DHS chief says feds need help to defend Internet against cyberattacks

April 9, 2008 (Computerworld) SAN FRANCISCO — Cyberattacks directed against critical infrastructure targets pose one of the greatest threats to national security in the post-9/11 era, U.S. Department of Homeland Security (DHS) Secretary Michael Chertoff said here Tuesday. And according to Chertoff, the responsibility for defending systems and networks against online threats rests as much with the private sector as it does with the federal government.

Five years after the DHS was created to help defend the U.S. against terrorists, the country remains vulnerable to electronic attacks from adversaries ranging from malicious individuals to nation-states looking to wreak the same kind of havoc on networks as the attacks on Sept. 11, 2001, did in New York and Washington, Chertoff said in a keynote speech at the RSA Conference 2008.

"There is no question that one of the threats that continues to materialize again and again is the threat to our virtual world of cyberspace," Chertoff said. And even though that "is a world where we are not likely to see airplanes crashing into buildings," the consequences of cyberattacks can be just as devastating from an economic standpoint, he said.

People's growing dependence on the Internet and its interconnectedness ensures that any large-scale attack against the Net will have a "cascading effect" across the U.S. and around the world, warned Chertoff, who created a position of assistant secretary for cybersecurity and communications at the DHS during a reorganization in 2005. And earlier this year, he appointed a technology entrepreneur to head a new National Cyber Security Center that will coordinate cybersecurity efforts across the federal government.

But defending cyberspace is different from protecting buildings and other physical targets, Chertoff said. The federal government doesn't own the Internet or much of the technical infrastructure on which it runs, he noted. As a result, he declared, it's the shared responsibility of the government and the private sector to guard against cyberattacks.

"We're operating in a domain where traditional military power or the power of government is insufficient to address the full nature of the threat," Chertoff said. "We need to have a networked response to deal with a networked attack."

Chertoff also discussed the government's Cyber Initiative, a program aimed at boosting cybersecurity within federal agencies that was mandated by President Bush in a classified directive issued in January. The directive called on multiple agencies, including the National Security Agency, the U.S. Computer Emergency Readiness Team and the White House Office of Management and Budget, to work together to improve the security of federal systems.

As part of the Cyber Initiative, federal agencies are working to reduce their exposure to Internet-based threats by cutting the number of external network connections across the government to no more than 50, Chertoff said. At a congressional hearing held in February, federal officials said that at last count, the various agencies had a total of more than 4,000 external access points.

The government will also use a new certification and accreditation process to try to ensure that all federal systems meet certain baseline security controls, Chertoff said in his speech. In addition, the Cyber Initiative will focus on improving response times to security breaches within agencies, said Chertoff, who described the cybersecurity effort as "a reverse Manhattan Project" — a reference to the development of the atomic bomb during World War II.

Another facet of the Cyber Initiative is an upgrade of a network monitoring tool called Einstein, in order to enable it to detect security incidents more quickly. At the congressional hearing in February, Robert Jamison, undersecretary of the National Protection and Programs Directorate within the DHS, said that the current version of Einstein used by some agencies doesn't provide the real-time threat-detection capabilities that are needed to thwart attacks. Ideally, the goal is to use Einstein as an early warning system, Chertoff said in his speech at the RSA conference.

Thus far, about $115 million has been budgeted for the Cyber Initiative, according to Chertoff. He said that the DHS is seeking an additional $192 million in the government's 2009 fiscal year to help fund the security effort.

Robert McMillan of the IDG News Service contributed to this story.