Is the US Cybersafe? Probably Not!

Posted on May 4, 2009 by Peter Vogel

After a three-year study a panel (of former military leaders and IT professionals) from the National Academy of Sciences reported that the US has no clear military policies for cyberattacks. Notwithstanding a recent blog about the NSA exceeding its authority to intercept email, we are not much safer from cyberattacks. One would have to live under a rock to have not noticed the significant number of system breaches. As a matter of fact as pointed out in other blogs, LexisNexis just warned 32,000 individuals about data breaches that personal information may have been improperly accessed in a credit card scheme as far back as 2004.

Proposed Federal Legislation to Update FISMA

The US Congress will be considering an update to FISMA (the Federal Information Security Management Act) called the "U.S. Information and Communications Enhancement Act of 2009." This proposed Act will create hacker squads to test defenses of agency networks, and the agencies will be required to show how they can effectively detect and respond to cyberattacks. Currently there are only about five federal agencies who conduct this type of testing.

Cyberattacks From Within

A former Sysadmin (System Administrator) recently pled guilty to a charge of cyber extortion by threatening his former employer and faces up to five years in prison and a fine of $250,000. After the Sysadmin was terminated last year he complained about the severance and threatened to cause extensive damage to his former employer’s systems. Apparently he left many back doors in the systems he managed that allowed him to enter and cause havoc, which of course as a Sysadmin he had the authority to do so.

How Safe Should We Feel?

Hopefully the US should get control of cyber security because it seems patently obvious to the most casual observer that at this time the US is extremely vulnerable. Maybe spending the US should $19 Billion on cyber security rather than on Electronic Health Records (EHR) since the US is so dependent on the use of the Internet today, and the US’s dependence on the Internet will only increase. Cyber safety is more critical than EHR.
 

Tags: , , , ,

Are We Any Safer Because the NSA Exceeded its Authority to Intercept eMails?

Posted on April 30, 2009 by Peter Vogel

A report that the National Security Agency (NSA) exceeded its authority by intercepting emails and phone calls of Americans make some people feel safer, and others wary. Many speculate that these massive email and phone call interceptions are systematic and intentional. For instance the Electronic Privacy Information Center (EPIC) and Electronic Frontier Foundation (EFF) have been following NSA’s activities for some time and are alarmed at NSA’s actions.

US Patriot Act

In the wake of September 11 terrorist attacks on October 26, 2001 President Bush signed the US Patriot Act after passing both houses of Congress in less than one day. The US Patriot Act gave the federal government unparalleled power to search emails and private communications without many checks and balances in the name of protection from terrorists. The US Patriot Act was renewed in 2005 substantially without major change. Congress and US citizens want certain protections, but EPIC and EFF are concerned that the US Patriot Act is too broad.

Increased in Criminal Data Breaches

Reports that there have been a significant increase in data breaches by organized crime is hardly surprise, but it seems that NSA’s efforts in searching emails and phone calls have not really paid off to make our Internet a safer place in which to conduct business. Last year there were more than 100 confirmed data breaches involving roughly 285 million consumer records, most of which occurred from sites overseas. There needs to be a balance between safety from bad guys and protection of civil liberties.
 

Tags: , , , ,