The Feds Are on the Case, Finally


At Black Hat 2008 last week in Las Vegas, James Finch, assistant director of the FBI's cybercrime division, told attendees there is a lot of activity among crackers attacking the United States.


That's not a surprise, of course. Dark Reading references recent international attacks emanating from China against the UK. The fighting between Russia and Georgia that began last week is likely to lead to problems beyond the cyber warefare that previously had been reported between the two nations.


Black Hat is a good place to get a sense of how well our government is in protecting federal networks because, at least on the surface, officials seem to let their hair down a bit. This piece details comments made by Rod Beckstrom, the director of the Homeland Security Department's National Cyber Security Center. It is unclear if these comments were made during the same presentation attended by Finch.


Beckstrom is heading up a new initiative that he said still is in the information gathering phase. Currently, the system lacks a risk management strategy in which costs are measured against the value of the security steps being taken. This is especially important after the program is in effect for a while, since sharp improvements in security are likely when a program is initially instituted.


Such measures are important. For instance, this GCN piece says that less than one-third of government laptops are encrypted, which is quite unfortunate considering how often they seem to disappear. Clearly, a crash encryption program will have great initial benefits. Going forward, however, determining if every device needs to be encrypted and which can safely be carried in the clear would require a deep understanding of how the government uses these devices. This piece describes the National Cyber Security Initiative. The initiative will be quite comprehensive, with 12 components. The story describes the most evolved element, the Trusted Internet Connections program, which began in November of 2007 under The Office of Management and Budget. The eleven other elements of the initiative, which could run to $40 billion, are touched upon. Hopefully, the complexity of the structure, or the politics that by necessity surrounds such initiatives, won't lead to confusion and delays.


The cyber security struggle between nations happens behind the scenes. The signs -- at least from small perspective available to an outsider -- is that the government is getting more serious and, perhaps belatedly, bringing in experts and creating structures capable of protecting our federal cyber infrastructure.