Jul 30, 2011

Pentagon, CIA Open Targets for Crippling Cyber Attack? Country’s Electrical Grids, Power Plants May Also Be Unprotected

Aaron KleinBy Aaron Klein
Klein Online

Twitter Facebook RSS Contact Amazon

Is the U.S. government, including the CIA and Pentagon, an open target for a crippling cyber attack?

Are the country’s major industries, such as electrical grids and nuclear facilities, properly protected for the looming, major threat of cyber terrorism?

There are multiple developments indicating the Obama administration has been slow to shore up critical infrastructure, which may be ripe for attack in a new age of cyber warfare.

Randy VickersJust last week, U.S. cyber security chief Randy Vickers resigned following a string of cyber attacks on the websites of various U.S. government agencies.

Earlier this month it was reported 24,000 Defense Department files were lifted from the Pentagon in a hack attack by what was believed to be a foreign group.

Also, recent months witnessed several high-profile hacker attacks against the Pentagon and public websites such as the CIA and U.S. Senate.

Vickers abrupt departure was the second high-profile resignation from the Department of Homeland Security’s cyber security department in the past few months. Philip Reitinger, the top cyber official for the department, resigned in May.

There have been six different directors of the DHS’s cyber department in the past seven years.

Colleagues of a former department director, Mischel Kwon, told the Washington Post in 2009 that Kwon resigned that year because she was frustrated by bureaucratic obstacles and a lack of authority to fulfill her mission.

In March 2009, another Homeland Security cyber security official, Rod Beckstrom, resigned, citing a lack of support inside the agency and what he claimed was a power grab by the National Security Agency.

Earlier this week, government officials testified before a U.S. House Subcommittee that the country has been slow to beef up its IT security despite numerous known threats,

The hearing reportedly also examined the Obama administration’s progress in safeguarding private-sector networks that are considered part of the country’s critical infrastructure, such as the electric grid and nuclear power plants, against cyber-threats.

Gregory Wilshusen, the director of information security issues at the Government Accountability Office, told lawmakers the administration has implemented only two of 24 recommendations from the president’s cyber-space policy review.

Sean McGurk, director of the National Cyber-security and Communications Integration Center at the Department of Homeland Security’s cyber-division, warned during the hearings the nation’s critical industries may be open to Stuxnet, the worm that reportedly crippled some of Iran’s nuclear infrastructure.

Stuxnet works by infiltrating systems run by Siemens. McGurk noted there are approximately 300 critical U.S. infrastructure companies using the Siemens systems that the Stuxnet worm could compromise.

President Bush in 2008 stepped up efforts to combat cyber warfare by creating a new agency to deal with the threat.

Roger Cressey, a former Bush administration official stated at the time Bush’s creation of a new coordinating group on cyber security “reflects a concern that government networks have been compromised at an unprecedented level.”

“The very fact that the president signed a cyber security presidential directive in the last year of his administration reflects that the current approach the government is taking is not working,” Cressey said.

Meanwhile, under the Obama administration, the new coordinated body was folded into the Homeland Security Department.

According to a White House cyber security proposal, the Department of Homeland Security would take the lead role in protecting non-military networks such as power grids and transportation networks.

Last week, WND reported an elite team of computer technicians assembled by the Obama administration to protect Pentagon networks from cyberattack shockingly includes a former Clinton official who “lost” thousands of archived emails under subpoena and who more recently left the Department of Homeland Security under an ethical cloud related to her qualification.

The Obama administration in May delivered a comprehensive cybersecurity strategy to Congress.

The White House also released its International Strategy for Cyberspace, which details a U.S. strategy to foster international cybersecurity cooperation.

Related Links

Hackers hit another FBI contractor - GMANews
U.S. Government Fears Stuxnet Virus, Challenges Cyber-Defense - Mobiledia
Cyber crimes becoming more and more prevalent - NECN
Cyber Defense Agency Faces Challenges From Within - HuffPost Tech
China vs. U.S.: The cyber Cold War is raging - CNNMoney