Security threats Toolkit

Congress critical of Homeland Security's tech efforts

Tags:
Security,
Cybersecurity,
Department Of Homeland Security,
Cyberattack

Anne Broache CNET News

Published: 14 Sep 2006 08:55 BST

…of the February exercise, which involved more than 100 public and private agencies, associations and corporations from more than 60 locations across five countries.

Among the challenges experienced during the exercise, according to the report, are an insufficient number of "technical experts" on board to "fully leverage the large volume of incident information that was being provided"; difficulty working out who to call within organisations to seek help during crises; and a lack of a rapid means to assess and prioritise — or "triage" — cyberincidents.

Terrorist cyberattacks?
After commemorations of the fifth anniversary of the 9/11 attacks earlier this week, some members at the morning hearing seemed particularly alarmed by the spectre of terrorist-driven cyberincidents.

"Certainly cyberterrorism is something that is likely to be in al-Qaida's playbook, and we should be vigilant against such threats," said Representative Edward Markey, a Massachusetts Democrat who serves as co-chairman of the panel.

"Some people probably think they're exempt from the impact of the Internet, but you'd almost have to live in a cave to be truly unaffected," added Texas Republican Joe Barton, who serves as chairman of the influential House Energy and Commerce Committee. A widespread disruption on that front, he quipped, "is exactly the outcome envisioned by a man who does live in a cave: Osama bin Laden".

That theme continued in the afternoon hearing, convened by a House panel on intelligence, information-sharing and terrorism risk assessment.

"If we are not successful in our information-sharing efforts, then we are not going to be successful in connecting the dots to protect our people and our nation from the possibility of additional attacks," said Connecticut Republican Rob Simmons, the panel's chairman. The focus of concern was a June 2006 report from the department's Inspector General's Office that found the agency's information-sharing network was not performing as intended.

The Department of Homeland Security's Assistant Inspector General Frank Deffer outlined a number of those flaws. They included an overly rushed schedule for rolling out and expanding the system after DHS inherited control of it in 2003; inadequate training and guidance for users on how to use it; general mistrust for the secrecy of information shared through the portals; and lack of availability of real-time information about situations.

During the 2005 London Underground bombings, for instance, "users were able to get better information faster by calling personal contacts at law-enforcement agencies with connections to the Metropolitan Police than by using the system," Deffer said. As a result, the system has very few active users, he said.

"Taxpayers really should be outraged by what's happened here," Representative Zoe Lofgren, a California Democrat, said of the $50m undertaking. "The programme is not only a model of haste and waste, but it's a missed opportunity to do things right."