“I’m from the government and I’m here to help”.
You may know that this statement is often listed among “The World’s Greatest Lies”, along with “The check is in the mail”. Well, there are times when the government is really here to help.
While Americans vigorously debate and disagree about the role and scope of government, few would disagree that government needs to take the lead role in law enforcement, public safety and national security issues. It is a sign of the times that a relatively new government agency created to deal with cyber-attacks is turning up more and more in the news.
The United States Computer Emergency Response Team (US-CERT) is part of the National Cyber Security Division at DHS. It is the operations unit of the Cyber Security Division, responsible for analyzing and mitigating threats to federal networks and for coordinating information sharing with the private sector.
US-CERT and the Cyber Security Division were created as part of the government reorganization that occurred after the attacks of 9/11 in 2001. The early history of the division was rocky, with frequent management changes and charges that the group was disorganized and mismanaged.
Those of us that are skeptical of government based solutions are not surprised. Even agencies with good intentions tend to have mixed track records. Those of us living through the aftermath of hurricane Sandy can testify that FEMA’s performance has been erratic at best, good press notwithstanding.
However, if there was ever a need for a government response to a problem this is it. Threats to computer systems and networks have been increasing both in volume and seriousness in recent years. These threats are for both criminal and political purposes and originate both inside the US and from around the globe. State and local law enforcement can play a role, but they desperately need the kind of support that only a national response can provide.
The US banking system is an area of particular concern. Criminals use computer technology to commit bank fraud, steak and launder money. We know these crimes are on the rise, but the magnitude of the problem may be greater than people realize because they often go unreported or unpublicized. Corporate victims of cyber crimes often prefer to hide the crime than let the world know they were had.
Just as important as crime are threats for political reasons. The major banks have been targeted by foreign governments and political activists, so called hactivists. In September it was reported that some of the largest US banks had undergone Denial of Service (DOS) attacks that originated in Iran. Such attacks attempt to bring down networks and web sites by flooding them with messages to tie up their routers. Homeland Security and US-CERT have been very involved in the response to these threats.
Up to now, however, the most significant role of US-CERT has simply been providing information. For example, they publish a weekly bulletin of new software vulnerabilities and the patches available. As the threats grow, and you can bet they will, we will need a more proactive approach from the government.
Personally, this is one of the few examples where I support the government spending more money and expanding its role.
As an individual, there is only so much I can do to protect my computer from attacks. Of course, I have the best free antivirus system and best firewall available and keep up with the news of the latest threats. There is so much going on that it is impossible to protect yourself from every threat. We need all the help we can get. Hopefully US-CERT and Homeland Security will be there for us!