Government elaborates, slightly, on cybersecurity plan

After ducking questions this year from both Congress and the private sector about its National Cyber Security Initiative, the Department of Homeland Security finally revealed a little more on Monday.

Paul Schneider, deputy secretary for DHS, along with other senior federal officials, offered more information at a forum hosted by the Information Technology Association of America. Plans for the initiative include enhancing the current cyberintrusion detection system, working more closely with the private sector (a longstanding federal mantra), and focusing on foreign threats.

"Cybersecurity really is one of the top priorities of the Department of Homeland Security and the federal government," Schneider said at the event in Washington, D.C. He called the National Cyber Security Initiative "probably unprecedented in terms of the amount of coordination within the federal government and between the federal government and the private sector."

The DHS is upgrading its intrusion detection system, called Einstein, beyond its currently limited, reactive capabilities.

Federal officials discuss the National Cyber Security Initiative on Monday.

(Credit: Stephanie Condon/CNET Networks)

"We'll be deploying a much more aggressive system that will allow us to look for patterns of malicious code--to shut them down before they do real harm," Schneider said. (It was unclear exactly what Schneider meant. "Shutting down" a botnet conducting malicious activity would mean invading infected PCs around the world; or it could simply mean DHS reconfiguring its own network to ignore certain malicious activity.)

Robert Jamison, DHS undersecretary for national protection and programs, said the department is currently working closely with three different vendors to test "Einstein 2" in different environments. He declined to say which contractors the department is considering for the deploying the new system.

DHS has the lead responsibility to protect the federal civilian domains, which basically means anything with a .gov address, Schneider said. The DHS is also responsible for synchronizing efforts for all networks, including .gov and .mil.

One of Homeland Security's initial goals for the cyberinitiative is to create real-time, situational awareness across all federal domains, Schneider said. While all federal agencies currently maintain situational awareness of their own networks, there is no centralized hub for such information.

"We need to ensure government offices share information regarding malicious data," said Marie O'Neill Sciarrone, special assistant to the president and the Homeland Security Council's senior director for cybersecurity and information-sharing policy. "Intelligence is one of our best preventive tools."

The federal government also plans to limit the number of potential cyberattacks by eliminating many of the external points of access to the federal government networks; it has so far managed to reduce the number of access points from more than 8,000 to about 2,700 as of July, said Karen Evans, administrator of e-government and information technology for the Office of Management and Budget.

'Unprecedented bipartisan support'
While Congress has expressed its concern (PDF) to DHS over the direction of the cyberinitiative, Melissa Hathaway, senior adviser in the Office of the Director of National Intelligence, said there is "unprecedented bipartisan support" for the initiative.

Hathaway herself has appeared before Congress 151 times since last November, either to provide testimony or briefings regarding cybersecurity, she said. There will be more discussions on Capitol Hill this week on the topic, starting with a hearing before the House Homeland Security Committee on Wednesday called "Cybersecurity Recommendations for the Next Administration."

Hathaway said the initiative must remain a focus of the next administration.

Paul Schneider, deputy secretary for Homeland Security, says the plan will include a specific focus on cyberthreats from foreign governments.

(Credit: Stephanie Condon/CNET Networks)

"We have already briefed one of the (presidential) candidates and intend to brief the other candidate," she said.

Schneider said the transition from the current administration to the next should be seamless.

"The majority of the people running these programs will be running these programs on January 21," Schneider said. While "any administration can come in with new policies," he said the elements of the Cyber Security Initiative, like common situational awareness, "are foundation pieces of any cybersecurity strategy."

Schneider said the initiative must remain a priority because cyberthreats are "increasing in frequency, sophistication, and scope, whether it's criminal (activity), an extension of state power, espionage, or just plain, old, routine hacking."

One of the goals of the initiative, he said, is to "create a governmentwide cyberintelligence plan specifically focused on foreign state cyberthreats."

Schneider cited the conflict between Russia and Georgia, during which Georgia's networks faced denial-of-service attacks, as "perhaps the first instance of military actions containing a clear cyberelement."

Regardless of the source of threats, officials said the federal government will have to work closely with the private sector to ensure U.S. networks do not suffer because of its vulnerabilities in the global marketplace.

"We need to make sure the products we import are not seeded with malicious hardware or software," Schneider said. "This is a real concern--these products essentially function as Trojan horses."

The government plans to increase its information sharing with the private sector under the cyberinitiative via the National Infrastructure Protection Plan, which works across 18 sectors.

The DHS also plans to "build the next generation of our cybersecurity workforce," Schneider said, by committing resources to educating and training current employees, as well as recruiting new talent and encouraging rotation between the public and private sectors.

Schneider said privacy and civil liberty concerns are at the center of DHS efforts.

"This is not about sitting over the Internet and controlling what people see, nor is it about reading people's e-mails," he said. "We're talking about protecting the federal networks."

[n3td3v]

Georgia was a false flag cyber attack by U.S. to influence cyber security funding as the next administration is coming in.

[n3td3v]

I don't think the next administration needs to worry about cyber security, its not the threat you guys are ramping it up to be. The only real attack was by Gary Mckinnon and he just scanned your networks for blank passwords, hardly something that needs presidential attention, maybe just a decent network administrator.

[DawntheDoormat]

When Sen. Feinstein started asking in 2/06 which private citizens had spy cameras installed into their homes from White House political appointees? abusive control of NSA--in particular in bedrooms & areas where dressing is done, she should have asked who signed the illegal NSA contracts so blatantly breaching the U.S. Constitution?s 4th Amendment. The contracts were executed by the private security installer mentioned in the Dusty Foggo indictments. Political appointees Paul Schneider--NSA SAO & Stewart Baker--NSA Gen Counsel signed the illegal contracts.

As to who were the victims of the illegal cameras, it was the founders of companies refusing to let the ?orchestrators of 911? control them. My company (private) was told in 1/02 by an agent of the ?orchestrators? that everyone who needed to be bought in U.S. to make us accept the "planners" (crime gang controlling a non-democracy?created giant mess called 911 & made lots of dividend income as resolutions adopted) 100 % financing package, had been. This first financial offer extended 19 months.

Later, I declined ill-disguised buyout offers to benefit the planners of 911. We're inventors of the tech standard NIST calls "smart wallet" (world?s only next-gen ID & commerce credential). Tom Ridge was fired 3 days after we tried to become German; General Hayden's explanations for the firing applied to us. Baker/Schneider started at DHS to carry-on where Ridge left-off after President Bush fired Ridge--carrying-out the mission that 911?s planners paid Schneider and Baker to do.

One of dozens of reasons why the orchestrators of 911 want to control the smart wallet platform worldwide is because more than 50 % of the identity thefts from networked servers are done from a company?s servers owned by the planners of 911. Then they sell the stolen information for $ 50 per identity from more servers owned by the same company the orchestrators of 911 own. Smart cards already sold-out (have contracts with) to the orchestrators and never did have a solution to shutdown this networked identity theft. The smart wallet platform removes the financial incentive to steal networked identities, so on behalf of the orchestrators of 911 they needed Schneider to do his rounds between NSA and DHS to do whatever was necessary to shutdown the operations of the smart wallet inventor. Schneider is in actuality, the U.S. cyber security initiative?s worst enemy!!!

The spy cameras served another purpose in addition to originating from the minds of perverts, as applied to my being my company's investor of last resort. Remove the financier & the company?s only choice becomes to accept a 911 planner financial offer. Schneider/Baker/conspirators had the naked images of my body posted to the internet in 2/06 as revenge for a blog I posted to WP as DawnTheDoormat linking the illegal camera installation to the 911 planner nation. Schneider/co-conspirators then called my county Police Commissioner's office & they were ordered to arrest me on obscenity felony charges. The PC?s staff was family friends, told my father who then told me before the FBI could intervene. This last statement gives hint of Schneider/Baker's future fates.