House Intel Committee Hearing- 2-02-2012


Dec 25, 2010

I found it interesting how many times they brought up that there was an imminent cyber attack coming. Both the witnesses and House members appear worried we are not prepared for such an attack.

Sounded like they acknowledged we were already under attack, especially from the Chinese, but that an even larger, concentrated effort was going to be underway soon.
The government doesn't play nice with information. They think that if they yell an attack is coming then, when it does, they can pass emergency legislation giving them power to take over the private sector's toys. Cyber Security Bill S.773 went down because it's unnecessary. But what if Unca Sugar can convince everyone that they are in "danger" and need to be kept "safe."
U.S. military cyber experts play on American fears of Chinese hackers shutting down U.S. power plants and financial systems to justify massive investments in cyber improvements for the Defense Department.
That’s why it comes as a surprise that a cyber defense report ranked China well below two Scandinavian countries and Israel for its cyber defenses. For that matter, the U.S. even fell behind Sweden, Finland and the Israelis when it comes to protecting against cyber attacks, according to a report issued by Security & Defense Agenda, a Brussels-based think tank.
Most cyber attacks still emanate from computers based in the U.S. and China with the U.S. being the worst offender, said Jason Healey, director of the Cyber Statecraft Initiative of the Atlantic Council. Yet those two countries lag behind others when responding to attacks, according to the report.
The Pentagon’s acquisition system is woefully slow in keeping up with new cyber technology that hackers use to penetrate the Defense Department’s network, said Robert Lentz, former U.S. deputy assistant secretary of defense for cyber.
A panel of experts hosted by McAfee, a cyber security company that partnered with Security & Defence Agenda to publish the report, agreed the U.S. military and other federal agencies have a lot of ground to make up to protect against evolving cyber threats.
Phyllis Schneck, McAfee’s chief technology officer, urged the military to consider buying commercial-off-the-shelf technology to protect its networks rather than constantly trying to innovate its own.
Defense officials have identified a recent computer virus coming from China that targets service members’ common access cards and steals the pins to hack into defense computer networks.The cyber panel that met in Washington D.C. on Monday said the government must increase the amount of information they share with private firms about how they protect against attacks.
“The government only inhales, it never exhales,” Healey said.
Government officials protect too much of their cyber defense strategy behind classified barriers making it tough for private firms such as Microsoft or Google to help the government in case of a cyber attack.
“A cyber war is going to be won or lost in the private sector. If you’re under attack who do you really want on your side, [Department of Homeland Security] or McAfee and Microsoft?” Healey asked.
I know virtually nothing on the subject, but if a group of random people (Anonymous) can hack into DOJ, we clearly need to up our ante, no? I think I'd rather over-indulge on this one than suffer the consequences of what could happen.