by Yochi J. Dreazen
The U.S. government is struggling to keep pace with the growing number of
attacks on its computer networks, potentially leaving key military and civilian
systems vulnerable to overseas hackers, senior U.S. officials said Tuesday.
At several hearings on Capitol Hill, officials from each branch of the armed
forces said the nation's cyber defenses were being challenged like never before
by sophisticated, well-organized efforts to disrupt important systems and steal
classified information.
"Threats in cyberspace move at the speed of light, and we are literally under
attack every day as our networks are constantly probed and our adversaries
seek to exploit vulnerabilities," Lt. Gen. William Shelton, the Air force's chief
information officer, told a House Armed Services Committee panel.
The Pentagon's top information security official, Robert Lentz, said the
Defense Department detected 360 million attempts to penetrate its networks
last year, up from six million in 2006.
Then Pentagon recently disclosed that it had spend $100 million in the past six
months repairing damage from cyber attacks.
The officials declined to specify the source of the attacks, but top military
and civilian officials believe that most of the hacking attempts originate in Rus-
sia and China, which have been pouring resources into cyber espionage in recent
years.
Then hearings come amid growing evidence that sophisticated overseas
hackers are regularly penetrating important U.S. networks. The Wall Street
Journal has reported that overseas hackers breached both the nation's elec-
tricity grid and the Pentagon's biggest weapons program, the $300 billion Joint
Strike Fighter.
Still, officials warned Tuesday that federal systems remain vulnerable to at-
tack. Gregory Wilshusen, director of information security for the Government
Accountability Office, said most "federal system are not sufficiently protected to
consistently thwart cyber threats."
Lax cyber security at the Los Alamos National Lab, for example, put unclas-
sified nuclear data to risk of theft or compromise. The GAO found that, in
2008, 23 of 24 major agencies surveyed didn't have adequate computer security
protections in place.
Lawmakers at a House Energy and Commerce Committee hearing com-
pared the government's inability to protect networks and acquisitions pro-
grams to the lapses that led to the fall of Rome.
That theme continued in the House Armed Services Committee. "The Joint
Strike Fighter program highlights a vulnerability that currently exists," said
Rep. Jeff Miller, R.-Fla.Robert Carey, the Navy's chief information officer, said
defense contractors needed to do more to protect their systems from overseas
hackers. He said the attempts to steal information were "advanced, persistent,
sophisticated, always changing and well-resourced."
Gen. Alexander called for a "partnership" between the government and the
private sector. He acknowledged potential obstacles, including the difficulty of
giving private companies access to classified intelligence on specific cyber at-
tacks and possible corporate reluctance to spend the money necessary to better
protect its networks.
Many civil-liberties groups and companies are wary about giving the
government broad access to commercial systems and networks. Pending legisla-
tion would establish federal standards for key elements of private industry.
Gen. Alexander said the government was training a new generation of com-
puter network experts. In April, Defense Secretary Robert Gates said the Penta-
gon aims to quadruple the number of such staffers over time.
Still, Gen. Alexander cautioned that the current cybersecurity training efforts
for military personnel, civilian officials and contractors were "inadequate" and
"must be improved."
potentially 潛在地;可能地
vulnerable 易受責難的;有弱點的;難防守的
armed 武裝的,裝甲的
sophisticated 富有經驗的;精通的
disrupt 使分裂,使瓦解
classified 【美】(文件的)機密的
threat 威脅,恐嚇
literally 實在地,不加誇張地
literal 如實的,不誇張的; 字母的
constantly 不斷地;時常地
constant 固定的,不變的
probe 刺探;探索;徹底調查
adversary 敵手;敵人
exploit 利用
vulnerability 易受責難;弱點
panel 壁板;鏡板, 專門小組
penetrate (情報人員的)滲透
disclose 揭發;透露;公開
decline 婉拒;謝絕
specify 具體指定;詳細指明;明確說明
espionage 諜報;間諜活動,刺探
amid 在...之間;在...之中
breach (對法律等的)破壞,違反;(對他人權利的)侵害
accountability 負有責任;應作解釋;可說明性
sufficiently 足夠地,充分地
consistently 一貫地;固守地
consistent 始終如一的,前後一致的
thwart 反對,阻撓;使受挫折;挫敗
theft 偷竊,盜竊
compromise 妥協,和解
survey 測量,勘測,測繪
adequate 足夠的, 尚可的
inability 無能;無力;不能
acquisition 獲得,取得
lapse (時間的)流逝,間隔
persistent 持續的,持久的
obstacle 障礙(物);妨礙
intelligence 情報;情報工作;情報機關
reluctance 不情願;勉強
wary 謹防的;惟恐的
legislation 制定法律,立法
establish 建立;設立;創辦
quadruple 四倍的
personnel (總稱)人員,員工
inadequate 不充分的;不適當的
- May 11 Mon 2009 15:11
U.S. Cyber Infrastructure Vulnerable to Attacks
close
全站熱搜
留言列表