US adviser says cybersecurity must be joint effort

Fri Apr 17, 2009 9:46 PM EDT
advertisement

SAN FRANCISCO — The challenge of protecting the government's computer networks is too big for any one agency to handle alone, a top adviser to President Barack Obama said Wednesday. That suggests the administration doesn't intend to consolidate control of U.S. cybersecurity under a single department like the National Security Agency, as some have feared.

The comments by Melissa Hathaway, in her first public appearance since completing a still-secret 60-day study on the nation's computer security, were light on details but offered some hints on how the administration plans to address the turf wars and confusion surrounding the country's patchwork cybersecurity policies.

Hathaway didn't offer any specifics about her findings or proposals in her talk at the RSA security conference in San Francisco. She said those will be released in the "coming days" after the administration reviews her report.

The fragility of the world's digital infrastructure is "one of the most serious economic and national security challenges of the 21st century," Hathaway said, and the responsibility for locking down networks in the U.S. "transcends the jurisdictional purview of individual departments and agencies."

"Although each agency has a unique contribution to make, no single agency has a broad enough perspective to match the sweep of the challenges," she added.

Hackers, identity thieves and spies are stepping up their attacks on the nation's power grids, military networks and other government networks loaded with sensitive data, as evidenced by the number of break-ins that have come to light in recent months. Meanwhile, the administration has struggled with how to organize the nation's cyberspace programs.

In a sign of the turmoil, the head of the nation's cybersecurity center — Rod Beckstrom — resigned in March, blaming a shortage of money and a clash over whether the NSA should control cyber efforts. Suggestions from intelligence officials that the NSA should coordinate the country's overall cybersecurity effort have triggered protests over whether it's appropriate to give such control to spy agencies.

NSA director Keith Alexander, also speaking at the security conference, said the NSA wants to be inclusive.

"We do not want to run cyber security for the U.S. government," he said. "That's a big job. It's going to take a team to do it."

The Pentagon is planning to reorganize its military efforts on cyber issues and create a new military command to focus on protecting it computer networks, U.S. officials told The Associated Press on Wednesday.

© 2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
  • 9 Votes
  • Enjoy this article? Help vote it up the 'Vine.

Back To Top

Published to:

Related Articles
New Military Command to Focus on CybersecurityWall Street JournalThu Apr 230Comments
What's this?
Who's leading the conversation?
This visualization below allows you to see the impact that each user has on the current conversation. The top row contains the group of users who have had the most impact, the 2nd row the group of users who have had the 2nd most impact (et cetera). Users with similar impact are grouped together, and the average score of the group is shown to the left of the group. The author of the article is also shown on the left, in their corresponding group. Each user's score is based on the number of comments the user has made plus the number of votes their comments have received. The scores are calculated relative one another, so while their absolute value is not particularly important, their relative difference does indicate a larger difference in impact on the conversation.
0.4
{"commentId":6555899,"authorDomain":"femtobeam"}
femtobeamDeleted
{"commentId":6556233,"authorDomain":"thom4sw1"}
Tomas Sivan

Of course , it makes sense ... Set a thief, to catch a thief,,, Isn't this what we did with Geithner, and Sibelius ? And when we want to put people to sleep with long boring speeches, we have Obama, Cllinton, , Nancy and Reid .... WE don't need any volunteers for crooks, Congress is full of them , and we can reach down anytime and pick one from the ranks on both sides of the aisle.... And they made fun of the " Tea Party " and try to spin it into something is wasn't... Don't look to the mainstream press for any truth either ....

{"commentId":6556233,"threadId":"557017","contentId":"2698456","authorDomain":"thom4sw1"}
    Reply#2 - Sat Apr 18, 2009 6:05 AM EDT
    {"commentId":6560961,"authorDomain":"Available"}
    AAAAAAAA

    Right, it makes sense since hackers are terrifyingly skilled, surprisingly adept at breaking into systems. Now that they are employed, are they working for the greater good of the country or actually to the detriment of other nations?

    {"commentId":6560961,"threadId":"557017","contentId":"2698456","authorDomain":"Available"}
      Reply#3 - Sat Apr 18, 2009 1:59 PM EDT
      {"commentId":6561018,"authorDomain":"blueboy"}
      Blue Boy

      Someone get this guy a tin foil hat.

      {"commentId":6561018,"threadId":"557017","contentId":"2698456","authorDomain":"blueboy"}
        #3.1 - Sat Apr 18, 2009 2:03 PM EDT
        Reply
        {"commentId":6562793,"authorDomain":"nefariousone73"}
        rbeier

        It's about time the government stepped up to secure our infrastructure. As far as seeking out hackers to do it I think it makes perfect sense. Who better to know the mind of a hacker. Can we trust them completely to keep us safe? Maybe not, but just because you CAN hack doesn't mean you are out to do harm. A lot of them just want to know they can do it. Why not pay them to and let them report to us rather than doing it just because. Just make sure we have a good checks and balances system in place and all should be good.

        {"commentId":6562793,"threadId":"557017","contentId":"2698456","authorDomain":"nefariousone73"}
          Reply#4 - Sat Apr 18, 2009 4:34 PM EDT
          {"commentId":6563836,"authorDomain":"christopher-calbat"}
          Sgt C USMC

          Calling all "red-teams"!!

          This isn't the first or the last time that the US Government has employed the very people it spent years trying to prosecute. Remember Kevin Mitnik ? Regarded as one of the most proficient hackers in many communities worldwide, he then became a security consultant for the US government in exchange for his record being wiped clean. (and a pretty impressive record it was too.)

          The 'hackers' that most people think of don't even begin to compare to the dedication and skill that people like Kevin Mitnick possessed. Running a tinned-can script through a known security hole that's been reported on in the community for months (active x anyone ? ) does not make you a hacker.

          Actually, the last time the US government put out an open request like this that I remember is for coming up with a new encryption algorythm. Yes, the encryption algorythm used by every government, military, and federal computer in the world was not written in the safety of the NSA, or the FBI. In fact, it was a 5 year contest after the RSA embarrassed the government by cracking its DES encryption protocol in less than 56 hours. (A flight to Iraq for a spec ops team takes between 34-40 hours just by comparison)

          AES (Rijndael) - AES (Advanced Encryption Standard) is the name given to the algorithm that won the US Government's crypto contest in 2001. 15 algorithms competed in the 5-year effort, and the Belgium-based Rijndael algorithm beat the others out to earn the title "AES". With the NIST stamp of approval, AES is now the most popular algorithm in use today, and I highly recommend it due to its speed, strength, and widescale adoption.
          {"commentId":6563836,"threadId":"557017","contentId":"2698456","authorDomain":"christopher-calbat"}
            Reply#5 - Sat Apr 18, 2009 6:17 PM EDT
            {"canLink":false,"threadId":"557017","isPrivate":false}
            Leave a Comment:
            You're in Easy Mode. If you prefer, you can use XHTML Mode instead.
            Newsvine Privacy Statement
            As a new user, you may notice a few temporary content restrictions. Click here for more info.
            {"threadId":"557017","contentId":"2698456"}
            Start TrackingStart Tracking
            Stop TrackingStop Tracking
            Back To Top | Front Page