Security Hardware & IT Security Software - eWeek

Home

Security Hardware & IT Security Software

Cyber-Attacks Prompt Call for New Laws

Plan, Launch and Manage Your Data Centers More Efficiently

Turn Data into Results with Better Business Intelligence

Smarter Virtualization – Key Building Block for Dynamic Infrastructure


	Save Money and Improve Agility: Virtualize with Sun SPARC Enterprise M-Series Servers The Next Step in Virtualization: Moving Demanding Applications to Virtual Environments Powering Business Productivity with Dell OptiPlex Desktops See All Resources >

Security Hardware & IT Security Software

Cyber-Attacks Prompt Call for New Laws

Share
By: Roy Mark
2009-07-08
Article Rating:

/ 1

There are 0 user comments on this Security Hardware & IT Security Software story.

Rate This Article:

E-mail

PDF Version

The distributed denial of service attacks that swept through U.S. and South Korean government sites has a key cyber-security senator renewing his push for a reform of the Federal Information Security Management Act. The legislation would change the focus of U.S. cyber-security from compliance to detection and prevention.

The wave of distributed denial-of-service attacks that hit U.S. government Websites last week have prompted U.S. Sen. Tom Carper (D-Del.) to renew his call for legislation reforming the way federal agencies defend their sensitive information. Carper, chairman of the Senate Subcommittee on Federal Financial Management, Government Information, Federal Services and International Security, introduced a cyber-security reform bill in April.

The attacks began July 4 and crippled such sites as the Treasury Department, Secret Service, Federal Trade Commission and the Transportation Department. Some of the sites were still experiencing problems as late as July 7.

At the same time, sites of 11 South Korean organizations were targeted as well, leading to speculation of a possible coordinated nation-state sponsored attack. According to the South Korean National Intelligence Service, the attacks were apparently conducted by "a certain organization or state."

While speculation has centered on North Korea as the perpetrator of the attacks, South Korean computer security analysts claim they had pinpointed the attack as an updated version of the Russian MyDoom virus.

"We need to pass this legislation so our federal agencies can stop spending billions of taxpayers' dollars on wasteful paper compliance and instead invest in real security - the kind of security that prevents these types of attacks against the United States," Carper said in a July 8 statement. "We know that in most cases, cyber-criminals prey on insecure software and hardware, and my bill will provide incentives for the federal government to use its great purchasing power to demand private companies sell our agencies more secure products."

The Carper bill (S. 921) would reform the Federal Information Security Management Act of 2002 and empower federal cyber-security officers to focus their efforts on monitoring, detecting and preventing cyber-intrusions. Specifically, the legislation would increase the power of the Department of Homeland Security's US-CERT to take proactive actions before a cyber-attack penetrates government networks.

"Our nation comes under attack every day by hackers, cyber-criminals and even other countries. Our oversight has shown that, to date, agencies have not done what is necessary to ensure that sensitive information and critical infrastructure is secure," Carper said at an April hearing. "The technical capability and expertise is available if a terrorist group or country that wanted to do us harm wanted to use it. In fact, it can be easily bought and sold on the Internet."

During the 2008 presidential campaign, then-candidate Barack Obama compared cyber-security threats with other 21st century national security challenges such as biological and nuclear weapons. He said he would declare the country’s critical infrastructure a national asset and that he would appoint a cyber-adviser who would report directly to him.

On May 29, President Obama issued a Cyberspace Policy review after input from virtually every federal agency and security trade group, promising guidance over mandates. A vaguely defined and still unnamed cyber-czar, though now called a cyber-coordinator, will oversee Obama's cyber-security plan.

"Because of the critical importance of this work, I will personally select this official," Obama said of his cyber-security coordinator. "I'll depend on this official in all matters relating to cyber-security, and this official will have my full support and regular access to me as we confront these challenges. To ensure accountability in federal agencies, cyber-security will be designated as one of my key management priorities. Clear milestones and performances metrics will measure progress."

	Reader Comments: Cyber Attacks Prompt Call for New Laws
	>>> Be the FIRST to comment on this article!



	>>> More Security Hardware & IT Security Software Articles >>> More By Roy Mark

Email Article To Friend ♦ Print Version Of Article ♦ PDF Version Of Article

FEATURED SPONSORED MESSAGE

Hitachi announces IT Operations Analyzer software

Monitor and diagnoses issues in multivendor network environments.

Web-based interface, agent-less, multiple network views and automated root cause analysis help maximize network availability and reduce expenses. Good for businesses with 50-250 nodes.

Download free 30-day trial

Brought to You By

FEATURED SPONSORED MESSAGE

Should You Be Using “up.time”?

Easily Monitor Virtual, Physical, and Cloud based assets, applications and services from a unified Dashboard with up.time

Deep Monitoring across platforms and best-of-breed reporting. Over 700 enterprise customers in 32 countries

Free Trial Download Here (Virtual Appliance available)

Brought to You By

Sponsors

DCIG Report: Get Near Real Time Backup & Recovery.

up.time Easily Monitors Virtual/Physical/Cloud. Free Trial.

Build your Multitenant Cloud App today on LongJump.

New & Easier Data Center Innovation & Integration.

Let Progress Software help your business make progress.

Expand on Demand. AT&T Synaptic Storage as a Service.

Learn more about EnterpriseDB @ the Postgres Center

See why ShoreTel is named best overall VoIP provider

CDW Healthcare offers the IT solutions you need.

One number. One voicemail. Sprint Mobile Integration.

10 Reasons to Upgrade to Windows Server 2008 R2.

See the easy to manage ScanSnap Network iScanner

FREE Sophos Encryption Tool: Encrypt, compress and share files easily.

	eWEEK RSS FEEDS and NEWSLETTERS
	Get eWEEK news delivered to your desktop with RSS eWEEK Free Newsletters

Issue Index \| Contact Us \| About \| Advertise \| Magazine Customer Service \| Site Map
	Security: Enterprise Networking Network Security Infrastructure Security How To: Data IT Security News Security Watch Blog Secure Channel Blog Storage: Data Storage Cloud Storage Storage Virtualization Network Access Storage Storage Reviews Storage News How To: Storage Storage Station Blog Computing: Apple OSX Linux Systems Windows 7 Managed Print Services Computer Reviews Microsoft Watch Blog Apple Watch Blog Google Watch Blog Communications: Enterprise Mobility Zone VoIP Solutions Wireless Technology Messaging Software Web Services Wireless News Mobile Reviews Apps & Development: Application Development Enterprise Apps Search Engines Database Software Web 2.0 IT Project Management Emerging Tech Blog CIO Insight Blogs CIOs
	Vertical Markets: Federal Government IT Health Care IT Finance IT Mid-Market Channel and VARs Careers Blog Value Added Resellers More eWeek Links: Green Computing Center Tech Knowledge Center Tech Newsletters Tech RSS Feeds White Papers Tech Podcasts Tech Videos Magazine Subscriptions Enterprise Websites: ZDE Home eWeek Baseline Magazine Channel Insider CIO Insight eSeminars and Events Publish Online Web Buyers Guide Developer Websites: Microsoft DevSource Dev Shed DeveloperShed ASP Free SEO Chat Codewalkers Tutorialized Scripts.com Dev Mechanic Dev Articles Web Hosters Dev Hardware Technology Websites: Device Forge Desktop Linux Linux Devices Windows for Devices PDF Zone Linux Watch Windows Migration Smarter Technology Enterprise TechBrief
	Use of this site is governed by our Terms of Use and Privacy Policy Copyright ©1996-2010 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited. eWeek is your best source for the latest Technology News. ZDE Cluster 3 hosted by Hostway.

Cyber-Attacks Prompt Call for New Laws

Suggested Related Content: