Home » Data Protection » Malware/Cybercrime

Opinion

Obama Must Move on Cybersecurity Coordinator

Massive attacks have savaged government websites in recent days, making it all the more important for President Obama to name the new White House cybersecurity coordinator, CSO Senior Editor Bill Brenner says.

By Bill Brenner, Senior Editor

July 08, 2009 — CSO —

It's been more than a month since President Obama announced an aggressive plan to defend the Internet with a new cybersecurity coordinator directing the battle from the West Wing of The White House. At the time, I wrote that Obama was moving in the right direction. Since then, much has happened.

Most notably, as my colleague Robert McMillan has reported, a botnet of about 50,000 infected computers has been waging a war against U.S. government websites and causing headaches for businesses in the U.S. and South Korea.

"The attack started Saturday, and security experts have credited it with knocking the U.S. Federal Trade Commission's (FTC's) Web site offline for parts of Monday and Tuesday. Several other government Web sites have also been targeted, including the U.S. Department of Transportation (DOT)," McMillan wrote, offering this quote from an unnamed DOT spokeswoman: "The DOT has been experiencing network incidents since this past weekend. We are working with the U.S. Computer Emergency Readiness Team [US-CERT] at this time."

Meanwhile, a South Korean researcher investigating the attacks has uncovered a sizable hit list of sites in and out of government, including some high-profile targets in the banking sector.

We all want Obama to be as thorough as possible in selecting a new cybersecurity coordinator. In recent years, we've seen cybersecurity czars come and go, often leaving in frustration over the rusty gears of progress at the Department of Homeland Security (DHS), where they were based. [See also: DHS and Cybersecurity: Yes, No, Maybe So?]

We want a person in the White House who is in it for the long haul -- someone who will command the respect of the National Security Council, Congress and the private sector. That no doubt requires a rigorous vetting process.

It's also a pretty sure bet that people have been approached about the job and declined.

But in the final analysis, we're running out of time.

Malware continues on its relentless march. Kaspersky Lab, for example, says the Koobface worm is infecting machines at an astounding rate, and security researchers continue to lose sleep over the number of systems infected with the Conficker malware.

Meantime, attackers continue to go after vulnerable Microsoft programs. For the second time in six weeks, for example, Microsoft has had to confirm attacks exploiting an unpatched bug in DirectX, this time by attacking Internet Explorer (IE).

There's simply too much going on for the position to remain vacant any longer. The more time passes, the more the bad guys are going to think the push launched from the White House East Room in June was nothing more than another dog-and-pony show with no muscle attached.

1 2 »

President Obama

RESOURCE CENTER

buy a link »

E-GUIDE

Log Management in a Cyber World

With so many potential cyber villains poking around the gates, enterprises must have strong protections and pristine visibility into what's happening on the network. Explore the increasing importance of log management as cybercrime and other malicious threats grow.

» Read this eGuide

WHITE PAPER

Comparing Research in Motion and Microsoft Mobile Solutions

Organizations must look carefully at the requirements of mobile devices and accompanying middleware that can increase cost, complexity and administrative overhead. This white paper provides an independent analysis and detailed comparison of RIM and Microsoft's mobile solution.