Report: Government Has No Cyber Warning System

The report suggests the chasm between various agency operations centers might open the door to incoming threats.

A masked hacker, part of the Anonymous group, hacks the French presidential Elysee Palace website on January 20, 2012 near the eastern city of Lyon.
National Journal
Aliya Sternstein, Nextgov
Aliya Sternstein, NextGov
Nov. 5, 2013, 6:24 a.m.

The de­part­ments of Home­land Se­cur­ity and De­fense, in­clud­ing the Na­tion­al Se­cur­ity Agency, have no way of shar­ing cur­rent alerts about com­puter breaches with each oth­er or in­dustry, an in­spect­or gen­er­al memor­andum re­veals.

The prob­lem is not an in­ab­il­ity to doc­u­ment in­cid­ents, but, rather, an in­ab­il­ity to alert po­ten­tial vic­tims as the situ­ation un­folds and to provide in­struc­tions.

There is one sys­tem for cir­cu­lat­ing event re­ports, a sep­ar­ate one for cir­cu­lat­ing dir­ec­tions on how to re­spond, and no real-time sys­tem for join­ing the two, ac­cord­ing to an Oct. 24 DHS IG re­port re­leased this week.

The miss­ing tech­no­logy should be housed at the 24-hour Na­tion­al Cy­ber­se­cur­ity and Com­mu­nic­a­tions In­teg­ra­tion Cen­ter, a DHS or­gan­iz­a­tion that dis­trib­utes in­form­a­tion among ci­vil­ian agen­cies, the in­tel­li­gence com­munity, De­fense com­pon­ents and crit­ic­al in­fra­struc­ture sec­tors, such as the power in­dustry.

The re­port sug­gests the chasm between NC­CIC and vari­ous agency op­er­a­tions cen­ters might open the door to in­com­ing threats, such as ma­li­cious code tar­get­ing mil­it­ary sys­tems or oil and gas com­pan­ies.

“Ac­cord­ing to the NC­CIC dir­ect­or, there is no na­tion­al sys­tem or com­mon cy­ber tool cur­rently in place for the fed­er­al cy­ber cen­ters to share in­form­a­tion,” the re­port found.

Of­fi­cials at NC­CIC, pro­nounced “N-kick,” ac­know­ledged that a com­mon cy­ber sys­tem could al­low the sep­ar­ate cen­ters to ex­change “ac­tion­able in­form­a­tion,” elec­tron­ic­ally and on a real time basis, with key in­dus­tries to min­im­ize dam­age.

Right now, NC­CIC has a tick­et­ing sys­tem that doc­u­ments in­cid­ent de­tails, such as the time of the ab­nor­mal event, date it was re­por­ted, and phone con­ver­sa­tions about the situ­ation.

Mean­while, NC­CIC and the FBI have a sys­tem that dis­sem­in­ates bul­let­ins to com­pan­ies and agen­cies with in­struc­tions on pre­vent­ing de­struct­ive at­tacks and pro­tect­ing sens­it­ive data.

But the two sys­tems are not con­nec­ted.

“This tick­et­ing sys­tem does not link situ­ation­al aware­ness products (i.e., alerts and bul­let­ins) that have been is­sued and are as­so­ci­ated with a spe­cif­ic cy­ber in­cid­ent, threat or vul­ner­ab­il­ity,” the memo states.

An­oth­er dis­con­nect: “Fed­er­al cy­ber op­er­a­tions cen­ters of­ten share their in­form­a­tion with one an­oth­er. However, no single en­tity com­bines all in­form­a­tion avail­able from these cen­ters and oth­er sources to provide a con­tinu­ously up­dated, com­pre­hens­ive pic­ture of cy­ber threat and net­work status to provide in­dic­a­tions and warn­ing of im­min­ent in­cid­ents, and to sup­port a co­ordin­ated in­cid­ent re­sponse.”

NC­CIC does not pos­sess the tech­no­logy ne­ces­sary to broad­cast on­go­ing up­dates and avoid du­plic­ate com­mu­nic­a­tions, the in­spect­or gen­er­al re­por­ted.

As rem­ed­ies, IG of­fi­cials sug­ges­ted a know­ledge man­age­ment data­base, auto­mat­ic call­ing trees and a com­mu­nic­a­tions-track­ing sys­tem.

These tech­no­lo­gies will re­quire ad­di­tion­al fund­ing, Home­land Se­cur­ity of­fi­cials told in­spect­ors. Of­fi­cials plan to im­prove ex­ist­ing in­form­a­tion shar­ing tools and bring new cap­ab­il­it­ies on­line dur­ing the next four years, they said.

“Tech­no­lo­gies and pro­cesses to im­prove dis­cov­er­ab­il­ity and avail­ab­il­ity of data between and among the cy­ber op­er­a­tions cen­ters serve as a found­a­tion to the in­form­a­tion shar­ing cap­ab­il­ity sets. These cap­ab­il­it­ies, coupled with auto­mated ma­chine-to-ma­chine data trans­fer, will greatly im­prove the abil­ity to link data sets and im­prove situ­ation­al aware­ness,” Su­z­anne Spauld­ing, act­ing un­der­sec­ret­ary of the DHS Na­tion­al Pro­tec­tion and Pro­grams Dir­ect­or­ate, wrote in a Sept. 5 writ­ten re­sponse to a draft re­port.

More from Nex­t­Gov:

Obama Calls for IT Pro­cure­ment Re­form

FBI Seeks Video Re­cog­ni­tion Tech­no­logy to Auto­mat­ic­ally ID Sus­pects

FCC Eyes New Spec­trum for Wi-Fi-Type Ser­vice

What We're Following See More »
FIRST WOMAN NOMINATED BY MAJOR PARTY
Hillary Clinton Accepts the Democratic Nomination for President
3 hours ago
THE DETAILS

"It is with humility, determination, and boundless confidence in America’s promise that I accept your nomination for president," said Hillary Clinton in becoming the first woman to accept a nomination for president from a major party. Clinton gave a wide-ranging address, both criticizing Donald Trump and speaking of what she has done in the past and hopes to do in the future. "He's taken the Republican party a long way, from morning in America to midnight in America," Clinton said of Trump. However, most of her speech focused instead on the work she has done and the work she hopes to do as president. "I will be a president of Democrats, Republicans, and Independents. For the struggling, the striving, the successful," she said. "For those who vote for me and for those who don't. For all Americans together."

COUNTER-CHANTS AT THE READY
Protesters Make Good on Threat to Disrupt Speech
3 hours ago
THE LATEST

Supporters of Bernie Sanders promised to walk out, turn their backs, or disrupt Hillary Clinton's speech tonight, and they made good immediately, with an outburst almost as soon as Clinton began her speech. But her supporters, armed with a handy counter-chant cheat sheet distributed by the campaign, immediately began drowning them out with chants of "Hillary, Hillary!"

SUFFOLK POLL
New Survey Shows Clinton Up 9 in Pennsylvania
11 hours ago
THE LATEST

If a new poll is to be believed, Hillary Clinton has a big lead in the all-important swing state of Pennsylvania. A new Suffolk University survey shows her ahead of Donald Trump, 50%-41%. In a four-way race, she maintains her nine-point lead, 46%-37%. "Pennsylvania has voted Democratic in the past six presidential elections, going back to Bill Clinton’s first win in 1992. Yet it is a rust belt state that could be in play, as indicated by recent general-election polling showing a close race."

Source:
THREE NIGHTS RUNNING
Democrats Beat Republicans in Convention Ratings So Far
12 hours ago
THE DETAILS

Wednesday was the third night in a row that the Democratic convention enjoyed a ratings win over the Republican convention last week. Which might have prompted a fundraising email from Donald Trump exhorting supporters not to watch. "Unless you want to be lied to, belittled, and attacked for your beliefs, don't watch Hillary's DNC speech tonight," the email read. "Instead, help Donald Trump hold her accountable, call out her lies and fight back against her nasty attacks."

Source:
SHIFT FROM ROMNEY’S NUMBERS
Catholics, Highly Educated Moving Toward Dems
16 hours ago
THE LATEST

Catholics who attend mass at least weekly have increased their support of the Democratic nominee by 22 points, relative to 2012, when devout Catholics backed Mitt Romney. Meanwhile, a Morning Consult poll shows that those voters with advanced degrees prefer Hillary Clinton, 51%-34%. Which, we suppose, makes the ideal Clinton voter a Catholic with a PhD in divinity.

×