U.S. Lax On Computer Threats, GAO Saysgreenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread |
U.S. Lax On Computer Threats, GAO SaysUpdated 6:14 PM ET October 3, 1999
By Jim Wolf
WASHINGTON (Reuters) - Computer networks used by government and business are increasingly at risk of severe disruption, and the federal government is not doing enough about the threat, congressional investigators said in a report to be made public Monday.
Security shortcomings jeopardize national defense, tax collection, law enforcement and air traffic control among other key operations, the non-partisan General Accounting Office said in a draft obtained by Reuters.
"At the federal level, these risks are not being adequately addressed," said the GAO, the investigative and audit arm of Congress. The report was prepared for Robert Bennett, the Utah Republican who heads the Senate Special Committee on the Year 2000 Technology Problem.
The number of security incidents handled by Carnegie Mellon University's CERT Coordination Center, a federally funded emergency response team, has risen from 1,334 in 1993 to 4,398 during the first half of this year, the report said.
Organized attacks such as one code-named "Solar Sunrise" on Defense Department computers in February 1998, and computer viruses such as "Melissa" early this year, highlight the government's susceptibility, the GAO said.
It cited "even greater concerns" of some experts about private-sector systems that control energy, telecommunications, financial services, transportation and other vital services.
"Few reports are publicly available about the effectiveness of controls over privately controlled systems," GAO said. It added that private entities were "understandably reluctant" to disclose vulnerabilities that might undercut customer confidence.
"Our nation's computer-based critical infrastructures are at increasing risk of severe disruption," it said, citing threats from hackers to terrorists to governments capable of computer-based "information warfare."
CYBER ATTACK VULNERABILITY
Concern about U.S. vulnerability to cyber attack led the Clinton administration to launch an initiative called Presidential Decision Directive 63 in May 1998. The directive instructed U.S. agencies to develop cyber protection plans and establish links with industry groups.
But the GAO said no strategy for improving federal information security had been articulated clearly yet, nor had risks been prioritized.
In the absence of a coordinated, government-wide plan, the U.S. response to the threat may be "unfocused, inefficient and ineffective," wrote Jeffrey Steinhoff, the acting assistant comptroller general.
He said the Year 2000 technology challenge could be viewed as a major test of U.S. ability to protect computer-supported critical infrastructures.
Worldwide, hundreds of billions of dollars are estimated to have been spent to avoid havoc on Jan. 1, when ill-prepared computers could misread the last two zeros of the date as 1900 and shut down. The U.S. private sector alone is estimated to have spent $50 billion to fix the so-called Y2K glitch, according to Federal Reserve Board Chairman Alan Greenspan.
======================================= End
Can anyone read between the lines here???????
Ray
-- Ray (ray@totacc.com), October 03, 1999
yup Ray, I can see it coming down, going to go spend $100 bucks on a wood burning stove I saw advertized at Tru- value.
-- sandy (rstyree@overland.net), October 03, 1999.