http://www.lamonitor.com/articles/2005/08/25/headline_news/news03.txt ROGER SNODGRASS roger at lamonitor.com Monitor Assistant Editor August 26, 2005 On a $15 million a year budget, Los Alamos National Laboratory is waging a daily battle against a barrage of threats to its computer network. Alexander D. Kent, deputy group leader for the lab's network engineering group, said 25,000 computers processing about 850 gigabytes of data in 20 million legitimate sessions a day are facing a growing risk. A graph of Internet sessions between May and mid-August this year shows at least five million "malicious" sessions on slow days and 10-15 million during peaks. On weekends, when LANL activity slows, 90 percent or more of the computer activity appears to be malicious. Malicious activity could mean anything from a sophisticated hacker or terrorist or a foreign intelligence operative to unsophisticated pranksters and adolescent mischief. The lab protects itself with network firewalls for its public network and "air gaps" - compartmentalization - for its classified net. Passwords are cryptographically generated for one-time use. Cyber-defenders employ a "defense in depth" bulwark that includes educating each individual user, detecting and preventing intrusion, patching software quickly and setting unexpected traps and alarms, among many other techniques. An around-the-clock response team and close coordination with law enforcement and counter-intelligence organizations are also important parts of the job. Kent briefed members of the legislature Wednesday in a joint hearing of the Information Technology Oversight and LANL Oversight committees at Fuller Lodge. Rep. William Payne, R-Bernalillo, said he thought there was too much defense and not enough offense. "It would seem to me that some simple changes in federal laws could be made that would allow you to have an offense," he said. He suggested return messages that would place a small American flag on the offender's monitor with the message, 'You've been placed on the FBI website,' or a reverse worm that would destroy the hacker's computer. Rep. Janice E. Arnold-Jones, R-Bernalillo, compared the problem to the identity-theft epidemic and called for leveling the playing field. "They have to be right once; we have to be right all the time." she said. "If we catch a hacker, our laws have no teeth." The character of ordinary perpetrators is also changing, Kent told the state legislators. Five years ago, hackers were out to make a name for themselves. Now people are in it for the money "It's probably going to get worse before it gets better," Kent said. He compared the stunning advances in computer networking to the invention of the printing press. But, he added, the printing press not only powered a communication revolution, it also enabled forgeries. The problem is widespread and growing. The President's Information Technology Advisory Committee said in a report last year that information technology in the U.S. is "highly vulnerable" to attacks. "The data show that the total number of attacks - including viruses, worms, cyber fraud and insider attacks in corporations - is rising by over 20 percent annually, with many types of attacks doubling," the committee wrote. The study said more than 10 percent of PCs were infected by viruses monthly in 2003 and 92 percent of organizations reported virus disasters that year. A Government Accounting Office report released in May said government officials are increasingly concerned about computer attacks, which may rise to level of "acts of war." In a speech in Washington, D.C., on Aug. 9, FBI Director Robert Mueller put the issue in an international context: * In Australia, a two-way radio hacked into a sewage system computer system that released more than 250 million tons of raw sewage onto the grounds of a luxury resort hotel. * Hackers seized a gas pipeline in Russia for an entire day by infiltrating electronic control systems. * A Slammer worm computer virus blocked a nuclear power plant's computer network in Ohio, disrupting safety systems for more than five hours. Mueller said cybersecurity is hampered by organizations' refusal to acknowledge problems and work together. "Maintaining a code of silence will not benefit you or your company in the long run," he said. _________________________________________ Attend ToorCon Sept 16-18th, 2005 Convention Center San Diego, California www.toorcon.org
This archive was generated by hypermail 2.1.3 : Mon Aug 29 2005 - 11:32:25 PDT