Obama On Cybersecurity: We're Not That Prepared

(AP Photo/Ron Edmonds)

President Obama on Friday said the U.S. government is "not as prepared" as it should be to respond to disruptions caused by computer or Internet attacks and announced that a new cybersecurity coordinator position would be created inside the White House staff.

The still-to-be-named coordinator will oversee a new bureaucracy tasked with digital infrastructure protection, which had previously been handled by the Department of Homeland Security.

"We will ensure that these networks are secure, trustworthy and resilient," Mr. Obama said. "We will deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage."

---

Obama: My Campaign Was Hacked Last Year

---

Obama's announcement, which was expected, came as the president released the outcome of a 60-day review that sought to rethink how the federal government should address cybersecurity. Business groups had sought to raise cybersecurity's profile in the administration but remained wary about regulatory mandates from Washington; security hawks would prefer the new bureaucracy to have more authority over the private sector.

The final report represents a political compromise. It suggests "intrusion detection and prevention systems" and "warning of cyber intrusions and attacks," while stressing that collaboration with privacy groups and industry is vital. New laws compelling companies to share more information with the federal government about intrusions may be necessary, it says, but only "as a last resort."

During his remarks in the White House's East Room on Friday, Mr. Obama also seemed to seek a balance between warning of the dangers of terrorists or other miscreants using the Internet and saying the government will not go too far.

"Our pursuit of cybersecurity will not -- I repeat, will not include -- monitoring private sector networks or Internet traffic," he said.

The report also goes out of its way to recognize the civil liberties concerns that could arise by a greater focus on private networks: the word "privacy" appears at least 69 times in the document.

In a cybersecurity "crisis," the plan is for the coordinator to become the "White House action officer for cyber incident response." That's a similar role to the White House officials who help to monitor terrorist attacks or natural disasters. (The new coordinator's fiefdom will be shared between the National Economic Council and the National Security Council.)

While there has been some private grumbling that the new coordinator will not report directly to the president -- a prized symbol of access in Washington circles -- reaction to the administration's announcement was generally positive.

Senators John Rockefeller, D-W.Va., and Olympia Snowe, R-Maine, members of the Commerce and Intelligence committees, said in a statement that "no other president in American history has elevated this issue to that level and we thank (Obama) for his leadership."

The Center for Democracy and Technology said it "is evident that the report's authors listened to the concerns of privacy and civil liberties groups."

The origin of many of the Feds' cybersecurity headaches can be traced back to the process that led to the creation of the Department of Homeland Security nearly seven years ago. Politicians in Washington, D.C. decided to glue together a medley of federal agencies to create a massive bureaucracy that would, as one of its new goals, provide a better focus on cybersecurity.

"The department will gather and focus all our efforts to face the challenge of cyberterrorism," President Bush said when signing the 500-or-so-page bill into law in November 2002. "This department will be charged with encouraging research on new technologies that can detect these threats in time to prevent an attack."

Some tasks might benefit from centralization in one of the world's largest bureaucracies. But it soon became evident that cybersecurity was not one of them. By 2005, government auditors concluded that the department failed to live up to its cybersecurity responsibilities and may be "unprepared" for emergencies.

As recently as last fall, DHS Secretary Michael Chertoff said his agency needed to develop a plan to respond to a "cybercrisis."

That led some outside groups to argue that cybersecurity efforts should be taken over by the National Security Agency, which already is responsible for protecting government computers through its "information assurance" arm, or perhaps the White House staff.

Lending unusual spice to what would normally be a quiet, internecine power struggle was March's resignation of Rod Beckstrom, director of Homeland Security's National Cybersecurity Center. In his farewell letter, Beckstrom blasted what he said was an NSA power grab, saying the secretive military agency "effectively controls DHS cyber efforts through detailees, technology insertions."

The week before Beckstrom's resignation, Director of National Intelligence Admiral Dennis Blair suggested to a House committee that the NSA was ready for the job, saying "there are some wizards out there at Fort Meade." But a few weeks later, after a congressional hearing that was hardly enthusiastic about the idea, NSA director Keith Alexander denied his agency had any interest in the job.

In February, Mr. Obama ordered a 60-day review of the federal government's cybersecurity efforts, and appointed Hathaway -- who had worked for the director of national intelligence in the Bush administration -- to lead it.

In addition, the New York Times reported on Friday that the Pentagon is preparing a new military command for cyberspace that would operate in parallel with the civilian effort that Mr. Obama is expected to announce. He is "expected to sign a classified order in coming weeks that will create the military cybercommand" and recognize "that the United States already has a growing number of computer weapons in its arsenal and must prepare strategies for their use," the newspaper said.

[vinylogy]

Most of the American public is unaware that the original 1978 FISA law was modified in 2001, in 2007 and in 2008. Each time, the law gained, not lost powers. By now the public has no idea of what rights it may retain, nor how they continue to be abused. Posted by alphaa10000
________________________________________________

Obama was a bigtime supporter of FISA for that very reason! Thanks for pointing it out alph!!!!

[caligula1--2008]

All it takes is trying to install and run Vista Ultimate edition on OEM component hardware to learn that. It might be nice once you've tuned up the configuration, but the first time you don't update promptly (hence corporate update servers to insure that not everyone clogs the external pipes), your machine is pwn'd by some goofball in China who managed to sneak in while Windows Update was configuring itself to run (which can take quite awhile).

Hence all the Windows IT professionals making a series of "typical system restore disks" to restore the machines of whatever user got mauled, whereas MacOS can do that, OR, if you don't want to bother with that, boot every machine on the network from a single network boot source that contains the optimal code for all machines, relegating the local hard drive to cache and scratch storage and further putting barriers between your corporate firewall and your data.

Then again, Obama still uses his Crackberry, even if its been "enhanced" by the Treasury Department, and that "Windows friendly" device might just some day be his undoing if he passes too close to someone with the tools to get into its network interfaces..

Not that there's anything sensitive from a national security standpoint allowed on the thing anyway. Whereas the Treasury Department may be obliging, the department of defense only wants national security information computers they designed using software they wrote whose network protocols are so obscure that the fact that they're classified is just adding another layer on the cake.

Want cyber security in the United States? Cut all Windows versions prior to WinXP SP3 and all versions of Mac OS X 10.3 off at the first router who can figure out. Of course, that isn't practical, so maybe what we need is a national standard for OS writers and hardware OEM's for basic system security. e.g. can be compromised only if the user is VERY stupid.

Like OS X, but built even a bit MORE paranoid by default. (OS X ships with its firewall DOWN).

[BC Kelly]

stuart2570 says ...

"I have never witnessed such sheer stupidity amongst a group of people."

------------------------------------------


Stuart, apparently you weren't in Germany in the 1930s

;-)

[Wookiee-1138]

Getting some nasty bags under the eyes there, Chief.

Keep up the good work, and don't let stress grind you down.

[stryker54]

Tell the world where we are weak and they will take advantage. Good work BO, so now that you said you won't monitor citizens actvitiy on the net, ARE WE REALLY EXPECTED TO BELIEVE THAT? oh yes your good old liberal sheep do. Open your eyes folks he's taking away your freedoms. All he ever had in mind. This man shouldn't be a dog catcher, let alone the pres. and my the way folks I have been a dem for over 40 years, just not to this jackal.

[lorinkundert]

Don't believe that fairy tale, it is just another attempt by the government to further destroy our rights, In China the have posters of Obama and Che Gueverra sid by side, makes you wonder what Obama has in common with that Socialist murderer.

[bluegrass101-2009]

The end of the Repiglican Party is now in sight!!! Our Prayers have been answered. Even GOD despises Repig's.

[bluegrass101-2009]

President Obama's Poll Approval at 65% average----- Repiglicans 20% ==========Repig's are Completely Irrelevant!! LOL LOL

[dfnj2009]

WHAT OBAMA REALLY MEANS - Give up all your freedoms we are now going to control the internet.
***********************************************************

It's been 4 whole months and Obama hasn't taken your guns away. Maybe Rush is wrong after all!

[dfnj2009]

I think JOBS are more important than this story.