http://www.nextgov.com/nextgov/ng_20090421_4305.php By Jill R. Aitoro Nextgov.com 04/21/2009 A breach of computer networks that contractors use to support a major weapons program provides the latest argument for why government should enforce stricter cybersecurity requirements for companies that do business with federal agencies, said former security professionals. Hackers downloaded data about the Joint Strike Fighter, a multibillion-dollar high-tech fighter jet, known as the F-35, the Defense Department is building, by exploiting vulnerabilities in the computer networks that contractors use to design and build the aircraft's weapon systems, according to a Wall Street Journal article. While the potential impact of the breach is unknown, the most sensitive material was stored on computers not connected to the Internet and could not be accessed, WSJ reported. "This shows how interconnected our government and industry systems are," said Gregory Garcia, who served as assistant secretary of cybersecurity and telecommunications at the Homeland Security Department during the Bush administration and now runs the information security consulting firm Garcia Strategies. "DHS and DoD have been trying to get contractors and other major companies to find common standards of practice to protect networks from these sophisticated breaches. There needs to be a new-order requirement on companies doing business with the federal government." Government should develop similar standards for securing the global supply chain from malicious software and hardware implants that send stolen information to cyber spies who have access to federal networks, he said. [...] -- LayerOne 2009, Information Security for the discerning professional. May 23-24 2009 @ The Anaheim Marriott in Anaheim, California Visit http://layerone.info for more informationReceived on Wed Apr 22 2009 - 23:24:37 PDT
This archive was generated by hypermail 2.2.0 : Wed Apr 22 2009 - 23:39:17 PDT