Report: Government Has No Cyber Warning System

The report suggests the chasm between various agency operations centers might open the door to incoming threats.

A masked hacker, part of the Anonymous group, hacks the French presidential Elysee Palace website on January 20, 2012 near the eastern city of Lyon.
National Journal
Aliya Sternstein, Nextgov
Add to Briefcase
Aliya Sternstein, NextGov
Nov. 5, 2013, 6:24 a.m.

The de­part­ments of Home­land Se­cur­ity and De­fense, in­clud­ing the Na­tion­al Se­cur­ity Agency, have no way of shar­ing cur­rent alerts about com­puter breaches with each oth­er or in­dustry, an in­spect­or gen­er­al memor­andum re­veals.

The prob­lem is not an in­ab­il­ity to doc­u­ment in­cid­ents, but, rather, an in­ab­il­ity to alert po­ten­tial vic­tims as the situ­ation un­folds and to provide in­struc­tions.

There is one sys­tem for cir­cu­lat­ing event re­ports, a sep­ar­ate one for cir­cu­lat­ing dir­ec­tions on how to re­spond, and no real-time sys­tem for join­ing the two, ac­cord­ing to an Oct. 24 DHS IG re­port re­leased this week.

The miss­ing tech­no­logy should be housed at the 24-hour Na­tion­al Cy­ber­se­cur­ity and Com­mu­nic­a­tions In­teg­ra­tion Cen­ter, a DHS or­gan­iz­a­tion that dis­trib­utes in­form­a­tion among ci­vil­ian agen­cies, the in­tel­li­gence com­munity, De­fense com­pon­ents and crit­ic­al in­fra­struc­ture sec­tors, such as the power in­dustry.

The re­port sug­gests the chasm between NC­CIC and vari­ous agency op­er­a­tions cen­ters might open the door to in­com­ing threats, such as ma­li­cious code tar­get­ing mil­it­ary sys­tems or oil and gas com­pan­ies.

“Ac­cord­ing to the NC­CIC dir­ect­or, there is no na­tion­al sys­tem or com­mon cy­ber tool cur­rently in place for the fed­er­al cy­ber cen­ters to share in­form­a­tion,” the re­port found.

Of­fi­cials at NC­CIC, pro­nounced “N-kick,” ac­know­ledged that a com­mon cy­ber sys­tem could al­low the sep­ar­ate cen­ters to ex­change “ac­tion­able in­form­a­tion,” elec­tron­ic­ally and on a real time basis, with key in­dus­tries to min­im­ize dam­age.

Right now, NC­CIC has a tick­et­ing sys­tem that doc­u­ments in­cid­ent de­tails, such as the time of the ab­nor­mal event, date it was re­por­ted, and phone con­ver­sa­tions about the situ­ation.

Mean­while, NC­CIC and the FBI have a sys­tem that dis­sem­in­ates bul­let­ins to com­pan­ies and agen­cies with in­struc­tions on pre­vent­ing de­struct­ive at­tacks and pro­tect­ing sens­it­ive data.

But the two sys­tems are not con­nec­ted.

“This tick­et­ing sys­tem does not link situ­ation­al aware­ness products (i.e., alerts and bul­let­ins) that have been is­sued and are as­so­ci­ated with a spe­cif­ic cy­ber in­cid­ent, threat or vul­ner­ab­il­ity,” the memo states.

An­oth­er dis­con­nect: “Fed­er­al cy­ber op­er­a­tions cen­ters of­ten share their in­form­a­tion with one an­oth­er. However, no single en­tity com­bines all in­form­a­tion avail­able from these cen­ters and oth­er sources to provide a con­tinu­ously up­dated, com­pre­hens­ive pic­ture of cy­ber threat and net­work status to provide in­dic­a­tions and warn­ing of im­min­ent in­cid­ents, and to sup­port a co­ordin­ated in­cid­ent re­sponse.”

NC­CIC does not pos­sess the tech­no­logy ne­ces­sary to broad­cast on­go­ing up­dates and avoid du­plic­ate com­mu­nic­a­tions, the in­spect­or gen­er­al re­por­ted.

As rem­ed­ies, IG of­fi­cials sug­ges­ted a know­ledge man­age­ment data­base, auto­mat­ic call­ing trees and a com­mu­nic­a­tions-track­ing sys­tem.

These tech­no­lo­gies will re­quire ad­di­tion­al fund­ing, Home­land Se­cur­ity of­fi­cials told in­spect­ors. Of­fi­cials plan to im­prove ex­ist­ing in­form­a­tion shar­ing tools and bring new cap­ab­il­it­ies on­line dur­ing the next four years, they said.

“Tech­no­lo­gies and pro­cesses to im­prove dis­cov­er­ab­il­ity and avail­ab­il­ity of data between and among the cy­ber op­er­a­tions cen­ters serve as a found­a­tion to the in­form­a­tion shar­ing cap­ab­il­ity sets. These cap­ab­il­it­ies, coupled with auto­mated ma­chine-to-ma­chine data trans­fer, will greatly im­prove the abil­ity to link data sets and im­prove situ­ation­al aware­ness,” Su­z­anne Spauld­ing, act­ing un­der­sec­ret­ary of the DHS Na­tion­al Pro­tec­tion and Pro­grams Dir­ect­or­ate, wrote in a Sept. 5 writ­ten re­sponse to a draft re­port.

More from Nex­t­Gov:

Obama Calls for IT Pro­cure­ment Re­form

FBI Seeks Video Re­cog­ni­tion Tech­no­logy to Auto­mat­ic­ally ID Sus­pects

FCC Eyes New Spec­trum for Wi-Fi-Type Ser­vice

What We're Following See More »
Morning Consult Poll: Clinton Decisively Won Debate
2 days ago

"According to a new POLITICO/Morning Consult poll, the first national post-debate survey, 43 percent of registered voters said the Democratic candidate won, compared with 26 percent who opted for the Republican Party’s standard bearer. Her 6-point lead over Trump among likely voters is unchanged from our previous survey: Clinton still leads Trump 42 percent to 36 percent in the race for the White House, with Libertarian nominee Gary Johnson taking 9 percent of the vote."

Trump Draws Laughs, Boos at Al Smith Dinner
3 days ago

After a lighthearted beginning, Donald Trump's appearance at the Al Smith charity dinner in New York "took a tough turn as the crowd repeatedly booed the GOP nominee for his sharp-edged jokes about his rival Hillary Clinton."

McMullin Leads in New Utah Poll
3 days ago

Evan McMul­lin came out on top in a Emer­son Col­lege poll of Utah with 31% of the vote. Donald Trump came in second with 27%, while Hillary Clin­ton took third with 24%. Gary John­son re­ceived 5% of the vote in the sur­vey.

Quinnipiac Has Clinton Up by 7
3 days ago

A new Quin­nipi­ac Uni­versity poll finds Hillary Clin­ton lead­ing Donald Trump by seven percentage points, 47%-40%. Trump’s “lead among men and white voters all but” van­ished from the uni­versity’s early Oc­to­ber poll. A new PPRI/Brook­ings sur­vey shows a much bigger lead, with Clinton up 51%-36%. And an IBD/TIPP poll leans the other way, showing a vir­tu­al dead heat, with Trump tak­ing 41% of the vote to Clin­ton’s 40% in a four-way match­up.

Trump: I’ll Accept the Results “If I Win”
3 days ago

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.