Subscribe to the Free Print Edition!
Celebrating 25 Years

GCN Home > March 6, 2000 issue

Agencies face a range of new challenges in protecting their systems against attack

By Richard W. Walker
GCN Staff



The year 2000 date code repair effort is over, and everybody’s riding high. All went well. All those long hours paid off. The systems were fixed and there were no major glitches. Congressman Horn is off your back. You’re feeling pretty good.

Now here’s a reality check, delivered by Don Hagerling, the Treasury Department’s security wonk: “Our infrastructures are wide open to attack. Because we’re so heavily dependent on them, we’ve essentially painted a bull’s-eye around them.”

The United States, unlike most countries, is almost entirely dependent on automated systems, said Hagerling, program manager for information security at Treasury.

“We’ve gone the extra mile in automating our systems,” he said. “Because of our relative affluence, we’ve integrated automation more into our lifestyle. For example, virtually all of the traffic lights in any major city are part of a networked distribution system. In most of the rest of the world, traffic lights just run on timers.”

The recent wave of denial-of-service attacks on big commercial Web sites, including those of Yahoo Inc., Amazon.com Inc. and e-Bay Inc., sent a shudder through the federal government.

Where to look for more information
This list of government and organization Web sites can help you keep current with security developments.

www.cert.org—the Computer Emergency Response Team Coordination Center

www.fedcirc.com—the Federal Incident Response Capability

www.fbi.gov/nipc/index.htm—the National Infrastructure Protection Center

www.infosyssec.org/infosyssec/index.html —Infosyssec, the Security Portal for Information Systems Security Professionals, started by students at Algonquin College

www.kumite.com/myths—the site run by Barn Owl Software focuses on myths surounding computer viruses

www.sans.org—the SANS Institute

www.symantec.com/avcenter—Symantec Corp.’s AntiVirus Research Center Department

www.usdoj.gov/criminal/cybercrime—the Justice Computer Department Crime and Intellectual Property Section


“The federal government is a huge target and, just like with the private sector, the bigger and tougher the challenge it is to get into, the more fun it is for the hackers,” said a security advocate on the Hill.

To some extent, computer security is viewed as the new year 2000 problem, presenting technical and management challenges that will require a similar, coordinated response across the government to get the job done.



GCN Popup