Cyberattacks at DHS prompt new finger-pointing

A congressional committee is once again questioning the U.S. Department of Homeland Security's ability to detect and fend off cyberattacks, as a recent investigation has turned up evidence of Chinese-linked hacking incidents on internal computers last year.

According to the results of a recent U.S. House of Representatives Homeland Security investigation described in a letter released Monday (PDF), "dozens" of computers on networks at the sprawling cabinet department's headquarters were "compromised by hackers" last year. The intrusions involved planting malicious code that cracked network administrator passwords, masked signs of intrusion and beamed back information to "a Web hosting service that connects to Chinese Web sites."

Excerpt from the House panel's letter to DHS Inspector General

That style of attack is reminiscent of those carried out on computers at the Commerce and State departments around the same time last year, the committee wrote.

The letter pinned at least some of the blame on an outside contractor that failed to deploy the necessary "network intrusion detection systems" and attempted to hide "security gaps in their capabilities."

That contractor, Unisys Corp., is now under investigation by the FBI for alleged criminal fraud, according to the The Washington Post, which first reported the Friday letter in a story published Monday morning.

But the letter, signed by Rep. Bennie Thompson (D-Miss.), who leads the Homeland Security Committee and Rep. James Langevin (D-R.I.), who leads a cybersecurity panel within that committee, also faulted Homeland Security officials. The committee leaders accused the department--and particularly its chief information officer--of downplaying the potential for serious cyberintrusions and providing "misleading" responses to the congressional panel's requests for information about reported incidents. They asked Homeland Security Inspector General Richard Skinner to conduct his own investigation into the matter.

Unisys, for its part, told the Post that it hadn't yet been informed of any criminal investigation against it. The company also denied failing to install the proper number of network intrusion tools and said it even continued deploying the monitoring services after Homeland Security, citing lack of funding, stopped paying for them.

Homeland Security representatives, meanwhile, told the Post that Unisys' version of the story was "entirely baseless and disingenuous" and suggested the firm may not be awarded contracts in the future. The agency also denied withholding any information from congressional investigators, with a spokesman saying department officials are "aware of, and have responded to, malicious cyberactivity directed at the U.S. government over the past few years."

[Solaris_User]

What a shock.

Somehow in America when our bureaucracies fail then we foolishly think that all we need to do is make an even larger bureaucracy and put it in charge of the bureaucracies that fail. Yeah, that will work..

DHS is so large and cumbersome that they haven't even gotten it in place yet. I'm sure we can expect it to have no fewer security problems than the FBI (who have finally been able to fend of the hackers long enough to the point where they now have e-mail working. Amazing.)