Create an Account
username: password:
 
  MemeStreams Logo

RE: WSJ | Bush Looks to Beef Up Protection Against Cyberattacks

search


RE: WSJ | Bush Looks to Beef Up Protection Against Cyberattacks
by noteworthy at 7:35 am EST, Jan 29, 2008

Rattle quoted WSJ:

President Bush has promised a frugal budget proposal next month, but one big-ticket item is stirring controversy: an estimated $6 billion to build a secretive system protecting U.S. communication networks from attacks by terrorists, spies and hackers.

Decius wrote:

Now, if they wish to extend this monitoring to include the greater Internet, then perhaps I do have a problem. But there is no need. The ISPs ought to be doing that, and not the Government. The Government need not control the IPS systems that protect American consumers. They need only provide tax incentives such that those IPS systems are finally deployed, as they should have been years ago.

DNI certainly intends to include the greater Internet. They seem willing to start off with the government systems. But McConnell also said that "95% of the problem lies with the private sector." The implication with this entire initiative is that the private sector isn't competent to handle this on its own, but the government is. One wonders about both halves of that view.

All of these Internet access points are already monitored. This is mostly a centralization of control, along with deployment of additional systems. The $6 billion here likely saves money elsewhere. The matter of evasion is a general problem that will continue to produce techniques and counter techniques, but I've got 1.3 billion dollars that says IPS is not an utter waste of time, as you seem to imply.

Please step away from the $6B -- the correct figure is 30 billion USD over seven years. You are just quoting the first year's expenditures.

I am aware of the publication dates on the papers I cited, and the intent was only to point to the general problem, not to make a specific claim about a specific product. I did not mean to imply that IPS is "an utter waste of time", only that a federally operated, highly centralized operation was not scalable and in any case would be duplicated by the customers who take their industrial security seriously. Nevertheless (at risk of being considered provocative) I can see why a vendor would salivate at the prospect of such a windfall, especially if, as a market leader, they would expect to win the competition for such services. How much better to sell 30B in systems and services at one fell swoop, instead of going about all onesy-twosy for years on end!

I refuse to believe that access points are already being "monitored" to the level envisioned by this proposal. If that were the case, this proposal would be moot. The problem is not so much about the installation of IPS sensors; that is straightforward enough. I can believe that the sensors are already in place. At Internet scale you may be able to spot roving packs of ruffians making messes of things, and you could shut them down / turn them off. But if they can do this, why do we still see million-strong botnets attacking with impunity?

Global-scale monitoring centers are not going to spot sophisticated spies using zero-day attacks to engage in highly targeted industrial espionage against lone machines. They will not detect attacks by trusted insiders, because there is no Internet traffic to be monitored.

There is an end-to-end argument to be made here. Your average consumer might be helped, but I can't imagine Citibank leaving it to the gratis "monitoring" services of their myriad ISPs around the world to protect their infrastructure.

RE: WSJ | Bush Looks to Beef Up Protection Against Cyberattacks


 
 
Powered By Industrial Memetics