The Most Important Building Projects for the United States
Harden our Network Infrastructure against Cyber Attacks
Our country's most critical systems, both private and public, are networked and vulnerable to cyber attack by an increasingly sophisticated array of malware, The next Administration must dedicate sufficient money to fund a serious, dedicated, time-critical effort to research, design, and implement a solution.
Replies to This Discussion
-
Permalink Reply by Stephen Baker on -
I think this is a great idea. Who would do this work? Would these be Darpa-style grants to leading research universities? Any idea how long it would take, how many jobs it would create, how much it would cost?
-
Permalink Reply by Jeffrey Carr on
-
Stephen Baker said:I think this is a great idea. Who would do this work? Would these be Darpa-style grants to leading research universities? Any idea how long it would take, how many jobs it would create, how much it would cost?
My recommendation would be to keep DARPA and other cumbersome federal programs out of it. Let the new national CTO create a private sector fund similar to In-Q-Tel that operates like Y-Combinator (fast and lean) in terms of how it evaluates proposals. I know from experience that there are a lot of experts working in the private sector who would love to get engaged in this effort once the framework has been created to recruit the talent and fund the work.
-
Permalink Reply by Stephen Baker on
-
Here's a post, with interviews, about this subject on TechCrunch. It features an interview on Charlie Rose with Gen. Kevin P. Chilton commander of U.S. Strategic Command. Here's testimony from Sami Saydjari, CEO of Cyber Defense LLC. cybersecurity testimony.pdf
-
-
Absolutely this is the model that we should encourage. It's also the model that I used to gather a group of volunteer cyber experts within and without the Intelligence Community to diagnose the Russian/Georgia cyber war last August. Here's some background on that effort: http://voices.washingtonpost.com/securityfix/2008/10/report_russian...
Stephen Baker said:Here's a post, with interviews, about this subject on TechCrunch. It features an interview on Charlie Rose with Gen. Kevin P. Chilton commander of U.S. Strategic Command. Here's testimony from Sami Saydjari, CEO of Cyber Defense LLC. cybersecurity testimony.pdf
-
Permalink Reply by Stephen Baker on
-
I interviewed Sami Saydjari yesterday. When I get into work this a.m. I'll post the interview. Needless to say, he thinks this effort to bolster our cyber defenses is crucial--and should be a top priority for the Obama team.
-
-
Looking forward to reading the interview, Stephen. Our report is getting some high level circulation as well so we're hoping that the Obama administration will support a reinvigorated and more expansive effort in the Cyber arena right out of the gate. The public version is here if you'd like to read it: http://www.scribd.com/doc/6967393/Project-Grey-Goose-Phase-I-Report
From a data analysis point of view, the team that I organized combines Social Network analysis of the Russian hacker community with Server-level data analysis of the attacks. This is how we're able to find connections that have otherwise gone undetected. It's a model that I believe can be expanded upon - the results of which could inform our leadership about who's doing what, where, and how. Without that information in hand, it's hard to build a secure network or devise an effective Cyber strategy.
Stephen Baker said:I interviewed Sami Saydjari yesterday. When I get into work this a.m. I'll post the interview. Needless to say, he thinks this effort to bolster our cyber defenses is crucial--and should be a top priority for the Obama team.
-
Permalink Reply by Stephen Baker on
-
Here are some highlights from a Cisco report on Internet security:
-- The overall number of disclosed vulnerabilities grew by 11.5 percent
over 2007.
-- Vulnerabilities in virtualization technology nearly tripled from 35 to
103 year over year.
-- Attacks are becoming increasingly blended, cross-vector and targeted.
-- Cisco researchers saw a 90 percent growth in threats originating from
legitimate domains, nearly double what was seen in 2007.
-- The volume of malware successfully propagated via e-mail attachments
is declining. Over the past two years (2007-2008), the number of attachment-
based attacks decreased by 50 percent from the previous two years (2005-
2006).
-
-
Thanks, Steve. There's definitely no shortage of reports in this area. I hope they make a difference in the way of policy in 2009.
Stephen Baker said:Here are some highlights from a Cisco report on Internet security:
-- The overall number of disclosed vulnerabilities grew by 11.5 percent
over 2007.
-- Vulnerabilities in virtualization technology nearly tripled from 35 to
103 year over year.
-- Attacks are becoming increasingly blended, cross-vector and targeted.
-- Cisco researchers saw a 90 percent growth in threats originating from
legitimate domains, nearly double what was seen in 2007.
-- The volume of malware successfully propagated via e-mail attachments
is declining. Over the past two years (2007-2008), the number of attachment-
based attacks decreased by 50 percent from the previous two years (2005-
2006).
-
-
Speaking of security reports, here's the latest from Verisign (public report not available):
2009 Predictions and Long-Term Disruptors include:
-- Critical Infrastructure, notably the Supervisory Control and Data Acquisition systems (SCADA) that operate them, will likely see increased attacks in 2009. SCADA systems are used to deliver such services as electrical power transmission, oil and gas pipelines, large communications systems, and water treatment and distribution -- The current global financial crisis will provide unprecedented opportunities for cyber criminals or spies to exploit the turmoil caused by the crisis and the resulting institutional mergers, acquisitions, and collapses -- The FastFlux infrastructure, which uses computers compromised by botnets to maintain dispersed and untainted IP space for criminal ventures such as phishing, will likely see increased use. This will make current phishing takedown measures less effective and will require security professionals and institutions, which are often the targets of phishing attacks, to come up with new defense measures -- Cyber Warfare has gone from a purely theoretical tool to a technically practical, common component of most political arguments. VeriSign iDefense believes organizations or groups aligned with Russia will perpetrate the majority of these attacks -- Middle Eastern cyber cartels will likely increase online fraud operations to support their agendas.
Jeffrey Carr said:Thanks, Steve. There's definitely no shortage of reports in this area. I hope they make a difference in the way of policy in 2009.
Stephen Baker said:Here are some highlights from a Cisco report on Internet security:
-- The overall number of disclosed vulnerabilities grew by 11.5 percent
over 2007.
-- Vulnerabilities in virtualization technology nearly tripled from 35 to
103 year over year.
-- Attacks are becoming increasingly blended, cross-vector and targeted.
-- Cisco researchers saw a 90 percent growth in threats originating from
legitimate domains, nearly double what was seen in 2007.
-- The volume of malware successfully propagated via e-mail attachments
is declining. Over the past two years (2007-2008), the number of attachment-
based attacks decreased by 50 percent from the previous two years (2005-
2006).
-
Permalink Reply by Susan Kuhn Frost on
-
This is critical infrastructure spending that needs to be a high priority across the Federal government and in private industry. I hope there are massive investments in this regard. A disruptive attack while the economy is in disarray could produce not only catastrophic economic damage (e.g., electrical or transportation infrastructure disruption) but also create great fear (and loss of confidence) among Americans that further hinders economic recovery.
-
Permalink Reply by Merredith on
-
Don't discount DARPA and similar agencies so quickly -- in some cases they have already engaged the public/private model, and we may be able to learn from them. For these types of projects, they often work with labs like SRI and PARC. SRI International alone employs thousands of scientists, who developed everything from the world's first real-time English/Iraqi-Arabic translator, to sophisticated mobile mesh, cybernetwork and AI solutions (see the link).
But I digress. Where I see a humongous hole is an area that has already been well-tread by Mr. Baker. If we are going to invest in initiatives like digitizing medical records, we need to secure ourselves beyond the obvious threats of malware and hackers. While those are malevolent threats that on a large scale deserve national attention, the cloud itself -- as detailed in the Numerati -- holds increasingly personal information. If you want Americans to regain confidence across the entire system, invest in developing ways to give them more control over their lives in the cloud without hurting business interests. Look at companies like Wesabe.com, similar to Mynt -- except that its interests are aligned with your interests -- they can't decrypt your data without you. O'Reilly Radar has had some interesting talks on the subject http://radar.oreilly.com/2008/11/web-meets-world-privacy-and-th.html
-
-
I definitely think there's a place for DARPA, IARPA, and various SBIR/STTR programs in many areas. One area that they are not well-suited for, however, is in agile development and implementation of cyber defense strategies. This is not because of a lack of talent, but simply due to their slow-moving bureaucracies.
I agree on the value of the Cloud. Security and SLAs are still challenges to be overcome, of course, as you probably have read but that's definitely the future of personal and enterprise computing in my opinion.
Merredith said:Don't discount DARPA and similar agencies so quickly -- in some cases they have already engaged the public/private model, and we may be able to learn from them. For these types of projects, they often work with labs like SRI and PARC. SRI International alone employs thousands of scientists, who developed everything from the world's first real-time English/Iraqi-Arabic translator, to sophisticated mobile mesh, cybernetwork and AI solutions (see the link).
But I digress. Where I see a humongous hole is an area that has already been well-tread by Mr. Baker. If we are going to invest in initiatives like digitizing medical records, we need to secure ourselves beyond the obvious threats of malware and hackers. While those are malevolent threats that on a large scale deserve national attention, the cloud itself -- as detailed in the Numerati -- holds increasingly personal information. If you want Americans to regain confidence across the entire system, invest in developing ways to give them more control over their lives in the cloud without hurting business interests. Look at companies like Wesabe.com, similar to Mynt -- except that its interests are aligned with your interests -- they can't decrypt your data without you. O'Reilly Radar has had some interesting talks on the subject http://radar.oreilly.com/2008/11/web-meets-world-privacy-and-th.html
About
© 2009 Created by Stephen Baker on Ning. Create a Ning Network!
