The United States government needs to collaborate with academia and businesses to fight cyber-attacks, the Secretary of Homeland Security Janet Napolitano said in a speech to engineering students at the University of California at Berkeley.
Napolitano outlined some of the cyber-security challenges the federal agency regularly faces while protecting the nation’s critical security infrastructure. Some of the more serious recent threats, she said, included the spread of the Stuxnet worm, the attacks on NASDAQ, the emails stolen from Epsilon and the data breach at RSA Security.
While it is the responsibility of the Department of Home Security (DHS) to protect critical infrastructure and cyber-space, “this is not something we can do by ourselves”, but requires a “full range of partners”, according to Napolitano. The “shared security” is only possible if other government agencies, the private sector and individual Internet users all became engaged in the fight, she said.
“Terrorist threats have not gone away… they have evolved,” Napolitano said.
Attacks are becoming increasingly more sophisticated and using “very novel” attack vectors, so it is important to be able to respond to a threat quickly. After the breach at RSA Security where SecurID information was stolen, the DHS worked with RSA, law enforcement authorities and the intelligence community to minimise the damage.
“We took our understanding of the tools, tradecraft and techniques used by these malicious actors and converted it into actionable information that all 18 critical infrastructure sectors could use,” Napolitano said.
The DHS has spearheaded the development of the first-ever National Cyber Incident Response Plan, which enables the agency to co-ordinate the response of multiple agencies, state and local governments, and the private sector in the event of a cyber-attack, Napolitano said.
While the US Science and Technology Directorate is also working on developing and deploying more secure Internet protocols to protect consumers and businesses online, the private sector needs to “redouble its efforts in the quality of products” it offers to fend off hacking, spamming, spoofing and the like, according to Napolitano.
In her speech, the DHS secretary also addressed the recently finalised “National Strategy for Trusted Identities in Cyberspace” report, an effort to create an identity ecosystem to protect online consumers from fraud. Instead of having usernames and passwords that are different for every Website, Napolitano said a better approach would be to rely on a single set of credentials that would be accepted across all Websites. “Dozens of companies could offer this,” she said.
Even though the cyber-security department at the DHS has “tripled” from 2009 to 2010, it’s not growing fast enough to keep up with the attackers. “We still need more people. We need a strong and innovative group to take on this incredible challenge that protections of cyber-space demand,” Napolitano said.
Napolitano cited recent statistics from Symantec that found cyber-attacks increased 93 percent in 2010, compared with 2009. “We’re dealing with multiple risks at the same time,” she said.
During the question and answer session with the students, Napolitano dodged a question about the infamous Internet kill switch that would allow the government to disconnect critical infrastructure from the Internet in an emergency. Napolitano said that Congress is likely to address the issue this year as part of its cyber-security legislation.
Napolitano has been making the rounds at major universities since the beginning of the year, including MIT and George Washington University, to talk about cyber-security and to encourage students to think about careers in the federal government.
“We need technologists who understand policymaking,” Napolitano said.
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
US Supreme Court says it will hear appeal of TikTok and parent ByteDance against ban…
Japanese start-up Space One destroys Kairos rocket for second time shortly after launch, as country…
World's biggest EV battery maker CATL aims to build 1,000 battery-swap stations next year, rising…
Facebook has 'severely restricted' news content from Palestinian outlets since October 2023 amidst bias concerns,…