The Public Eye with Eric Chabrow

Feds Earn a "Solid B" Grade

Feds Earn a "Solid B" Grade

As the first chief information officer of Homeland Security first at the White House and then at the newly formed department earlier this decade -- Steve Cooper likely had the toughest job in IT at the time. He understands the challenges of securing IT as well as anyone. So, I e-mailed him several questions regarding this past week's breach of key government websites, including the White House. Here are his answers:

How well do you feel the U.S. government responded to these attacks?

Probably a solid B. It appears that there was rapid identification of the attacks on targeted sites and many of the source addresses were blocked quickly. The sites attacked, for the most part, do not appear to be mission critical.

Remember, given the nature of the Internet, almost any site can be weighed down, even by legitimate connection requests. The more agile and responsive attacked sites are, the more likely they will be able to provide essential information in a stressed environment.

It is important to understand that the vulnerability used by this attack was on the personal computers of average people. The attackers planted software on the personal computers with a list of targeted sites for them to attempt to connect to. the number of connection requests then overwhelm the sites' capabilities so the site is not available to respond to legitimate request for access - hence denial of service. In this case, many of the PCs used were overseas so that the blocking of oversea sites made U.S. sites more available. If the attack had been more concentrated on using the personal computers of U.S. citizens, it would then be more difficult to sort out the legitimate requests.

What do these attacks tell us about our cyber defense?

These attacks may indicate more about the Internet than they do about our federal cyber security. While I can give you the affirmative stuff we do, I would also like to say something along the lines of this being normal Internet "pollution" and part of the "cost of business" of using a media that has free and open access to the whole world. Let me offer a coarse analogy. If you offer public bathrooms you are going to have to go in and clean up stuff periodically.

What short-term steps should the government take to secure these websites?

The federal government is working to ensure that our websites are as secure as possible, and there are always new improvements.

A key issue involved is the need to balance the privacy and other concerns of the citizens (for example, access to helpful information; transparency of government) with security. We could always require people to log on and lock down services, but repeatedly the feedback from citizens is they want anonymous access and wide range of video and other security risk prone services; they clearly communicate this is a higher priority for them.

In the long term, the government is working with industry to place and use sensors that will help us to identify which of these attacks are really against the internet and internet services and which are specific attacks on other targets. We also need to work with industry and international consortiums to formulate effective response plans to all these attacks.

What question should I have asked you and didn't, and what is your answer?

A similar attack that we have seen is the attack against the Domain Name Servers (DNS) that allow us to navigate the Internet. The government is working to implement a protocol of Secure DNS for the top level of the .gov domain, but more needs to be done throughout the Internet. We need to ensure citizens are always able to reach our secure services - if they can't, then we still have a problem.


About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.