A good day to try hard
A day filled with simultaneous network problems across multiple industries illustrates the complexity of the problem faced by cyber warriors, according to DHS Secretary Jeh Johnson.
Homeland Security Secretary Jeh Johnson dismissed the notion that the United Airlines, New York Stock Exchange and Wall Street Journal network problems were related.
Three simultaneous -- and potentially alarming -- computer and network glitches at the Wall Street Journal, United Airlines and the New York Stock Exchange probably aren't related, Homeland Security Secretary Jeh Johnson said in a speech while the problems were still being addressed July 8. But they illustrate the increasingly complex world of cyber threats his department deals with.
In a presentation at the Center for Strategic and International Studies in Washington, Johnson said he had spoken to officials from all three organizations about the problems.
The New York Stock Exchange and the United Airlines outages weren't the result of "nefarious activity," said Johnson. He said DHS was less sure about the outage at the Wall Street Journal, however.
Those threats, he said, show the environment that DHS is working in to protect .gov networks and help private industry and public networks to become less vulnerable to being hacked or attacked.
"Cybersecurity is a top priority" at DHS, he said. "It's my personal mission to significantly enhance" his agency's role in providing it.
DHS's Einstein and Continuous Diagnostics and Mitigation programs, he said, are moving ahead as planned, but he added Congress needs to write stronger cybersecurity legislation to bolster his department's efforts.
The Einstein 1 and 2 programs now protect all federal civilian traffic routed through a secure Internet gateway, he said. Einstein 3 Accelerated, or EA3, that resides with the Internet service providers serving the federal government and identify and block known malicious traffic, is being deployed.
In December 2014, E3A protected 237,414 federal personnel; that figure is now over 931,000, or approximately 45 percent of the federal civilian government, Johnson said. "I have directed that DHS make E3A fully available to all federal departments and agencies, and have challenged us to make aspects of E3A available to all federal civilian departments and agencies by the end of 2015," he said.
Since its introduction, according to Johnson, E3A has blocked more than 550,000 requests to access potentially malicious websites.
The department's CDM deployment is divided into three phases. The first phase, being deployed by DHS currently, checks to ensure that all computers and software on agency networks are secure. The second phase will monitor users on agencies’ networks and ensure they are not engaging in unauthorized activity. The third phase will assess activity happening inside agencies’ networks to identify anomalies and alert security personnel.
"To date, we have made the first phase of CDM available to eight agencies, covering over 50 percent of the federal civilian government," he said. Johnson said he expects DHS to make phase one available to 97 percent of the federal civilian workforce by the end of fiscal 2015. "I am also requesting authorization from Congress to provide additional funding to speed up CDM phase two," he said.
He welcomed congressional efforts to draw up bipartisan cybersecurity legislation, but noted he needs three things from it. First, he said, it should formally authorize the Einstein program, which would eliminate any remaining legal obstacles to its deployment. Some agencies' lawyers, he said, sometimes balk at providing network traffic to DHS under the program. "It's a problem," he said.
Second, legislation would have to provide liability protection to private companies that share cyber-threat information with DHS.
"Third, we need a national data breach reporting system, in lieu of the existing patchwork of state laws on the subject, and enhanced criminal penalties for cybercrime," he said.