Monday, December 8, 2008

How's that Fed.Gov security?

Not so great, actually:

"Foreign opponents, through a combination of skill, luck, and perseverance, have been able to penetrate poorly protected U.S. computer networks and collect immense quantities of valuable information."

America, in other words, has been hacked.

The Center for Strategic and International Studies (CSIS) did a study looked into the state of Fed.Gov computer security. While I haven't run across them before, they look like they can at least fog a mirror with this report. Other folks that I have run across before, and who definitely do better than fogging the mirror elaborate:
"The reality is that the secret briefings given to the president, the National Security Council, and others show MUCH greater losses than have been publicly acknowledged," said Alan Paller, director of research for the SANS Institute, in an e-mail. "The proof, if you need confirmation, comes from President Bush's approval of the 11 digit (tens of billions of dollars) price tag for the new Cyber Initiative that the commission report says should be built upon. That's a huge price tag and you can guess what was disclosed to him to get that level of spending."
The interesting question is not has there been a breach, or even what's the scope. The really interesting question is how much of our information networks are already pwned by the Bad Guys, but we don't know it yet?

I don't know, but if there really is a more than $10 Billion program to address this, the answer is a lot.

No comments: