[108468] in North American Network Operators' Group
cnn.com - Homeland Security seeks cyber counterattack system
daemon@ATHENA.MIT.EDU (Tony Patti)
Sun Oct 5 12:21:31 2008
From: "Tony Patti" <tony@swalter.com>
Date: Sun, 5 Oct 2008 16:20:00 +0000
To: "nanog@nanog.org" <nanog@nanog.org>
X-MailScanner-From: tony@swalter.com
Errors-To: nanog-bounces@nanog.org
I presume this CNN article falls within the "Internet operational and techn=
ical issues" (especially security) criteria of the NANOG AUP,
in terms of "operat[ing] an Internet connected network",
especially where Chertoff refers to " like an anti-aircraft weapon, shoot d=
own an [Internet] attack before it hits its target".
http://www.cnn.com/2008/TECH/10/04/chertoff.cyber.security/index.html
Homeland Security seeks cyber counterattack system
WASHINGTON (CNN) -- First, there was "Einstein," the federal government's e=
ffort to protect itself from cyber attacks by limiting the number of portal=
s to government computer systems and searching for signs of cyber tampering=
.
Then Einstein 2.0, a system now being tested to detect computer intrusions =
as they happen.
And in the future? Perhaps Einstein 3.0, which would give the government th=
e ability to fight back.
Homeland Security Secretary Michael Chertoff on Friday said he'd like to se=
e a government computer infrastructure that could look for early indication=
s of computer skullduggery and stop it before it happens.
The system "would literally, like an anti-aircraft weapon, shoot down an at=
tack before it hits its target," he said. "And that's what we call Einstein=
3.0."
At a meeting with reporters to highlight National Cyber Security Month, Che=
rtoff reiterated his belief that the government should aggressively defend =
its computer systems, saying that terrorists, if they gain expertise alread=
y available to others, would "cause potentially very serious havoc" to gove=
rnment systems.
"Let's make the investment now rather than wait until there's a huge catast=
rophe," he said.
But despite his emphasis on the risks posed, Chertoff said the government i=
s moving slowly to avoid stepping on the toes of the private sector as it a=
ddresses calls to reorganize the governance of cyberspace to provide accoun=
tability and authority.
"I think the question of what is the government's role in cyberspace in gen=
eral needs to be discussed among all the stakeholders, because there is a c=
ulture of cyberspace that is an open architecture," he said. "And I think i=
f we just came in and said we want to take it over, there'd be, understanda=
bly, a considerable amount of discomfort with that."
"We are deliberately going slowly because we recognize that the issue of go=
vernment involvement in the Internet is fraught with all kinds of potential=
concerns and potential anxieties about not having the government have a bi=
g-foot impact on an area of communication and commerce that has traditional=
ly been viewed as really independent and free."
Chertoff said the government is "feeling our way to what is the right mix o=
f government involvement with protecting the Internet in the private domain=
while preserving everybody's comfort level that we're not going to be in t=
heir business in a way that would be inappropriate."
Asked if he envisioned a world with two cyberspaces, he said he envisions a=
world with "a lot of different levels of security and trust, depending upo=
n the nature of what it is that you're doing."
"We already have that now, in the sense that we have classified systems whi=
ch are walled off from unclassified systems," he said.
The Bush administration released its National Cyber Security Initiative in =
January. The "most immediate component" of it from the Department of Homela=
nd Security's perspective, Chertoff said, is to increase security for feder=
al government computer systems. =
But another priority is to work with the private sector to address threats =
to businesses. This includes not only protection from hackers, but also fro=
m counterfeit parts, which an individual or another nation could use to cre=
ate vulnerabilities in the United States, he said. =
E-mail to a friend =
=
Tony Patti
CIO
S. Walter Packaging Corp.
