Government Vulnerable to Cyberattacks

Federal organizations are bloated and slow, starving and ineffective. They are extremely vulnerable to attack, staffed by weary workers who'd rather be anywhere - doing anything - else. As details emerge about cyberattacks against several federal agencies last year, politicians are admitting that the government isn't prepared to fend off intrusions from cyberspies.

Members of a U.S. House of Representatives cybersecurity subcommittee went so far as to suggest that many computer systems aren't properly secured, and might still contain backdoors that allow cyberspies to reenter the system at will.

Cyberspies and Microsoft Office

The problem with Microsoft products and security (or the lack thereof) is nothing new to most of us. We're well acquainted with the fact that because Microsoft is such a widely used operating system, hackers like to use its weaknesses. They exploit the weaknesses and infect thousands of computers a year with everything from annoying little viruses that are easily removed to much more frustrating backdoors that allow the hacker into your computer without you ever knowing it.

Apparently, the federal government isn't as quick on the uptake.

In early 2006, security experts like those at MessageLabs detected one or two attacks on government agencies using Microsoft Office products once or twice a week. In March of 2007, MessageLabs intercepted no less than 716 individual emails carrying infected Office files. These files contain backdoors that are installed when a government employee opens a corrupted file, relinquishing control of the computer without the user ever realizing it. The infected computer can then be used as a base from which the attacker can roam the agency's entire network.

Who is attacking our federal government? According to MessageLabs, most of the emails have come from Taiwan and China. "The bad guys know which organizations have data worth stealing and are picking them out one by one," Alex Shipp, senior technologist at MessageLabs, reported to USA Today.

The assaults coming from China and other countries are part of a hunt for military, trade and infrastructure intelligence, according to Alan Paller, research director at The SANS Institute, a security think tank. The goal is a simple one: have an advantage over the U.S. "The attacks are working," says Paller. "Penetrations are deep and broad."

While Microsoft continues being slow to do anything about security holes in their programs and system, cyber criminals are getting smarter and smarter, and foreign governments are happily employing these cyberspies to pilfer data from their rivals.

Cyberspies a Real Threat

No matter where you look for news on the topic, there's a government agency claiming to be the hardest hit or the most vulnerable. The Department of Defense, for example, has reported more than 3 million daily scans of the Global Information Grid, the Defense Department's main network artery ... and that the United States and China are the top two countries performing those scans.

"China has downloaded 10 to 20 terabytes of data from the NIPRNet (DOD's Non-Classified IP Router Network)," said Maj. Gen. William Lord, director of information, services and integration in the Air Force's Office of Warfighting Integration and Chief Information Officer, during the recent Air Force IT Conference in Montgomery, Alabama. "They're looking for your identity so they can get into the network as you," said Lord, adding that Chinese hackers had yet to penetrate DOD's secret, classified network. "There is a nation-state threat by the Chinese."

Addressing the cybersecurity threat has required the Department of Defense to play both sides of the field, taking on both offensive and defensive roles. Pentagon officials have acknowledged that the DOD is developing the ability to deny attackers the use of their own computers when attacking U.S. computer networks.

Technology has become such an important means of intelligence that in August 2001, U.S. Customs officers arrested 2 men who were trying to export military encryption technology to China. Four months earlier, Chinese hackers had defaced dozens of U.S. military websites following the collision of a U.S. surveillance plane and a Chinese fighter plane.

John Hamre, president and chief executive officer of the Center for Strategic and International Studies, said "I continue to believe that cyberthreats will overwhelmingly be from competent national state security elements, and that intelligence is the higher goal, not disruption."

Many of the government's top intelligence officials are calling for the U.S. to think more about long-term trends. While our resources are being spread thin fighting a war overseas, China and several other countries have shifted their dependence away from the United States to countries like Malaysia and South Korea. In turn, our own dependance on China has grown.

Not only does the federal government need to realize that it is irrevocably tied up in computer security, but as a nation the U.S. needs to become more self-reliant again. Threats take on many forms, and it is a fool who overlooks them simply because they come in a form that isn't widely understood yet.