Defense Department Pretty Much Incompetent In Dealing With Online Threats
from the but-of-course dept
Last year, we noted that there was something of an internal executive branch fight over who had the mandate to deal with so-called "cybersecurity" threats: the Defense Department (mainly the NSA) or Homeland Security. Neither group is ideal, obviously, but the Defense Department's claims were definitely much more ridiculous, in that it seemed like the entire point of asking for control over online security was to grant the NSA more spying powers. In fact, we found it somewhat hilarious that the DoD seemed to think that one of its best qualifications for managing digital security issues was its own incompetence in dealing with massive security breaches. Yes, the logic was basically "we had crappy security, so we know that online threats are real." Yeah.Now, as a bunch of folks have been pointing out, the GAO has put out a brutal report, explaining just how incredibly incompetent the Pentagon has been in both understanding and dealing with any kind of online threats. The full report (pdf) is pretty direct in suggestion that the DoD has known about problems for ages, but has only just started addressing the problems -- and the report says it's too early to tell if they've had any real impact at all.
While we've long said that the risk of "cyberwar" is blown way out of proportion, that doesn't mean that there aren't many attempts to breach government digital security. Tragically, this report suggests that the DoD is woefully unprepared to deal with the issues, and is only just now trying to catch up (potentially from a position well behind any adversaries.).
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cybersecurity, defense department, nsa
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Bullshytt
[ link to this | view in chronology ]
Re: Bullshytt
There is a difference between fending off "cyberwarriors" in the ongoing "cyberwar" and the simple fact that they might have a shiny happy "cyberwar" room to work out of and the rest of their systems are happily mailing spam out as part of a botnet.
They have thrown lots of money at people who promise them they have the solution, and we get no good results... so we throw more money on the old problem and ignore the new ones.
Maybe step 1 in securing their network, should be looking at all of the .mil and .gov emails that were registered on porn.com and eliminate those peoples use of computers because they can not be bright enough to have used a different password on each site they encounter.
Oh and while you decry this as BS... don't forget the guy who blew the whistle on NSA wasting tons of money on a crappy product, and then they tried to ruin him for daring to point out they had screwed up.
[ link to this | view in chronology ]
Re: Bullshytt
But, you know, TERRORISM! CYBERWAR! MORAL PANIC!
[ link to this | view in chronology ]
Re: Bullshytt
[ link to this | view in chronology ]
Re: Bullshytt
[ link to this | view in chronology ]
Can't throw $ at problems
[ link to this | view in chronology ]
Couldn't Agree More...
However, if the US Gov't WERE so competent in their cyberspace dealings (in a Hollywood imagined reality) there would NOT have been a Bradley Manning in the first place and Wikileaks would have been Wiki-tightened before anything got out in a hot ASSange minute. The MafiAAs aren't even that good either so I guess I'll stick to free-tarding it.
And that's about all I have to say on those matters other than I also would not work at any of the aforementioned organizations since their leadership are either old-school military technophobes still trying to figure it out or DHS/FBI gumshoe detectives that can't follow the law as correctly as they should as is evidenced by all the techdirt articles and the incestuous relationship they have with Big Business, Big Pharma, Big Entertainment, and the MafiAAs.
[ link to this | view in chronology ]
Despite some claims for the contrary.
Security could be improve there is no doubt about it, but total security is just a pipe dream.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
I'm worried that we're spending billions on Windows licenses while other countries use a free OS and learn more about computers in the process. Meanwhile our solders are being lead into battle by Clippy.
[ link to this | view in chronology ]
Re:
So it looks like your trying to invade a country, would you like to -
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
if you mean the concept of government in general this statement is flat out wrong. Human nature ensures that any anarchy will, in relatively short order, default into small scale organised governments. if you're Lucky that means a city state with a good setup. far more likely it means warlords. in the latter case if you're Lucky, again, you end up with at least some leaders who consider more than their own enrichment and power to be important and they don't get completely owned, and you end up with a feudal system. if you're unlucky you end up with someone less pleasant on top and get some combination of authoritarian dictatorship on a conquering spree, assassination and civil war.
or you just get invaded by a neighbour who does still have a functional government. either way.
[ link to this | view in chronology ]
Re:
Sure, if you like the idea of a sharecropper lifestyle, without widespread education and unlimited poisoning of the environment. Because that's what would be left.
And if you had any money left over to invest, you probably wouldn't want to invest in any company in which you didn't have inside info. Because otherwise you'd probably get wiped out by those who did have that info.
And the very idea of a retirement? Nope; work until you're physically unable, then hope your kids will take care of you.
Not saying the government ain't got flaws (far from it), but let's be realistic, ok?
And the really sad thing about this article is that if the GAO were to analyze DHS, they'd find it just as incompetent as DoD (maybe more so).
[ link to this | view in chronology ]
Hmm
I agree that most of the cyberwarfare hyperbole is unwarranted. However, you've written about your interest in the Stuxnet story. Wouldn't you classify that incident as a cyberwarfare attack, and isn't that the prototype attack of the future that we should begin to seriously contemplate? That is: an attack conducted via computer code that causes damage in real life?
[ link to this | view in chronology ]
Re: Hmm
[ link to this | view in chronology ]
BS is right
I cannot believe we pay someone so much money to write and read this drivel.
I am a security pro. I would not want to deal with this type of BS, so who's going to actually do the work?
I don't care what equipment or personel is trained on it, as long as this is what we throw money at all you end up with is experts at using the buraeucracy.
US Gov Sucks.
[ link to this | view in chronology ]