Forgot your password?
typodupeerror
Security The Internet United States

FBI Warns of Sweeping Global Threat To US Cybersecurity 134

Posted by CmdrTaco
from the only-a-matter-of-time dept.
GovIT Geek writes "The FBI's newly appointed chief of cyber security warned today that 'a couple dozen' countries are eager to hack US government, corporate, and military networks. While he refused to provide country-specific details, FBI Cyber Division Chief Shawn Henry told reporters at a roundtable that cooperation with foreign law enforcement is one of the Bureau's highest priorities and added the United States has had incredible success fostering overseas partnerships."
This discussion has been archived. No new comments can be posted.

FBI Warns of Sweeping Global Threat To US Cybersecurity

Comments Filter:
  • by twitter (104583) * on Thursday October 16, 2008 @09:47AM (#25399893) Homepage Journal

    'a couple dozen' countries are eager to hack U.S. government, corporate and military networks. While he refused to provide country-specific details

    Where have I heard that before? Oh yeah [senate.gov].

    While I cannot take the time to name all the men in the State Department who have been named as members of the Communist Party and members of a spy ring, I have here in my hand a list of 205.

    But the second quote happened at the beginning of a horrible paranoia based on a real external threat. We still have the apparatus of that paranoia, though most of it was outlawed in the late 1970s and the only credible external threat is now our largest trade partner and "most favorable nation." Today we have secret "terrorist" blacklists with more than a million names. Domestic spying, especially web based spying, has jumped to levels that would make the freedom loving senator from Wisconsin angry. Anti-death penalty and peace groups are among those watched. Shame, isn't it?

    Shoring up the nation's IT against spying is as easy as dumping the prevalent non free software used by most big dumb companies. This would also save the country hundreds of billions of dollars in licensing fees and other headaches unique to non free software. The problem is that it would make wiretapping very difficult or impossible.

    • by HungryHobo (1314109) on Thursday October 16, 2008 @09:54AM (#25400055)

      FOSS software isn't immune, there have been some terrible security flaws which have gone unnoticed for a long time. Of course proprietry software has even more flaws but profits pay for a team of guys in nice suits to give powerpoint presentations on how good it is and take the head of purchasing out to dinner.

      I would be very surprised if there weren't a few NSA plants in the dev teams of some of the more popular linux distros. How hard would it really be for a tallented coder to slip in a few subtle flaws to be exploited later if he's on the dev team and in every other way does the job very well.

      • by Anonymous Coward

        NSA infiltrated debian's openssl package maintanence?

      • by Mister Whirly (964219) on Thursday October 16, 2008 @11:33AM (#25401547) Homepage
        Why need to be sly and plant agents? The NSA can just go to whatever corporation and say "We want this" and 9 times out of 10 the corporation will hand over whatever they are asking for without any hassle.
      • That would be FreeBSD... Just compile your own kernel and remove their backdoors.
        • Show me an easy way to find the backdoors...

          • Just use tcpdump on a transparent firewall with stealth enabled. Combined with arpcop, you'll figure it out pretty fast. Then track the port down to a process/thread and see how it got started. For the "sneaking into unused bits on IP headers" version you'll have to look a little deeper into the packets and possibly verify source code and use signature verification.

            The easier way is to just read the all the kernel header options and turn off the ones that say NSA_BACKDOOR or something similar(e.g. undocum
            • backdoor doesn't have to mean a port sitting open.
              It can be a weakness in the RNG, a constant in an encryption scheme etc.

              So ya, your idea for commenting out the NSA_BACKDOOR headders is the best one.

              • No, a weakness in the RNG or an encryption weakness would be spotted quickly. One can make a quick $10,000 just for spotting those...
                • I really don't want to keep pointing at the debian fiasco because personally I really like open source but it's a perfect example of a big huge problem which wasn't spotted despite these things.

                  Open source is better than closed but it isn't some magic bullet which fixes everything.

                  • I think the fact that is WAS spotted speaks for open source more than against it. The mere fact that so many people use and develop it almost guarantees eventual peer-reviewing of code. What this means is that if it can happen in an open peer-reviewed product, it can happen in a closed peer-reviewed project. I hate to keep bringing up the Micro$oft fiasco...

                    The only other backdoor that could be used without requiring a port is a hardware backdoor, such as in the Macs, NICs, certain processors, and certai
          • If you've got an Apple, the backdoor is in the hardware so yer screwed.
    • by zappepcs (820751) on Thursday October 16, 2008 @09:59AM (#25400123) Journal

      I hope you are modded up handily.... what you say is the truth, and the only reason that such information makes the news. If govt. agencies were doing their job as prescribed, it would not be news. This is simply creating a new evil-doer to distract the minds of Americans while the government continues it's wholesale grab of liberties and Constitutional pinata frenzy.

      Mr Orwell would be happy to note that in 4 more years, most Americans will be on a terrorist watch list, augmented heartily by those signing up for unemployment benefits. How much farther down this rabbit hole must we go before government whistle blowers become folk heroes? Will our grandchildren hear stories of Babe the blue ox, superman, and joe whistleblower? I hope so.

      • by houstonbofh (602064) on Thursday October 16, 2008 @10:28AM (#25400561)

        How much farther down this rabbit hole must we go before government whistle blowers become folk heroes? Will our grandchildren hear stories of Babe the blue ox, superman, and joe whistleblower? I hope so.

        I hope not! That means that whistle blowers are so rare that they must be celebrated. I hope they are more common than bus drivers.

        • by gstoddart (321705)

          I hope not! That means that whistle blowers are so rare that they must be celebrated. I hope they are more common than bus drivers.

          God, I hope not. Because that would mean wrong-doing was so widespread as to be something we tune out and don't really pay any attention to.

          However, I wholeheartedly agree with your point.

          Cheers

      • Re: (Score:3, Interesting)

        by Fluffeh (1273756)
        Superman is on a list. So are all the other people who wear their undies on the outside. He is likely to be one of those sex offender types. Seriously. And Joe Whistleblower? He blew his last whistle trying to protest in a safe zone away from everyone else where the media couldn't have access to him.

        I really worry about the direction of America. For such a powerful country in the world, your government is really really managing to dick things up.
    • Shoring up the nation's IT against spying is as easy as dumping the prevalent non free software used by most big dumb companies.

      It's missing something along the lines of:

      This message has been brought to you by Symantec Corporation. Try our new Norton Internet Security for 30 days free!

      • by nschubach (922175)

        Or, you have violated 235 of their (laws|patents) and they intend on receiving (taxes|royalties) for it from the (citizens|users) in order to properly fund their (job|development).

    • by Andr T. (1006215)
      Ok, I'm not an American, but could this be a part of an effort to make the country remember the 'international threats' and remember how the Republicans handle the security issues 'better' than the Democrats?
    • Shoring up the nation's IT against spying is as easy as dumping the prevalent non free software used by most big dumb companies. This would also save the country hundreds of billions of dollars in licensing fees and other headaches unique to non free software. The problem is that it would make wiretapping very difficult or impossible.

      Doing that would only stop the common 'script kiddie' type hacker from exploiting the nations IT (via pre-built tools and well documented methods), and even then only for a limited time. In effect it would prove to be more of a boon to 'serious' attempts to attack the nations business and military IT systems. FOSS software is swiss cheese for security, it's just that not many people eat it and therefore don't realise it has so many holes.

      • by somersault (912633) on Thursday October 16, 2008 @11:21AM (#25401355) Homepage Journal

        FOSS software is swiss cheese for security, it's just that not many people eat it and therefore don't realise it has so many holes.

        And gross generalisations are always wrong too! Like this one.

        It really depends on the project. Most obvious projects to look at: Apache, PGP, Linux, etc. Very widespread adoption, and nothing like 'swiss cheese' in terms of security. FOSS software can be amazingly secure with the right guidance.

        Twitter is making gross generalisations too, of course.

        A well conceptualised FOSS project can obviously be just as good as any well conceptualised cllosed source project. Popular Open Source projects will be able to have more developers looking over the code though, and are likely to thank people for disclosing security vulnerabilities, and patch them up quickly. Sometimes closed source vendors get really pissed off when people disclose vulnerabilities - even when they've been given a while to get a patch sorted out and have done nothing about it.

        • Agreed.

          Without sarcasm, I should of added 'Nearly all' at the start of that line.

          And yes, any software with widespread adoption is much more likely to have built up it's immune system.

          Nearly all of FOSS software has very limited adoption.

      • Re: (Score:3, Funny)

        by teh kurisu (701097)

        Closed-source software is swiss cheese as well, but you're forced to eat it with your eyes closed, and this means that you can't see the holes.

        Cheese analogies are much more fun than car analogies!

    • You have a very interesting way of laying out. Funny how that instead of 2001 A Space Odyssey, we got 9-11-2001, oddly? Hal got together with Big Brother after 1984, realizing we weren't minding the storehouse of brains.
    • by moogyboog (648958)

      This just increases' paranoia and anxiety, what a waste of taxpayer dollars.

    • by symbolset (646467)

      Twitter, I like you.

      I hope you have carefully considered your position here. The first rule of an revolutionary is plausible deniability.

      Times are changing. Everything here is well recorded. If you would continue in this vein I would recommend at least that you get some offshore hosting and anonymous accounts.

      Also, recommend you read Heinlein's early works.

  • by Anonymous Coward on Thursday October 16, 2008 @09:47AM (#25399899)

    I'm now worried that mine's at risk.

    • by Fred_A (10934)

      I'm now worried that mine's at risk.

      That was my first question as well. At least I'm not in the US so maybe my cyber is safe.

      • Re: (Score:2, Funny)

        by orclevegam (940336)
        So long as it doesn't keep me from sending my internets I'm not worried. Now just the other day one of them companies dumped a tremendous amount of data in the tubes and it buried my internets. If you get some of that tremendous amount of data could you look through it and see if maybe one of my internets is stuck in there somewhere?
    • Cyberspace is my guess, the topic field probably cut it off.
      • the topic field probably cut it off.

        Please. Most likely it was a stray lolcat.

        He's in ur cybers, stealin ur pace.

    • Don't worry no one wants to listen in on any of the /. crowd's cyber...
    • by xaxa (988988)

      Help! Help! My subculture [wikipedia.org]'s at risk!

    • When I read the title "FBI Warns of Sweeping Global Threat To US Cybersecurity" my first thought was "The FBI is complaining about the NSA?".
  • no kidding? (Score:5, Funny)

    by Utini420 (444935) on Thursday October 16, 2008 @09:47AM (#25399917)

    News Flash: Guy in new job declares new job important!

    • Re: (Score:2, Funny)

      by gsslay (807818)

      Don't mess with this guy. He has an army of cybermen [wikipedia.org] ready to invade the planet!

      Well, either that, or a very silly job title.

      • by Jesus_666 (702802)
        To me it sounds like something from Megaman Battle Network. Actually, given the inanity of some of the laws recently passed in the USA it shouldn't suprise us to see Official Netbattler as a real job title soon...

        However, while I'd like to think that the FBI has dozens of snotty kids with utterly professional and capable navis on its payroll, most likely all they have are a couple HealNavis with one MiniBomb J each.
    • Maybe his job is important, given all these studies showing that we are more at risk than ever. eg The recent report from the Georgia Tech Information Security Centre [computerweekly.com] saying that all our security is way behind what the hackers use.
    • by theaveng (1243528)

      News Flash:

      Do what they did on the Battlestar Galactica (don't use externally-connected networks), and you won't have to worry about being hacked by Cylons..... er, terrorists and spys.

    • by gstoddart (321705)

      News Flash: Guy in new job declares new job important!

      And, in an astonishing correlation, guy who has been in same job for over a decade decrees job pretty mundane.

      Coincidence? I think not!!

      Cheers

  • Well... (Score:2, Funny)

    by grub (11606)

    Don't worry, if McCain wins he'll make Joe the Plumber his special advisor on such issues.
  • by Garrick68 (1165999) on Thursday October 16, 2008 @09:50AM (#25399967)
    and here come the cries from the government "Quick we pass these laws to protect us!!!" Yeah right...
    • No. They will either A) wait until some major government site gets hacked or B) stage a fake 'cyber attack' on U.S. government infrastructure, and when everyone and their mother is inconvenienced or hurt in some way, then they'll ask for new laws. Which The U.S. populace will be all too willing to submit to.

      Sound familiar?

  • by KeithIrwin (243301) on Thursday October 16, 2008 @09:51AM (#25399987)

    Threats against cybers? Uh-oh. I've been cybering all morning. Heck, I even did cam to cam once. No global sweepers have threatened me yet, but now I'm scared. I hope they don't hurt me.

  • So use protection [clamav.net].

    Or top truncating titles into something ambiguous, I guess.

  • Cybers? (Score:5, Funny)

    by Digital Vomit (891734) on Thursday October 16, 2008 @09:54AM (#25400039) Homepage Journal
    Since when is it the FBI's mandate to protect online sex chatting?
    • it's part of their two-pronged attack against child exploitation.

      They will watch you cyber to assure there are no children involved, but assure protections so others don't watch you cyber.

      I hope your fetishes involve spectators : )

  • What... (Score:5, Insightful)

    by cosmocain (1060326) on Thursday October 16, 2008 @09:54AM (#25400045)
    ...an abundant interview:

    . While he refused to provide country-specific details[...]

    He then hinted that an announcement[...]

    Henry would not comment in detail[...]

    He shied away from commenting[...]

  • No duh... (Score:3, Informative)

    by cavis (1283146) on Thursday October 16, 2008 @09:54AM (#25400059)
    So a newly appointed government official announces something that we in the network world have known for years and suddenly it is news? I think that anyone who has any amount of experience in computers would know this by now. If I had a dollar for every attack on my network from Asia, I'd take us all to lunch.
  • "the United States has had incredible success fostering overseas partnerships." Of course they have. If you are friends and are given access to the US networks you don't have to hack. Far easier to shake a hand in a photo than it is to wait for a ssh keygen to work.
  • by petes_PoV (912422) on Thursday October 16, 2008 @10:03AM (#25400169)
    what's the point of having a cyber-tzar if he (or she) is then going to turn around and tell you everything's fine?

    Of course he will talk up the threat - that's his job. Since there's no way that these intangibles can ever be measured, he's on pretty secure ground too. If no threats materialise it's because of his vigilance and the skill of his team - not because there were never any real threats to begin with.

    If a threat does turn into a real attack - well, he needs more money, powers and curtailed freedoms to ensure it doesn't happen again.

    • Re: (Score:3, Interesting)

      by JCSoRocks (1142053)
      I'm going to go cry in a corner because of how absolutely right you are and how horribly depressing that is. The last line in particular pretty much sums up the last 7 years.
    • Since there's no way that these intangibles can ever be measured..

      What are you talking about?

      Don't you know the recording, software, and film industries lose hundreds of billions of trillions of dollars a year to p2p piracy?!!

      These things CAN be measured.. why just recently the chairman of the fed said a mere 700 billion dollars would fill the potholes in our credit industry!

      (for the million /whooshes about to happen .. /sarcasm)

  • Job Security 101 (Score:3, Informative)

    by mpapet (761907) on Thursday October 16, 2008 @10:05AM (#25400199) Homepage

    There is no doubt there are bad people that would like to do bad things to others in the world, but why anyone takes this kind of propaganda seriously is beyond me.

    It's more than likely the amount of funding he gets is directly proportional to the amount of fear mongering produced.

    • by causality (777677)

      There is no doubt there are bad people that would like to do bad things to others in the world, but why anyone takes this kind of propaganda seriously is beyond me.

      It's more than likely the amount of funding he gets is directly proportional to the amount of fear mongering produced.

      Not to mention, that "of course" this means that the only way to be "safe" is to increase the size and police power of government. Why, that's always the solution now that you've had problem and reaction! When we all learn the goose step, just think of how incredibly wonderfully SAFE we'll all be!

    • There is no doubt there are bad people that would like to do bad things to others in the world, but why anyone takes this kind of propaganda seriously is beyond me.

      It's more than likely the amount of funding he gets is directly proportional to the amount of fear mongering produced.

      This is probably why you didn't hear much about terror attacks before 9/11 yet after the building goes down everyone screams its the governments fault for not telling us about these threats. Not everything is propaganda, sometimes people really do want your ass.

  • by Anonymous Coward

    FBI Cyber Division Chief says other countries are trying to hack in to their systems.. if we disband the government we won't have any threat!

    We win both ways.. we don't have the paranoid threat of having to deal with terrorists attacking "our government", nor do we have to worry about "our government" attacking us... again.

  • by pete-classic (75983) <hutnick@gmail.com> on Thursday October 16, 2008 @10:06AM (#25400215) Homepage Journal

    Aight, I put on my robe and wizard hat.

    -Peter

  • by jznomad (1007829) on Thursday October 16, 2008 @10:09AM (#25400251) Homepage
    http://defensesystems.com/Articles/2008/10/Air-Force-demotes-Cyberspace-Command.aspx [defensesystems.com] The Air Force announced last week that it has backed off even further from its grand plan to establish a cyberspace command as the military entity primarily responsible for securing and conducting offensive operations in cyberspace. The Air Force launched a provisional Cyberspace Command more than a year ago and scheduled a formal command launch for Oct. 1. However, officials delayed that effort after the departures of Air Force Chief of Staff T. Michael "Buzz" Moseley and Air Force Secretary Michael Wynne, who were fired for incidents involving the mishandling of nuclear detonators and weapons.
    • by jznomad (1007829)
      Also: http://www.fcw.com/online/news/154063-1.html [fcw.com] The government officially has begun to formulate a national research and development agenda for âoegame-changing ideas" as part of the multiyear, multibillion-dollar, governmentwide effort to secure cyberspace through the Comprehensive National Cybersecurity Initiative (CNCI).
    • he Air Force announced last week that it has backed off even further from its grand plan to establish a cyberspace command as the military entity primarily responsible for securing and conducting offensive operations in cyberspace.

      The real reason they "delayed" that effort is because some twenty-something Captain told the old fogeys that the "space" term in "cyberspace" didn't mean what they thought it meant. They are now working on an "All your Space belong to us" concept - but it's taking a bit longer t

  • Nice way to get more budget, "OMG the terrorists are going to control our nukes from their iPhones!!!11!! You must give us lot of money to protect you".

    I know there are threats, and I know that a lot needs to be done about them, but this kind of scaremongering is getting boring after nearly a decade.

    This is a real problem, there is no need to exaggerate it. You use unsupported hyperbole at your peril, after a while no-one will take you seriously. Especially now, when budgets are under so much scrutiny.

    In many ways these financial problems could be great for civil liberties, constructing a surveillance society costs real money. Just take a look at the UK ID scheme, it will cost billions.

  • China is at the top of the list of countries that want to see us thrown on the trash heap of history. Feel better now? The biggest threat we face, practically speaking, is from people on our own soil.

    One of the major problems we face is Chinese nationals who are now "citizens" (quotes used to denote legal status with no inner patriotism) of the United States. Some of our biggest security violations on classified and controlled technologies have come from people of Chinese descent who have basically retained

    • Re: (Score:1, Troll)

      by 1u3hr (530656)
      in much of the world, ethnicity actually means something pretty profound to the average person. It's one of biggest reasons why people on our own soil betray our trust to foreign governments

      So, David Duke posts on Slashdot?

      Skin colour aside, consider that recent immigrants quite likely have close family members back in the old country, where they can be rewarded, or punished, depending on the immigrants' response to appeals from their original government.

    • by Duradin (1261418)

      The "worst" part about free societies is that it isn't always easy being a citizen of one. The "easier" it gets the less free the society.

      You've got to be willing to take a blow, usually the first one, and not overreact.

      You've got to let the rights that protect you protect the people you hate.

      Strength is not going medieval on someone who hurt you.

      And thank you for reminding me what a scary word loyalty truly is.

      • And thank you for reminding me what a scary word loyalty truly is.

        I seem to recall that the ceremonial daggers carried by the Nazi SS in WWII bore the inscription "My honor is loyalty" on the blade.

    • by piemcfly (1232770)

      China is at the top of the list of countries that want to see us thrown on the trash heap of history

      Can we please stop telling the Chinese how much they hate the USA, before they actually start to believe it themselves?

    • Most Americans just don't get that in much of the world, ethnicity actually means something pretty profound to the average person.

      This is precisely why ethnic slurs offend. Ethnicity is a gestalt. Physical appearance, language, religion, ideology, and folkways are bound in an inseparable unity. To tamper with one part is to violate the integrity of the whole. The very process of naturalization requires the adoption of values different from one's nativity. For some, the resulting identity dissonance may be too great to handle in the long term. Therefore some may attempt to retain their native intentions. For some, this leads to the spe

  • Cybers? (Score:2, Funny)

    by Gothmolly (148874)

    Al Qaeda is on AOL chat rooms asking A/S/L ?

  • Anyone who has trouble explaining exactly what "FUD" is to a parent or whatnot should just send them to this tidbit - it's about as clear-cut an example of Fear, Uncertainty, and Doubt that I've ever seen...
  • I'm sure there's hackers trying to break in to the FBI's computing system all the time, it's just now it's probably gotten so easy and there are so many holes and loose ends to tie up with security, and even if there are people who know what they're doing there, there is no real grand plan for their computer system or security and nobobdy knows how to bring it all together. They're probably also concerned with illegally hacking into other nations' computers and our own. Why should we care about what's wro
    • If the FBI had a system to access, you would not see it on the internet, it would be a separate fiber line, which only certain field agents would have the tools to access. We are talking about national security, they would not take a chance on putting their network accessible over the internet

  • by snarfies (115214) on Thursday October 16, 2008 @10:24AM (#25400515) Homepage

    You are inferior. Man will be reborn as Cybermen, but you will perish under maximum deletion. Delete, delete, delete, DELETE!

  • What they ment to say was that any US Cybrans would be at risk. If you are Aeon or UEF, you have nothing to worry about.

    Carry on Supreme Commander!
  • Sheesh, I didn't know there were that many CDC Cybers out there still in use to cause panic.
  • by Sloppy (14984) on Thursday October 16, 2008 @10:48AM (#25400859) Homepage Journal

    The implication of a government person saying we have a problem, is that the government should do something about it. And for the military and other government networks, that's fine.

    But why do we ("we" being the government) need to do anything to protect corporate (or any other private) computers? The owner/operators of computers can protect them on their own. Just stop running foreign code.

    This isn't like physical security, where, say, IBM can't (and shouldn't have the means) to protect themselves from nuclear ICBM attack. It makes sense to put government in charge of securing the country against certain threats, and that job (if stated broadly enough) is arguably the only reason we need government to exist at all. But cyber-security isn't one of those situations, because individuals and groups can protect themselves, without putting anyone else at risk.

    • by Thorizdin (456032) <thorizdin@@@lotd...org> on Thursday October 16, 2008 @12:03PM (#25401953) Homepage

      The implication of a government person saying we have a problem, is that the government should do something about it. And for the military and other government networks, that's fine.

      But why do we ("we" being the government) need to do anything to protect corporate (or any other private) computers? The owner/operators of computers can protect them on their own. Just stop running foreign code.

      This isn't like physical security, where, say, IBM can't (and shouldn't have the means) to protect themselves from nuclear ICBM attack. It makes sense to put government in charge of securing the country against certain threats, and that job (if stated broadly enough) is arguably the only reason we need government to exist at all. But cyber-security isn't one of those situations, because individuals and groups can protect themselves, without putting anyone else at risk.

      If you're premise was correct your position would have some merit, but because you're probably thinking very narrowly about the problem you've missed some very big issues.

      First, much of our infrastructure is run by private companies. Think about how effective inter agency communication isn't when phones and cell phones don't work (think Katrina and 9-11). Our utilities are almost completely under private control and that includes nuclear reactors, dams, and the electrical grid. The Nuclear Regulatory Commission sets standards for security, but computer systems and security (both virtual and real) are all handled by private companies, most often contractors.

      Second, even non-infrastructure companies can be hugely disruptive. Think what could happen if someone gained control over the automated systems that report on the prices of stocks, commodities, bonds, and other financial mechanisms. Creating a run on a bank, Wall Street, or a huge fluctuations in the value of the Dollar would be trivial if someone just had access for a short time period. If someone had undetected access and a more subtle mindset the damage could be both much longer term and much worse.

      Finally, even companies and organizations that don't control infrastructure or financial systems can have a huge impact if their systems are compromised. Your example of IBM's being able to protect themselves without risk to others is also critically flawed. Last year IBM did $1.43 billion in consulting work for the US government. (1.4% of total 2007 revenue) You don't suppose that in that some of the work is classified? I know some of it is and further, given continued access, I could see the new stuff as the contracts are awarded to Big Blue. This also ignores the disruption that they could create because they are a well trusted ASN on the Internet. The sheer number of workstations and servers they have would also make them attractive to operate as part of a bot net.

      In short, there are lots of ways that any large company can hurt the rest of us if they aren't responsible with their security. Now, I'm not buying into the idea that the government being responsible for everyone's network security, they couldn't if they wanted to, but right now network security is something that a lot of companies haven't taken seriously and they _can_ harm us with their negligence.

      • Re: (Score:3, Interesting)

        by Sloppy (14984)

        Your example of IBM's being able to protect themselves without risk to others is also critically flawed. Last year IBM did $1.43 billion in consulting work for the US government. (1.4% of total 2007 revenue) You don't suppose that in that some of the work is classified? I know some of it is and further, given continued access, I could see the new stuff as the contracts are awarded to Big Blue.

        Fair enough on that. I'm ok with government demanding authority (or certain standards) over private computer securi

      • Re: (Score:3, Insightful)

        much of our infrastructure is run by private companies.

        So, basically privatization leads to nationalization?
        Interesting.

  • Countries? (Score:3, Interesting)

    by gmuslera (3436) on Thursday October 16, 2008 @12:30PM (#25402367) Homepage Journal
    First worry about individuals and groups of individuals, that are already doing some damage. Worms, spam, virus, botnets, exploiting vulnerabilities, social engineering, phishing... you dont need to have a country's government behind those threats.

    And part of the solution is not "attacking", but defending having things right in your side. Detect infected and vulnerable sites and pcs and warn/educate owners/vendors about that, as they are the perfect source for i.e. a big DDos or other kind of attacks. That US is the biggest source of spam and probably botnet activity of the world is a good warning sign.
  • or maybe "duh."

    enemies who want to get you in the weak points. who woulda thought it?

    any bilged-out 2nd lieutanant would appear to be smarter than the head of cyber security in this regard, since the military academies exist to study this stuff. and the first place to start is not to put critical systems on the web, maybe, you think?

    this fella probably wants to go back to tubes to avoid EMP.

  • Soo people want to Hack the government, alright.. well your chief of the FBI, you better get on that.. why would I care if they want to hack the FBI.

    If I were president I would send every FBI, DHS, CIA, NSA, TSA, and DEA agent in America to guard ANWR Alaska against "terrorism".

  • First off, MOST countries don't like us. That comes with distrust as well. By hacking into our stuff they learn of our plans/security layout. So lets look at this point by point.
    (1) There is a something called the internet.

    (2) There are people who know how to store data made available on the internet.

    (3) People know how to steal data from places where the internet is used.

    (4) People are VERY good at #3.

    (5) For every security tool we have put in, they have a tool that will get past it in time.

    Now given al

  • ...are eager to punch George W. Bush in the face. News at 11.

  • They just want more money in their budgets. If .gov or .mil computers on the interet are resulting in any serious threat to national security, then GET THEM OFF THE INTERNET! It's the people who insist on putting them ON the internet who are doing the real damage, not the hackers from Bogie Land.

  • blah blah blah blah blah blah blah blah and we have to monitor the whole Internet to keep you safe.
  • the United States has had incredible success fostering overseas partnerships.

    The actual meaning of "incredible" :
    beyond belief or understanding;
    wordnet.princeton.edu/perl/webwn

    overused as a hyperbole for "good." It means "too improbable to believe":
    www.iolani.honolulu.hi.us/Keables/KeablesGuide/PartThree/Letters/I.htm

    Too implausible to be credible; beyond belief; unbelievable;
    en.wiktionary.org/wiki/incredible

    The Hawaii phrasing is particularly apt. So, by it's own words, the US Govt has had success "too imp

He who steps on others to reach the top has good balance.

Working...