a national cyber security plan. The recommendation outlines a top-down approach to cyber security, with the White House leading the way and overseeing and working with other government agencies, State and local stakeholders, as well as those in academia and the industry.

Protecting cyberspace requires strong vision and leadership and will require changes in policy, technology, education, and perhaps law. We need to demonstrate abroad and here at home that the United States takes cyberspace issues, policies, and activities seriously. Achieving this vision requires leadership and commitment from the highest levels of government, industry, and civil society.

Here’s a video of Melissa’s speech:

The speech, if somewhat repetitive and littered with political fluff, does hint at many changes to come. Almost nothing was specified yet, and many are critical of it. Let’s hope the report released in a few days will specify a bit more. Attempting to muster resources on the National and International level, across the government and private sectors, won’t be an easy task!

Download Melissa Hathaway’s prepared remarks here [PDF]

The Financial Times reports that Chinese hackers penetrated the White House computer network on multiple occasions, obtaining emails between government officials. On each hacking incident, the cyber criminals were able to steal information before the White House security systems and professionals could patch the security holes.

The new insight comes on the heels of another report that the presidential campaigns of Barack Obama and John McCain were hacked over the summer. The FBI and Secret Service revealed to each Obama and McCain that large amounts of files had been stolen as related to policy positions – information that may be useful in future negotiations with the U.S. administration. The hack came from a “foreign entity”, either Russian or Chinese.

Subsequent reports indicated that the attacks on the Obama and McCain systems came from China, and that other cyber attacks have been made on the White House from the same source. E-mail archives were attacked several times in recent months, a constant “cat and mouse” game with defenses going up each time a new attack was detected.

It is difficult to trace the exact source of the attacks. It is reported that, as far as the White House attacks go, only the unclassified network was breached. That doesn’t mean the information was not valuable or sensitive, nor that classified information was not present.

Also in Government related news:

• Google shares health searches with government (CNet)
• Inmate hacked prison network, broke into employee database (Register)
• Hackers buy their way into Obama search results, seed malware (Times Online)
• FTC grants delay in enforcement of ‘red flags’ identity theft program (TFC)
• IRS rolls out system with known security issues [PDF] (.Gov)
• Nevada, Massachusetts roll out new data privacy laws (WSJ)

For more information on Absolute’s services for the Government sector, read here.

Via CNet image: barackobama.com