Forwarded from: Bob <bobat_private> Long, long ago, I noticed that institutions, public or private, rarely ever prepare for a disaster until after being clobbered by one. So what's new? Bob Adams http://www.globaldisaster.org Government Not Ready for Cyberattacks June 26, 2002 Internet News http://www.internetnews.com/ent-news/print.php/1377081 The U.S. government is due for a "major" cyberattack within the next 12 months and is unprepared to counter the threat, according to report released Tuesday evening by the Business Software Alliance (BSA). This time, it isn't the relatively uninformed opinion of the general public indicating worry over the security of government information, as a December 2001 poll revealed, but IT professionals in the business world -- the individuals who protect sensitive information on a daily basis. The poll was conducted after Congress issued a failing grade to federal computer security efforts in November 2001. Tuesday's "BSA Cyber Security Survey" found that more than half of those polled think the likelihood of a major attack is likely within the next year. The survey polled corporate IT managers around the country for their views on the readiness of government networks, the results of which show businesses have little faith in U.S. preparedness. According to Robert Holleyman, BSA president and chief executive officer, the threat has, if anything, grown since the events of 9/11. He called on President George W. Bush and his Administration to seek help from the business world for help securing government intranets and Internet sites. "It is critical that the Bush Administration and Congress move quickly on their commitments both financial and philosophical to secure this nation and its critical infrastructure," he said. "And as an industry that is developing the systems necessary to secure our country's complex information networks from terrorists and other attackers, we stand ready to help them follow through on those commitments to secure the resources and develop policies that promote a safe and legal online world." Ipsos Public Affairs, a Parisian subsidiary of Ipsos Research, conducted the survey of 395 IT professionals earlier this month, in a variety of business sectors. The results show, among other things, that 85 percent of respondents think the government should devote as much or more time than they did on the Y2K "crisis," where fears were ultimately proved unwarranted. Other results show: By a margin of 10-to-one, IT managers are more likely to say government security measures are "not at all" adequate than extremely adequate. 72 percent of respondents felt there was a gap between the government's preparedness and the threat of cyberattack. 96 percent feel the government should deploy some form of encryption to sensitive data so information is protected even in the event of a break-in. U.S. networks have been the recipients of a number of highly-publicized network breaches this year. A couple of teenage hackers calling themselves the "Deceptive Duo" made it their mission in life to break into military Web servers and publish the information contained within the databases. Before getting apprehended by the Federal Bureau of Investigations after only several weeks on the job, PimpShiz and The Rev had hacked into more than a dozen military, government and financial Web servers. In the case of the U.S. Navy, the pair broke into a supposedly secure server, published the contents of a database, helped military IT staff repair the breach, and then broke into another Navy server two weeks later. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jun 28 2002 - 04:13:09 PDT