Wednesday, June 20, 2007

Dept. of Homeland Security Hacked 800 Times

DHS acknowledges own computer break-ins

By TED BRIDIS, Associated Press Writer

The Homeland Security Department, the lead U.S. agency for fighting cyber threats, suffered more than 800 hacker break-ins, virus outbreaks and other computer security problems over two years, senior officials acknowledged to Congress.

In one instance, hacker tools for stealing passwords and other files were found on two internal Homeland Security computer systems. The agency's headquarters sought forensic help from the department's own Security Operations Center and the U.S. Computer Emergency Readiness Team it operates with Carnegie Mellon University.

In other cases, computer workstations in the Coast Guard and the Transportation Security Administration were infected with malicious software detected trying to communicate with outsiders; laptops were discovered missing; and agency Web sites suffered break-ins.

The chairman of the House Homeland Security Committee, Rep. Bennie Thompson, D-Miss., said such problems undermine the government's efforts to encourage companies and private organizations to improve cyber security.

"What the department is doing on its own networks speaks so loudly that the message is not getting across," Thompson said.

Congressional investigators, expected to testify Wednesday during an oversight hearing about the department's security lapses, determined that persistent weaknesses "threaten the confidentiality, integrity and availability of key DHS information and information systems," according to a new report from the Government Accountability Office being released later in June.

The Homeland Security Department's chief information officer, Scott Charbo, assured lawmakers his organization was working to prevent such problems. more

Boy, doesn't that just make you feel safe? DHS is now on its fourth cybersecurity chief in six. years. That seems like a high turnover rate for such an important job. But maybe that's because they still aren't taking the threat seriously enough.

Former cybersecurity chief Richard Clarke once stated in an interview:

"We, as a country, have put all of our eggs in one basket. The reason that we're successfully dominating the world economically and militarily is because of systems that we have designed, and rely upon, which are cyber-based. It's our Achilles heel. It's an overused phrase, but it's absolutely true.

It could be that, in the future, people will look back on the American empire, the economic empire and the military empire, and say, "They didn't realize that they were building their whole empire on a fragile base. They had changed that base from brick and mortar to bits and bytes, and they never fortified it. Therefore, some enemy some day was able to come around and knock the whole empire over." That's the fear."

Take some time to read the full interview here.