U.S. Strategic Command (USSTRATCOM) is responsible for the defense for all military network communications used by the Air Force, Navy, Army and Marines. With operations around the world, it is one of the largest networks (voice and data) to monitor and defend against attack. US STRATCOM mission statement says it all;

    The Department of Homeland Security is detecting new patterns of cyberattacks from foreign adversaries -- some targeted at particular agencies and others aimed at the entire U.S. government -- due to to special-purpose intrusion-detection systems that will be widely deployed in federal networks during 2010.

     Only a handful of agencies -- including DHS, the Department of Agriculture, the State Department and the Department of Interior -- have network traffic flowing through the IDSs, which are called Einstein 2.

     The U.S. Computer Emergency Readiness Team (US-CERT) is monitoring the IDSs as well as the Einstein 1 appliances, which collect router net flow data from all federal agencies and the carriers that support them.

    Einstein 2 "has been very enlightening?to see what intrusion sets they are actually seeing and how certain ones target particular departments and particular agencies and others you can see every place we are currently operational " says Nicole Dean, deputy director of the National Cybersecurity Division of DHS.

     Deployment of Einstein 2 is going hand-and-hand with the federal Trusted Internet Connections (TIC) Initiative, an ongoing effort to secure the external Internet connections operated by federal agencies. (See "U.S. Internet security plan revamped.")

     Together, the Einstein program and the TIC Initiative are designed to bolster the ability of federal agencies to detect and respond to a rising tide of cyberattacks.

     Einstein 2 has been deployed by nine federal agencies that plan to operate their own TIC-compliant Internet access points as well as three carriers: AT&T, Qwest and Sprint. Verizon is in the midst of deploying Einstein 2, Dean says.

     All U.S. federal agencies and carriers that will operate TIC-compliant Internet access points are scheduled to deploy Einstein 2 by year-end.

     Dean says DHS is detecting between 100 and 10,000 cyberattacks aimed at each federal agency per week through the Einstein appliances.

     Einstein 2 "is allowing us to monitor intrusion sets that weren't previously being monitored and to make that information available through the US-CERT of what's actually occurring and what various types of intrusion sets are active that we may not have been aware of before," Dean says..

    The Einstein 2 systems are not using commercially available intrusion-detection signatures.

     "Our signatures are highly specialized and are developed with information that US-CERT analysts have gleaned from very particular attacks being sent through our foreign adversaries," Dean says. "We've partnered with the Defense Department?and we've developed signatures based on information we've shared with them."

     Einstein 2 is a passive network data collection system that doesn't operate in real time.

     "As traffic comes into a department or agency, a mirrored copy is sent to Einstein 2, and Einstein 2 has the signature sets loaded into it and some of that traffic would fire a signature that sends an alert to the US-CERT analyst. Once the signature is fired, then US-CERT will work with the department to deal with the attack," Dean says.

     Einstein 2 isn't detecting new cyberattacks; instead it's showing patterns of known malicious activity.

   "Every time one of those signature sets shows, we work with the department or agency to clean up that machine and remove it from their network so it can be re-imaged and brought back online in a non-infected state," Dean says.

     Next on the DHS' cybersecurity agenda is the deployment of Einstein 3, which will add intrusion-prevention capabilities to federal networks.

     With Einstein 3, federal agencies will have near real-time defense against cyberattacks including distributed denial-of-service attacks, which are on the rise.

     "Einstein is a spiral development program," Dean says. "That means we will keep adding new capabilities."

     Dean recommends that all network operators deploy security capabilities similar to Einstein 2.

     Industry "needs to be doing something very similar to what we're doing for the .gov environment," Dean says. "They need to be monitoring their traffic and then looking at the trending data. The trending data is very eye opening. From that, you can tell if your current defenses are working or not. Now that we have Einstein 2 collecting data, we can see if the same intrusion sets are continuing to spread or if agencies' internal mechanisms are keeping that from happening."

U.S. Strategic Command (USSTRATCOM) is responsible for the defense for all military network communications used by the Air Force, Navy, Army and Marines. With operations around the world, it is one of the largest networks (voice and data) to monitor and defend against attack. US STRATCOM mission statement says it all;

The Joint Task Force-Global Network Operations (JTF-GNO) directs the operation and defense of the Global Information Grid to assure timely and secure Net-Centric capabilities across strategic, operational, and tactical boundaries in support of DoD’s full spectrum of war fighting, intelligence, and business missions.

     In an interview with a USSTRATCOM spokesperson (who asked not to be identified)  asking how the organization is facing current security concerns, the response by the team at USSTRATCOM is straight forward and common sense. Perhaps we could learn a few things ourselves by going back to basics. The Department of Defense (DoD) is constantly upgrading its tactics, training and abilities.

US STRATCOM’s interview;

USSTRATCOM has a wide variety of responsibilities and support roles securing the computer networks of the military. Does USSTRATCOM secure all U.S. Military networks around the world or specific regions?

     Within DoD, the United States Strategic Command (USSTRATCOM) has been designated as the military lead for coordinating, supporting, and conducting network operations in support of regional and national objectives.  USSTRATCOM directs and conducts continuous operation and defense of the DoD’s information systems, as a single enterprise, to assure DoD access to and use of cyberspace across DoD’s full spectrum of operations.

How is this accomplished?

     The DoD employs a layered-defense approach and each of the Services and other Combatant Commands implement complementary policies, structures, roles, and missions.  We are creating a dynamic defense, a culture of cyber capabilities that can be brought to bear at the speed of the Internet. For security reasons, we do not discuss specifics about how this mission is carried out.

How much has USSTRATCOM grown to support and defend the networks under its management and responsibility?

     The information technology within the DoD is extremely vast and complex, so it’s impossible to put a finite number to that. The Internet continues to expand — there are somewhere in the neighborhood of a billion users right now — and the DoD information infrastructure is also quite expansive; approximately 15,000 individual networks and more than 7 million pieces of IT equipment. Every user is responsible for maintaining operational security, computer security, and personal integrity.

     As far as specific forces arrayed, USSTRATCOM currently has subordinate commands responsible for protecting the system and mitigating efforts to intrude upon this environment, which collectively includes the computers, cabling, satellites and infrastructure that support all DoD missions. Component commands from the Army, Navy, Air Force and Marine Corps have their own Network Operations Centers and work directly with STRATCOM’s subordinate commands.

by Doug Hanchard

View article at: http://government.zdnet.com/?p=7145

SAN DIEGO--(BUSINESS WIRE)--ESET, the leader in proactive threat protection, today announced that more than 130 stakeholders have pledged their support for ESET’s Securing Our eCity Model City Project, a public/private partnership for a comprehensive community-based cyber security awareness and education program.

      Partnering with the National Cyber Security Alliance, Securing Our eCity’s Model City Project has brought together local San Diego leaders including, Mayor Jerry Sanders, U.S. Attorney Karen Hewitt, San Diego State’s Eric Frost, PhD., Ruben Barrales, president of the San Diego Chamber of Commerce, and Michael Jones, president of The Security Network, to name a few. Also on-hand were Sheriff Bill Gore, representatives from the FBI and Department of Homeland Security, as well as Baja California’s Secretary of Public Security, Daniel de la Rosa. This effort aims to make San Diego a beacon of cyber security and provide a pathway forward that other cities and counties can replicate in their own communities by approaching cyber security from a holistic viewpoint, encompassing awareness, education and preparedness across the community.

      “With Internet-based attacks continuing to grow and threaten national and personal security, it is becoming more important than ever to stay one step ahead of cyber criminals,” said Jerry Sanders, mayor of San Diego. “The key to helping individuals, families and businesses protect themselves from cyber attacks is through increased education. By partnering with public and private efforts in our own backyard, like Securing Our eCity, we are able to move closer towards our goal of making San Diego the nation's safest cyber city and a model for the rest of the country.”

      Cyber security is a responsibility that all computer users share, and a cyber secure San Diego provides a solid foundation and opportunity for economic growth in the 21^st century. Collaborative law enforcement, military presence, world class universities, and a border with Mexico are just a few factors that favor San Diego as a center of cyber excellence.

      “When it comes to cybercrime, attacks are growing more skilled and sophisticated. An educated public is our best defense,” said Congressman Brian Bilbray (CA-50). “Public/private partnerships like Securing Our eCity are crucial to fighting this rapidly growing threat to our local and national security.”

      Developed as a way to educate and protect consumers and businesses from the growing threat of cybercrime, Securing Our eCity stakeholders are committed to working towards creating a more cyber secure nation and world. Securing Our eCity stakeholders will reconvene in the next couple of months to identify the top priorities to be addressed in 2010 and formulate the steps to work towards these initial goals.

      “We are thrilled that so many leaders in San Diego have committed to help make our city the nation’s most cyber secure community and a model for other cities,” said Darin Andersen, COO of ESET. “With the FBI ranking cyber crime as a top threat to national security, Securing Our eCity is dedicated to providing educational tools and resources to help our digital citizens become more cyber secure. We look forward to gathering again shortly as a group to work to move forward with the initiative’s priorities for the coming year.”

      For additional information on Securing Our eCity or to become involved in the initiative, please visit www.securingourecity.org.

by Christopher Dale of ESET

View this article at: http://www.businesswire.com/portal/site/home/permalink/?ndmViewId=news_view&newsId=20100217005416&newsLang=en

  A classified review of the United States Secret Service's computer technology found that the agency's computers were fully operational only 60 percent of the time because of outdated systems and a reliance on a computer mainframe that dates to the 1980s, according to Sen. Joe Lieberman, I-Conn.

     We have here a premiere law enforcement organization in our country which is responsible for the security of the president and the vice president and other officials of our government, and they have to have better IT than they have," said Lieberman, who is chairman of the Senate Homeland Security and Government Affairs Committee.

      Sources tell ABC News that the Secret Service was so plagued by computer problems that the agency invited the National Security Agency to formally review its information technology systems. The Secret Service's databases are outdated and users are at times unable to conduct searches from one system to another.

     Lieberman says he's had "concern for a while" about the Secret Service computers. A 60 percent, fully operational average is far worse than "industry and government standards that are around 98 percent generally," Lieberman said.

by Jason Ryan

View this article at: http://abcnews.go.com/Politics/us-secret-service-outdated-computer-mainframe-system-1980s/story?id=9945663

Nigerian Scammers, Whole body imagers, Interior Department's vulnerabilities to network security, Neeris computer worm

In recent weeks, 43-year-old Terry Childs allegedly used his super–user access to lock out San Francisco City officials from their core computer systems. For a period of days, as he sat in Jail on $5,000,000 bail, he also refused to give up the passwords.

The Department of Homeland Security (DHS) Office of Security (OS) uses the Integrated Security Management System (ISMS) to automate the tracking of Personnel Security related activities at DHS headquarters and component sites.

ISMS is an update system to the Personnel Security Activities Management System (PSAMS). ISMS will help manage DHS personnel and security case records by adding to the existing functionality of PSAMS.

There are many in the government and our communities that are finally beginning to understand the serious implications of children using the Internet. There have been several attempts to manage the content that children see and they have failed for reasons of free speech and the inability to control the internationally operated Internet. The reality of Dateline’s “To Catch a Predator,” has caused a renewed effort to control the people that our children are exposed to as they surf the Information Super Highway.

RIO DE JANEIRO (AFP) — The darker corners of the Internet are to be exposed under the bright light of Brazil's sun next week when a UN conference on how the web is run gets underway.

Rio de Janeiro will from Monday host the UN Internet Governance Forum, in which 2,000 participants from 100 countries will examine ways to tackle pedophilia and cybercrime