Trending
Should feds be concerned about the NSA hack?
21% of IT budgets are devoted to
security, a recent IDC survey found
The leak of a payload of zero-day exploits, allegedly lifted from a Nation- al Security Agency server, could pose problems for federal networks, but so far the government’s cybersecurity first responders have been quiet about the incident.
The Department of Homeland Secu- rity’s U.S. Computer Emergency Readi- ness Team has not raised an alarm. A DHS official told FCW that because exploits related to the disclosures have not been released, any threat is hypo- thetical, and it’s hard for experts to rec- ommend specific defenses at this point.
From a technical standpoint, the extent of vulnerability in government systems is unclear. Matthew Green, an assistant professor of computer science at Johns Hopkins University, said the good news is that most of the exploits are for out-of-date routers. He added that in theory, an upgrade path should have made the devices safe by now.
“I would hope that federal agencies — if they have any sense — are sys- tematically updating the software on all of their routers right now,” Green said. “That could be a pretty daunting
task, given how many of these devices there are.”
Cisco issued a security update advis- ing customers about updates to help defend against the exploits.
The Defense Department, which oversees NSA, could have an advan- tage when it comes to awareness of zero-day exploits. David Wennergren, a former deputy CIO at DOD, told FCW that “it would be naïve to think that the DOD CIO wasn’t aware of what NSA had access to and knowledge of.”
Wennergren, who is now senior vice president for technology at the Professional Services Council, added that there is regular information shar- ing between NSA’s Tailored Access Operations and DOD.
Outside the Pentagon, it’s another matter. He said it’s quite likely that other government agencies did not receive any warning about the vul- nerabilities.
The DHS-run Einstein system could offer some protection for federal civil- ian networks. Einstein uses threat sig- natures to detect and deflect intrusion attempts. Although some of those sig- natures are shared among public- and
private-sector cyber defenders, others are classified.
Jason Healey, a senior fellow at the Atlantic Council and a former mili- tary cyber operative, told FCW that it is possible that threat signatures for vulnerabilities maintained by the U.S. intelligence community are included in Einstein.
Even if NSA does not share such threat signatures with Einstein, those issued by Cisco could be added to the system, said Ann Barron-DiCamillo, former director of US-CERT and cur- rently CTO at Strategic Cyber Ventures. She said that behind the scenes, the National Security Council and others are working on responses for federal civilian agencies.
A senior Obama administration official declined to comment on the release of the exploits but said DHS released a binding operational directive in May 2015 in the wake of the Office of Personnel Management hack requir- ing agencies to remediate or mitigate known critical vulnerabilities within a specified time frame.
— Sean D. Carberry, Adam Mazmanian and Mark Rockwell
FCW CALENDAR
9/15 Digital government
Former GSA CIO Casey Coleman discusses the seven pillars
of digital government at this FCW and GCN event, which also features new research on the state of agencies’ digital efforts. Washington, D.C. fcw.com/digitalgovernment
10/4 Shared services
ACT-IAC, the Association of Government Accountants and the Shared Services Leadership
Coalition are co-hosting this full-day summit on the opportunities and challenges in implementing shared services. Washington, D.C. is.gd/FCW_sharedsvcs
10/13 GCN dig IT Awards
FCW’s sister publication showcases
transformative public-sector
IT projects in analytics, cloud, cybersecurity, mobile, unmanned systems and more. Plus: Meet FCW’s 2016 Rising Stars. Tysons Corner, Va. https://gcn.com/digit
September 15, 2016 FCW.COM 3