Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats

Homeland Security secretary Michael Chertoff says federal government and industry need to do more

SAN FRANCISCO -- RSA Conference 2008 -- Michael Chertoff, secretary of the U.S. Department of Homeland Security, is a long way from feeling secure.

In a keynote address and press conference yesterday here, Chertoff discussed the threats faced by government and business, the progress of federal cyber security efforts, and the state of current security technology. And he believes a lot more work needs to be done on all of those fronts.

"What we saw in Estonia last year proves that a single individual can do the same amount of damage that could only be done previously by dropping bombs," Chertoff said. "The threat of cyber attacks is only going to grow more serious as time passes."

There is a real danger that foreign governments, small groups, or even individuals may attempt to harm American infrastructure, not only by attacking government sites as was done in Estonia, but by stealing information or launching denial of service attacks on the country's bedrock institutions, Chertoff said.

"These are the sorts of attacks that could shake global trust in our core systems, such as financial or banking systems," he said. "What if an attacker broke into our air traffic control system, and manipulated it so that we couldn't trust the data we were seeing there? We might have to ground all flights."

Available warning systems, typified by US-CERT, may no longer be sufficient in an era of rapidly-evolving attacks, Chertoff said. "What we need is a quantum leap in detecting and preventing these attacks," he said. "A game-changer."

In January, the federal government introduced the National Cyber Security Initiative, which includes an early warning system for federal systems nicknamed Einstein. But Einstein has been "limited in its effectiveness," partly because it relies primarily on analysis of anomalies that have already occurred, and partly because there are too many possible entry points to monitor.

"We need to reduce the number of access points to federal systems so that there is a finite number of entryways," he said. While there are uncounted ways to access federal systems today via the Internet, the federal government would like to reduce the number of those access points to about 50, he said.

There is real money behind the effort to build out an early warning system and improve federal cyber security, Chertoff noted. The cyber security budget at DHS alone was approximately $115 million, and will increase to $192 million next year. Other agencies will also be increasing their cyber security efforts, he observed, although he conceded that federal agencies have been "uneven" in their approaches to the IT security problem.

"The President has directed that this [cyber security initiative] take place," Chertoff noted. "We've put real money into the process, and we've asked for more. It's going to be hard, but that doesn't mean don't do it."

One of the tricky parts about building a federal cyber security effort is learning to make longer-term investments, Chertoff said. "We tend to be biased in favor of present gain, rather than future loss," he observed. "The largest problem we face in government is that we tend to focus on present, rather than future benefits."

In addition to building up security on government systems, the federal government hopes to work with industry to develop early warning systems and defenses, and even share in the effort to protect consumers, Chertoff said. (See video.)

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...