U.S. To Plug Holes In Cyber Defenses
The Pentagon is about to roll out an expanded effort to safeguard its contractors from hackers and is building a virtual firing range in cyberspace to test new technologies, according to officials familiar with the plans, as a recent wave of cyber attacks boosts concerns about U.S. vulnerability to digital warfare.
The twin efforts show how President Barack Obama's administration is racing on multiple fronts to plug the holes in U.S. cyber defenses.
Notwithstanding the military's efforts, however, the overall gap appears to be widening, as adversaries and criminals move faster than government and corporations, and technologies such as mobile applications for smart phones proliferate more rapidly than policymakers can respond, officials and analysts said.
A Reuters examination of American cyber readiness produced the following findings:
- Spin-offs of the malicious code dubbed "agent.btz" used to attack the military's U.S. Central Command in 2008 are still roiling U.S. networks today. People inside and outside the U.S. government strongly suspect Russia was behind the attack, which was the most significant known breach of military networks.
- There are serious questions about the security of "cloud computing," even as the U.S. government prepares to embrace that technology in a big way for its cost savings.
- The U.S. electrical grid and other critical nodes are still vulnerable to cyber attack, 13 years after then-President Bill Clinton declared that protecting critical infrastructure was a national priority.
- While some progress has been made in coordinating among government agencies with different missions, and across the public-private sector gap, much remains to be done.
- Government officials say one of the things they fear most is a so-called "zero-day attack," exploiting a vulnerability unknown to the software developer until the strike hits.
That's the technique that was used by the Stuxnet worm that snarled Iran's enriched uranium-producing centrifuges last summer, and which many experts say may have been created by the United States or Israel. A mere 12 months later, would-be hackers can readily find digital tool kits for building Stuxnet-like weapons on the Internet, according to a private-sector expert who requested anonymity.