Is the U.S. Government Losing the Battle Against Hackers?

By Eliza Strickland | December 9, 2008 8:58 am

hackingSophisticated computer hackers are as big a threat to the United States as weapons of mass destruction and global jihad, argues a new report on cybersecurity. The report, which was produced by the Center for Strategic and International Studies, a Washington think tank, contains recommendations for the incoming Obama administration, and issues a dire assessment of the government’s current efforts to prevent cyberattacks. “America’s failure to protect cyberspace is one of the most urgent national security problems facing the new administration that will take office in January 2009,” the report states. Cyber safety is “a battle fought mainly in the shadows. It is a battle we are losing” [DailyTech].

The federal government has been embarrassed in recent years by intrusions into the computer networks of many different agencies, including the Defense, State, Homeland Security, and Commerce departments, the National Aeronautics and Space Administration (NASA), and the National Defense University. An investigation last year by The Washington Post showed that multiple compromises of unclassified computer systems for the Transportation Security Administration and DHS headquarters went unnoticed for months in 2006 because the agency failed to effectively monitor its own networks [Washington Post]. In some cases the breaches have been linked to Chinese computer servers, indicating a possible convergence between hacking and espionage.

The report suggests creating a new White House department to lead government efforts on cybersecurity, and largely dismisses the work done by the Department of Homeland Security. “We still have an industrial-age government that was organized a century ago,” Jim Lewis, the center’s director, said in an interview in September. “The DHS has a 1970s-style solution to a 21st century problem.” … Lewis said in the same interview that although the department has made some progress on cybersecurity, the government would still in some cases have to call a committee meeting if it suffered a cyberattack because so many different agencies have jurisdiction over the problem [San Francisco Chronicle].

Other recommendations include a suggestion that the federal government end its reliance on passwords and enforce what the industry describes as “strong authentication.” Such an approach would probably mean that all government computer users would have to hold a device to gain access to a network computer or online service [The New York Times]. In one controversial proposal, the report suggests revising wiretap laws to make it easier for law enforcement to obtain the data warrants that allow online information to be monitored and collected; the report says that traditional search warrants are “increasingly impractical in the online environment” [Washington Post].

Related Content:
80beats: Computer Virus Travels Into Orbit, Lands on the Space Station
80beats: Russian Invasion Included the First Real Use of “Cyber Warfare”

Image: iStockphoto

CATEGORIZED UNDER: Technology
  • Damian

    One can hardly be surprised the government is losing the battle against hackers. This is the same government that is losing the battle against cigarette smugglers crossing the Canadian border. By what stretch of the imagination should we expect the world’s largest bureaucracy to keep up with the world’s most nimble and state-of-the-art criminal? Hackers make up crimes faster than governments can write laws. For the foreseeable future, cyber-security will largely remain the responsibility of the end user. This isn’t necessarily a bad thing.

  • http://clubneko.net nick

    Cyber-security remaining in the hands of the end user is a terrible thing when 80%+ of the world’s computers run Windows.

    Also, I take issue with the reports of the attacks coming from Chinese servers indicating espionage – only dumb ‘skript kiddies’ (or whatever they’re called nowdays) run attacks from their own computers. If the Chinese .gov is spying on us, they’re going to be doing it from Zimbabwe routed through India, Russia and the EU, at the very least.

    At least, I hope they’re smart enough to do that, considering China’s the only contender to replace us as the world’s ‘superpower.’ I want my new alien overlords to at least be smart enough to hide their tracks.

  • Damian

    “Cyber-security remaining in the hands of the end user is a terrible thing when 80%+ of the world’s computers run Windows. ”

    If the alternative is “letting the government protect my computer through legislation”, I’ll DEFINITELY be sticking with end-user protection. Keep in mind, I consider end user responsibility to include third-party firewalls, anti-virus and anti-spyware software. I’m not implying that every end user should have to program her own firewall.

    But who would you like the security of your computer trusted to, if not you? Would you prefer the government mandate how you protect your computer, or do you propose that if they increased penalties for hacking, that you would be free to ignore your computer’s security, comfortable in the knowledge that no one would dare compromise it? Perhaps there’s a third alternative…

    Also, you brought up the world’s Windows dominance. I’m not sure I see the relevance of that; are you arguing that if more people used Macs, the government could beat hacking?

  • http://n/a Thunder S

    This also fits into Alvin Toffler’s ideas on organizations and developing society. The government is one of the slower organizations that will never be able to keep pace with how quickly technology and society are changing. The only organizations that are even remotely close are corporations…think tanks and universities too. The government simply can’t adapt quickly enough, the comment on laws was on point…

  • Marc

    “But who would you like the security of your computer trusted to, if not you? Would you prefer the government mandate how you protect your computer, or do you propose that if they increased penalties for hacking, that you would be free to ignore your computer’s security, comfortable in the knowledge that no one would dare compromise it? Perhaps there’s a third alternative…”
    I do not think that increasing the penalties for hacking will really solve anything. That will only cause the hackers to find further ways to hide their identity, which they are good at anyway. There really isnt too much anyone can do to stop hackers. where there are networks and OSs, there will always be a way to hack it, its just a fact. What we really need to do is work harder on our anti-virus systems, as alot of the current systems used are practically obsolete against todays hackers. One of the quotes posted in the article above states that the government is planning on doing away with passwords, and instead installing a system which requires users to use a device to gain access to the network, which would probably work better than the current password system and is a step in the right direction of protecting important networks.

  • http://jaimcdowall.co Mcdowall

    lol nice post, do you do guest posts?

NEW ON DISCOVER
OPEN
CITIZEN SCIENCE
ADVERTISEMENT

Discover's Newsletter

Sign up to get the latest science news delivered weekly right to your inbox!

80beats

80beats is DISCOVER's news aggregator, weaving together the choicest tidbits from the best articles covering the day's most compelling topics.
ADVERTISEMENT

See More

ADVERTISEMENT
Collapse bottom bar
+

Login to your Account

X
E-mail address:
Password:
Remember me
Forgot your password?
No problem. Click here to have it e-mailed to you.

Not Registered Yet?

Register now for FREE. Registration only takes a few minutes to complete. Register now »