Friday, April 20, 2007

The Other National Security

In warfare, an important tactic is to take out the enemy's command and control systems, thereby disabling the ability to manuever and respond effectively. In the modern world, information systems are a key component of command and control. Information systems are critical to commerce, health care, public safey and many other essential aspects of life. That's why I'm uneasy to read that government information systems and networks are increasingly at risk of attack by hackers and other threats.
Federal computer networks are being targeted on an unprecedented scale and recent high-profile compromises at two key federal agencies are likely just the most visible symptoms of a government-wide security epidemic, government security experts told a congressional oversight committee today.

[...]

"These attacks didn't affect just the federal government, but also the private sector, state agencies and other national governments," Sachs said in an interview during a break at Thursday's committee hearing. "What we don't know is what they were able to do, what did the attackers do after that? There is just no telling."

[...]

Federal agencies are fending off and cleaning up digital attacks against their information systems on a scale never seen before, said Jerry Dixon, director of the Department of Homeland Security's National Cyber Security Division. In 2006, the NCSD received reports of nearly 24,000 security "incidents," activity that ranges from attackers probing electronic networks for security holes to computer virus infections to cases of unauthorized access to government information resources. The NCSD is already on track to receive more than double that number of incident reports in 2007, Dixon said.

I can only imagine the size, complexity and difficulty of maintaining the massive systems that carry the information on which we all rely. I'm amazed that the system works as well as it does most of the time. I can also imagine how difficult life would be in the event of a wholesale failure. Information security is crucial for public and private health, safety and welfare.

That's why information systems and networks are perfect targets for America's adversaries. The investment is low; all they need is a computer and an internet connection. Disrupting a computer network doesn't produce the spectacular casualties of blowing shit up but it can wreak havoc that will cost the victim dearly. Combined with a blowing shit up attack, a network attack will compound the damage.

Perhaps a "surge" would do some good here.

Labels: ,

1 Comments:

Blogger BadTux said...

A "surge" would require hiring competent people, which in turn would require paying private enterprise rates. Ever since Ronald Reagan destroyed the federal retirement system and forced federal employees into Social Security instead, talent has been bleeding out of the federal government like blood out of a gut-shot Iraqi. At one point in time, people would go to work for the federal government for 30 years, retire, then go to work for another 15 years in private enterprise to qualify for Social Security. Then they would retire with a secure income for the rest of their lives. Ronald Reagan destroyed that, and the quality of federal workers has been declining ever since as the federal government no longer is capable of hiring the best and the brightest who once would trade high pay for long-term security.

When I was working for a coalition of school boards, the Office of Civil Rights swooped in one of my districts and demanded a printout of every discipline referral so they could assure themselves that the district was not being mean to those poor innocent little black boys (i.e., they wished to verify that equal offenses got equal consequences). I offered to give them a computer disk with a comma-delimited database of referrals that could easily be sucked into a spreadsheet for doing the sort of calculations they wanted. They refused the offer, they wanted the printouts instead, because they had nobody on staff with the capability to do a simple database import. Instead they would re-type the referrals by hand into an antique program left over from the Nixon administration that would give them statistical results for various offenses.

That's the level of computer knowledge at the federal government level now. And it's not getting any better, and will never get better as long as there is no reason to work for the government rather than private enterprise (harumph, if I want to pay into Social Security I can do that at a private employer and not have to deal with all that political bullshit and low pay to do it).

-- Badtux the IT Penguin

7:42 PM  

Post a Comment

<< Home