It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

How Obama Can Fix Cybersecurity

page: 1
0

log in

join
share:

posted on Dec, 8 2008 @ 12:52 PM
link   

How Obama Can Fix Cybersecurity


www.forbes.com

To protect those key businesses, CSIS' collection of cybersecurity insiders suggest big moves: Along with creating a new White House body that would take top-level control of the Cyber Initiative away from the Department of Homeland Security, the commission recommends that Obama create a Center for Cybersecurity Operations, where private- and public-sector network watchers could meet and share information about the threats they're facing.

Focusing on the private sector means not just cooperation but also regulation. Under the plan, a new White House-based National Office on Cybersecurity would create and enforce standards on the security of critical infrastructure networks. Any economic stimulus package aimed at rebuilding crumbling infrastructure--which Obama has proposed--would have to weave in those standards.
(visit the link for the full news article)




posted on Dec, 8 2008 @ 12:52 PM
link   
There are many interesting tidbits in this article. The point is made that many of the cybersecurity vulnerabilities are classified as secret.

For example, link this excerpt:


Regulations would affect computer system vendors, too. The commission demands that the government only buy IT products that have passed strict vulnerability tests, requiring what SANS' Paller calls "baked-in" security rather than systems that require security to be "bolted on" after they're bought.

To this ATS thread:
FBI Fears Chinese Hackers Have Back Door Into US Government & Military

Also interesting is the mention of the DHS "Einstein" program, which the Bush administration has proposed transferring (partially) to the NSA:


A revamped Einstein could also extend that security monitoring to comb the systems of private-sector infrastructure companies. Some sources close to the Cyber Initiative say the project may allow companies to voluntarily give the new monitoring software access to their networks.

But for privacy advocates, the possibility of an NSA-involved program sifting through private networks has raised hackles.

A new administration has some level of credibility surplus, with regards to their motives:


"Because of Bush's warrantless surveillance, even a routine monitoring program was seen as a spy thing," says Lewis. "But I think there will be an improvement on that front. The new administration doesn't have the baggage that its predecessor had."

It will be interesting to see how the US Government attempts to apply their "improvements" to a world-wide network.


www.forbes.com
(visit the link for the full news article)



posted on Dec, 8 2008 @ 01:02 PM
link   
But for privacy advocates, the possibility of an NSA-involved program sifting through private networks has raised hackles.

Ummm?This is already happening.
Does the person who said this, not realize this?

The NSA, are now and have long been sifting through everything.



posted on Dec, 8 2008 @ 01:29 PM
link   
reply to post by AgentOrangeJuice
 


Also interesting is what they're planning for Einstein 3.0 - an active defense.

Chertoff has said they want a system that "would literally, like an anti-aircraft weapon, shoot down an attack before it hits its target." Source

And now they're talking about expanding it to cover public-sector networks, and not just government systems?



posted on Dec, 8 2008 @ 02:01 PM
link   

Originally posted by Ian McLean
reply to post by AgentOrangeJuice
 


Also interesting is what they're planning for Einstein 3.0 - an active defense.

Chertoff has said they want a system that "would literally, like an anti-aircraft weapon, shoot down an attack before it hits its target." Source





That's because Chertoff hasn't got a clue of how the Internet works or probably even what a Bot-Net is. How are you gonna shut down 400,000 peer botnet preemptively? You ain't.



posted on Dec, 8 2008 @ 05:55 PM
link   
reply to post by HunkaHunka
 


You identify and disrupt their control nodes.


Researchers this week detailed a prototype system to identify and eradicate botnets in the wild.
...
The researchers said they consider the botnet’s use of command and control channels to be the weakest link of a botnet. “If we can take down an active command and control or simply interrupt the communication to the command and control, the botmaster will not be able to control his botnet. Moreover, the detection of the command and control channel will reveal the command and control servers and the bots in a monitored network. Therefore, understanding and detecting the command and controls has great value in the battle against botnets,” researchers said.

Source




top topics
 
0

log in

join