I’m actually fairly sympathetic to the notion that we need to get much better at defending our network infrastructure against attacks. I’m fairly supportive of the notion that one agency within the government should take the lead on the project.
But the news that Bush has assigned that role secretly…
President Bush signed a directive this month that expands the intelligence community’s role in monitoring Internet traffic to protect against a rising number of attacks on federal agencies’ computer systems.
The directive, whose content is classified, authorizes the intelligence agencies, in particular the National Security Agency, to monitor the computer networks of all federal agencies — including ones they have not previously monitored.
Until now, the government’s efforts to protect itself from cyber-attacks — which run the gamut from hackers to organized crime to foreign governments trying to steal sensitive data — have been piecemeal. Under the new initiative, a task force headed by the Office of the Director of National Intelligence (ODNI) will coordinate efforts to identify the source of cyber-attacks against government computer systems. As part of that effort, the Department of Homeland Security will work to protect the systems and the Pentagon will devise strategies for counterattacks against the intruders.
And the news that cyber-defense still focuses exclusively on government networks…
Supporters of cyber-security measures say the initiative falls short because it doesn’t include the private sector — power plants, refineries, banks — where analysts say 90 percent of the threat exists.
"If you don’t include industry in the mix, you’re keeping one of your eyes closed because the hacking techniques are likely the same across government and commercial organizations," said Alan Paller, research director at the SANS Institute, a Bethesda-based cyber-security group that assists companies that face attacks. "If you’re looking for needles in the haystack, you need as much data as you can get because these are really tiny needles, and bad guys are trying to hide the needles."
…Doesn’t give me a whole lot of confidence that this is being done right.
Though I will say this. The news that Michael Chertoff’s badly managed and contractor dominated Department of Homeland Security is no longer slotted to take the lead on this is one bit of good news.
A proposal last year by the White House Homeland Security Council to put the Department of Homeland Security in charge of the initiative was resisted by national security agencies on the grounds that the department, established in 2003, lacked the necessary expertise and authority. The tug-of-war lasted weeks and was resolved only recently, several sources said.