[IP] US plan to limit connections to Federal government networks

[David Farber <dave@farber.net>]

________________________________________
From: Michael R. Nelson [mnelson@pobox.com]
Sent: Friday, April 11, 2008 6:23 AM
To: David Farber
Subject: US plan to limit connections to Federal government networks

I'd heard about the US Government's plan to limit connections between Federal agencies' networks and the rest of the Internet so that all traffic could be monitored and DDOS attacks thwarted. This is the first news story I've seen to mention it.  Chertoff's comments raises lots of obvious questions: (1) How much bandwidth at each chokepoint? (2) Will all agencies be affected?  All Federal contractors?  (3) What's the schedule for deployment?

Michael R. Nelson
Visiting Professor, Internet Studies
Communication, Culture and Technology Program
Georgetown University
Washington, DC


From Times Online
[http://m.uk.2mdn.net/viewad/817-grey.gif]<http://ad.uk.doubleclick.net/click;h=v8/369f/0/0/%2a/t;44306;0-0;0;11152226;4357-143/50;0/0/0;;%7Eaopt=2/1/ce/0;%7Esscs=%3f><http://ad.uk.doubleclick.net/adj/technology.timesonline.co.uk/mainhomepage;cat=;pos=sponsor;sz=143x50;tile=2;ord=1207908619441?>
April 9, 2008
US security chief: cyber-threats 'on par' with 9/11
Computer-based threats are now as serious as those in the material world, the US Homeland Security Secretary said
Jonathan Richards
One of America's most senior security officials has said that the threat posed by cyber-crime is "on a par" with the attacks of September 11, 2001.
Michael Chertoff, the Homeland Security Secretary, said that computer-based attacks had the ability to cripple financial institutions and government networks.
"We take threats to the cyber world as seriously as we take threats to the material world," Mr Chertoff told a gathering of security industry experts in San Francisco.
His remarks came as a report by the British Chambers of Commerce found that 23 per cent of UK businesses had suffered from an attack by malicious software in the past year - more than twice the number that had been the victim of credit card fraud.
Mr Chertoff said that the US Government planned to shift its approach to fighting computer-based crime from what he called "a fundamentally backward-looking architecture" - analysing attacks as they happened and tracing back to their source - to "an early-warning system".
He declined to elaborate on how officials would monitor and flag up threats before they materialised - saying the details were classified, but admitted that the new approach presented significant technical challenges.
''It's going to be hard - it's hard technically," Mr Chertoff told delegates at the RSA Conference. ''(But) the fact that something's hard doesn't mean, 'Let's not do it because it's going to be difficult.' It means, 'Let's roll up our sleeves and get started.'''
Mr Chertoff said that there were too many openings in government networks through which cyber-criminals were able to inject malicious software, and that one of the first goals of the new system would be to reduce the number of access points from thousands to about 50.

-------------------------------------------