Proposed bill would create National Cybersecurity Advisor  | | | 
April 9th, 2009, 12:15 PM
|
#1 (permalink)
| | A hero in training
Join Date: Oct 2001 Location: Norfolk, VA
Posts: 26,847
| Proposed bill would create National Cybersecurity Advisor
Proposed bill would create National Cybersecurity Advisor Quote: |
It hasn't gotten a lot of traction yet, but Senators Jay Rockefeller and Olympia Snowe have jointly introduced a bill that would create an Office of the National Cybersecurity Advisor, a new White House position designed to beef up the nation's information security policies
| Quote: |
and, more controversially, that private networks deemed "critical infrastructure" by the President meet these standards as well. What's more, El Presidente can order the disconnection of those networks during a "cybersecurity emergency" or national security emergency if needed, and security professionals will need to be licensed by the government to work on them
|
Pretty scary if this thing gets any traction if you ask me. | 
|  | |
April 9th, 2009, 01:58 PM
|
#2 (permalink)
| | Ultimate Member
Join Date: Jun 2002
Posts: 1,064
|
Whats scarier?
A Huge power outage like the blackout that affected most of the country a few years back (and now insert an act of aggression by another State) and this very State cripples your infrastructure creating mass chaos and untold death after several days.
Or government looking out for their own (and our) best interests?
Sorry I trust "US" more than China or Russia.
I so hate big government and all of these "czars" however this seems like a necessary evil in light of the current news. I just wonder how much is spin and hype. | 
| | |
April 9th, 2009, 03:27 PM
|
#3 (permalink)
| | A hero in training
Join Date: Oct 2001 Location: Norfolk, VA
Posts: 26,847
|
How is shutting down personal internet connections going to help out during a natural disaster such as a power outage?  If anything that will cause more panic for people who use the internet to get their information. Will people be reimbursed for their internet connections being turned off? How about focusing the attention on those "states" that are causing the security issues instead of cutting off innocent bystanders? Of course to implement something like this would require a lot of work, the internet isnt just one pipe coming into America.
My biggest problem is this, we have those in congress making up laws about technology when Not one of them have a good grasp on how it works. You dont mind these people making laws up like that? I have no problems reaching out to the public sector for some fresh new standards, but the ability to pull the plug? No thanks!! | |
| | |
April 9th, 2009, 04:19 PM
|
#4 (permalink)
| | Ultimate Member
Join Date: Jun 2002
Posts: 1,064
|
If you read the article you posted: Quote: |
All together, the two pieces of legislation would require that government networks and software meet a set of security standards and vulnerability tests -- and, more controversially, that private networks deemed "critical infrastructure" by the President meet these standards as well. What's more, El Presidente can order the disconnection of those networks during a "cybersecurity emergency" or national security emergency if needed, and security professionals will need to be licensed by the government to work on them
|
Quote:
AP source: Spies compromised US electric grid
By JORDAN ROBERTSON and EILEEN SULLIVAN
Associated Press Writers
Buy AP Photo Reprints
Your Questions Answered
Ask AP: Recessions and depressions, Mexico travel
SAN JOSE, Calif. (AP) -- Spies hacked into the U.S. electric grid and left behind computer programs that would let them disrupt service, exposing potentially catastrophic vulnerabilities in key pieces of national infrastructure, a former U.S. government official said Wednesday.
The intrusions were discovered after electric companies gave the government permission to audit their systems, the ex-official said. The official was not authorized to discuss the matter and spoke to The Associated Press on condition of anonymity.
The inspections of the electric grid were triggered by fears over a March 2007 video from the Idaho National Laboratory, which had staged a demonstration of what damage hackers could do if they seized control of a crucial part of the electric grid. The video showed a power turbine spinning out of control until it became a smoking hulk and shut down.
Although the resulting audits turned up evidence of spying sometime earlier, the former official told the AP that the extent of the problem is unknown, because the government does not have blanket authority to examine other electric systems.
"The vulnerability may be bigger than we think," the official said, adding that the level of sophistication necessary to pull off such intrusions is so high that it is "almost without a doubt" done by state sponsors.
The Wall Street Journal, which reported the intrusions earlier, said officials believe the spies have not yet sought to damage the nation's electric grid, but that they likely would try in a war or another crisis.
Chinese and Russian officials have denied involvement in hacks on U.S. systems.
The malicious programs were probably purged immediately from the utilities' networks after their discovery.
Intrusions are generally much harder to detect than to clean up, though purging malicious programs from mission-critical systems poses a special challenge, since computers often have to be running around the clock and can't be shut down to be scrubbed clean. If that's the case, proper backups need to be in place to make sure an infection is fully neutralized.
The attacks highlight serious problems that utilities like power and water companies face as they add more technologies for remotely managing their facilities. Any system networked to the rest of the world - from financial systems to university records to retail operations - can leave openings for hackers.
Homeland Security spokeswoman Amy Kudwa said her department is "not aware of any disruptions to the power grid caused by deliberate cyber activity here in the United States." Even so, congressional investigators and intelligence officials have warned that electric utilities are vulnerable to cyber attacks, and utilities acknowledge that their computer networks are routinely under assault.
CIA analyst Tom Donahue told utility engineers at a conference last year that in other countries, hackers had broken into electric utilities and demanded payments before disrupting power - in one case turning off the lights in multiple cities.
The power grid is becoming a bigger target for hackers as more pieces of it are connected to each other or, in some cases, to the Internet.
Employees who work remotely can be a major point of weakness. If their computers can be compromised, hackers can begin working backward into a utility's central control system. One way that's done is by so-called "spear phishing," or trying to fool people into opening personalized e-mails that have malicious programs inside them. Malicious Web applications can be another route for hackers.
"The severity of what we're seeing is off the charts," said Tom Kellermann, vice president of security awareness for Core Security Technologies and a member of the Commission on Cyber Security that is advising President Barack Obama. "Most of the critical infrastructure in the U.S. has been penetrated to the root by state actors."
Joe Weiss, a security expert who has testified before Congress about such threats, said the industry has failed to address these vulnerabilities.
"The human resources computer system in a utility happens to be more cyber-secure than any power plant or electric substation that we have," said Weiss, managing partner of Applied Control Solutions, a company based in Cupertino, Calif. "The fundamental problem is that we're paying more attention to the cybersecurity of Facebook than we are to trying to keep our lights on."
He said the long-term ramifications of such an attack would be severe: If electrical equipment were destroyed, power could be lost for six to nine months, because the replacement gear would take so long to manufacture.
Power grid operators acknowledged Wednesday that they have been the target of frequent computer attacks and said they are working closely with authorities to lock down their networks.
James Fama, the Edison Electric Institute's executive director of energy delivery, said in a statement that "protecting the electrical grid and keeping the power flowing is our industry's top priority."
Members of Congress and government agencies have sought to increase oversight of the industry. A bipartisan bill introduced last week in Congress would let the president declare a "cybersecurity emergency" if necessary and shut down Internet traffic to a compromised piece of critical infrastructure such as the power grid.
Securing power systems against cyber attacks might get even more complicated with the development of so-called "smart grids." Smarter grids are being built to make electricity delivery far more efficient, saving precious resources. But they require the extension of two-way digital communications down to "smart meters" at homes and new digital sensors to track real-time power usage. Extra nodes on a network can become new openings for spies.
"The more you push communications, intelligence (across the grid) ... you're adding some level of risk," said Brian Seal, a senior project manager involved in power delivery at the Electric Power Research Institute, an industry-sponsored research group.
Kudwa, the Homeland Security spokeswoman, said the government is "working to ensure that security is built in as we develop the next generation of smart grid networks."
And Seal noted that smart grids will give the power transmission system greater resilience and flexibility to reduce the impact of a disruptive event - such as a cyber attack.
|
Then you would know that this is indeed not NEW news:
America's Hackable Backbone - Forbes.com
Hell there are google groups dedicated to hacking our infrastructure. I am happy that we finally have an administration doing ANYTHING to divert this very real threat. | |
| | |
April 9th, 2009, 07:41 PM
|
#5 (permalink)
| | A hero in training
Join Date: Oct 2001 Location: Norfolk, VA
Posts: 26,847
|
Until they get those systems off networks that have access to the internet, this will be a problem! System admins can only do so much to protect the data that goes over the WAN, once it hits the ISP its fair game and they lose control of it. If they want to do something, work on an infrastructure that doesn't have access to the internet for those "critical systems"
I keep seeing the word malware being thrown around, i think an evaluation needs to be done on these supposed systems. | |
| | |
April 9th, 2009, 08:15 PM
|
#6 (permalink)
| | Senior Member
Join Date: Mar 2009
Posts: 720
| Quote:
Originally Posted by GroundZero3  Until they get those systems off networks that have access to the internet, this will be a problem! System admins can only do so much to protect the data that goes over the WAN, once it hits the ISP its fair game and they lose control of it. If they want to do something, work on an infrastructure that doesn't have access to the internet for those "critical systems"
I keep seeing the word malware being thrown around, i think an evaluation needs to be done on these supposed systems. | No critical military system connects to the internet. You are correct that the safest course to keep any critical system safe is not to tie it to the internet.
The machine I am on is one of four completely isolated. They are for internet use. | |
| | |
April 13th, 2009, 10:09 AM
|
#7 (permalink)
| | Senior Member
Join Date: Feb 2008
Posts: 734
|
Quote: |
Originally Posted by DoubleK Whats scarier?
A Huge power outage like the blackout that affected most of the country a few years back (and now insert an act of aggression by another State) and this very State cripples your infrastructure creating mass chaos and untold death after several days.
Or government looking out for their own (and our) best interests? | This is all about C0NTROL and its the stupidist thing they ever thought of!
They wanna close the WEB and re-open a VERY RESTRICTIVE internet.... (Thats Obamas plan)
http://www.prisonplanet.com/articles...l_internet.htm
Ya better HOPE this doesnt happen!
Last edited by Dude111 : April 13th, 2009 at 10:13 AM.
| |
| | |
April 13th, 2009, 10:47 AM
|
#8 (permalink)
| | Ultimate Member
Join Date: Jun 2002
Posts: 1,064
|
Dude111, the power of the internet is obvious. It does not take a phd in conspiracy theory to realize this.
Words have a powerful effect on those too close minded to try to see a bigger picture. If the basis of your concerns comes from the prison planet or other dubious "reporting" agencies I wouldn't be too concerned yet.
Words only have meaning if you swallow the hook blindly. Then they have the potential to rip peoples guts out. | |
| | |
April 14th, 2009, 09:30 AM
|
#9 (permalink)
| | Senior Member
Join Date: Feb 2008
Posts: 734
|
Its better to be prepared AND AWARE my friend then to be completely under thier way of thinking isnt it? | |
| | |
April 14th, 2009, 10:35 AM
|
#10 (permalink)
| | Ultimate Member
Join Date: Jun 2002
Posts: 1,064
|
Yes. My mantra will always remain stay alert stay alive.
No one can force your way of thinking although there is a very real and definite war to control what the masses digest as far as information. Always has been and always will be as long as factions of humanity feel they are enlightened and others are not.
I just did not want you coming across as paranoid. That is also VERY unhealthy and sad. | |
| | | Thread Tools | Search this Thread | | | | |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | | | | Most Active Discussions  | | | | |   Recent Discussions  | | | | |
 |
hardware
prices 
