in ,

The New New Internet Interview With Technolytics Institute Founder: Obama Needs To Get The Ball Rolling

images7 The New New Internet conducted an enlightening interview with computer security expert and founder of the executive think-tank Technolytics Institute  Kevin G. Coleman regarding the current state of US cybersecurity. Coleman is frustrated by the lack of government timeliness to cybersecurity, bearing the recent July 4th cyber breach in mind.  Accountability in both the public and private sectors is key to solving the issue of cybersecurity. The issues in and around cybersecurity is nothing new; citing the Iranian ‘twitter revolution’, GhostNet’s and the speculated California blackouts of 2001 by China, Coleman believes these events are only precursors to potential larger global attacks if the cybersecurity issue is not elevated on a national and global level. 

The New New Internet:  Please talk briefly about your cyber background.

Kevin Coleman: I founded an executive think tank called The Technolytics Institute; we began our venture into the cyber security back in 2001 when I was asked to testify before members of Congress.  We hacked a computer live in thirteen seconds and that was over a 56K dial up modem. We recently briefed about sixty members of the intelligence community on cyber espionage and security and testified before the U.S. China Economic and Security Congressional Commission on China's Cyber Espionage activities.  I just got back from the Canadian Conference on Disaster Management talking about cyber terrorism and prior to that I briefed US Strategic Command last week on cyber security and cyber warfare. 

The New New Internet:  What is your view of what the White House is doing so far in terms of announcing the sixty day review and the Cyber Coordinator job itself?

Kevin Coleman:  Well the sixty day review took a lot longer than sixty days first of all.  Second of all I don't think that they recognize the magnitude of the situation we are dealing with. Look at the cyber attacks that took place over the July 4th holiday weekend and beyond.  If you take a look at the threats that we currently face in our information systems and our environment they clearly dictate a lot more aggressive and decisive movement and policies and safeguards to be put in place now and we seem to be dragging our feet. 

The New New Internet:  You testified before the US China Economic and Security Review; are attacks like Ghostnets just the beginning?  What's next?

Kevin Coleman:  I think Ghostnet is a great discovery that pointed out just how vulnerable we are.  As did the DDoS attacks last week.  When you have ““ I was recently told the number now is 2,000 computers that were compromised, 30% of compromised computer being described as  “high value targets“ from embassies and government officials a reasonable person would take that seriously!  Industrial espionage is another big issue.  The Director of National Intelligence in his testimony stated that intellectual property theft and data theft from businesses topped $1 trillion in 2008. There is a lot of opportunity for organizations to steal the information that drives our economy, and to capitalize on it and become our competitors. Quite frankly the time has actually passed when we should have addressed this back in 2001 when some of these issues started to become known to the general public.

The New New Internet:  Can you talk about the private sector role in cybersecurity? 

Kevin Coleman:  The President's plan (as described at a very high level) and legislation from Senator Rockefeller are a good first start effort but once again unless you have somebody that can mandate certain actions be taken and those actions be done in a reasonable short period of time; it may be too late – this all takes a big investment. The private sector is looking for Washington to foot the bill for this and they are likely not to take much action until there is some type of movement in Washington D.C either to give them tax credits or some kind of an incentive to put the money in place to fortify these systems. 

The New New Internet:  What is your view of the cyber command that Secretary Gates talked about?

Kevin Coleman: U.S. StratCom has launched initiatives that they have had around counterfeit hardware and counterfeit software, cyber militias and they are currently working on one on cyber law so they are moving.  The issue of Cyber Command's authority and international policy is not the robust environment in terms of legal ramifications; if you take a look at this internationally it becomes very problematic.  I 100% support standing up a new command and I think StratCom, because of the unique position that they have had for years, are unique positioned and have been looking at the cyber threat environment from strategic weapons is the proper place to do this. They have until October to put the plan in place; it's a short window of time to stand up something that significant. 

The New New Internet: How important is the public campaign and public education section of the Melissa Hathaway report in solving the cyber security challenge?

Kevin Coleman: There are numerous regulations that mandate some kind of security awareness program to protect sensitive individual records and financial records as well as to protect the company's intellectual property.  The problem is most organizations do not have programs in place and have all but totally ignored that requirement. Organizations have to be held accountable for this awareness type program. We can't sit there and wait sixty, ninety, one hundred and twenty days to get some of these programs launched and start getting people complying with them. 

The Iranian government turned off the Internet right before, right up to and during the election.  As soon as it came back on there were distributed denial service attacks on President Ahmadinejad's personal site and several government sites.  We had looked at that and estimated over 500,000 individual computers would have been needed in order to mount that amount of traffic on those to take down those sites…Just think about what could be done when they have a couple of years of planning and a million dollars behind an attack.

The New New Internet:  Some folks are suggesting that the United States approach cyber security as we did with the Monroe Doctrine, do you agree?

Kevin Coleman:  I would hate to point back to something that's been around that long; we are better than that. We can create a new near real time environment to protect our critical infrastructure and our information systems.  I'm afraid that using older techniques such as the Monroe Doctrine as a framework will not lend itself to the expediency that this problem demands.  

The New New Internet:  What is something most people are surprised to learn or should know about cyber security as it relates to the challenge that we are facing?

Kevin Coleman:  This isn't new.  Back in 1993 a Russian Intelligence Analyst talked about the use of information in warfare and attacking information systems. We've been fighting cyber attacks, security breaches and issues around maintaining integrity of data since the early “˜90's.  This has just escalated to a point where now it's in the frontal lobes of the law makers and the businessmen they have to protect their critical information assets.

The New New Internet:  Those are all of the questions that I had, was there anything else you would like to add that we didn't cover?

Kevin Coleman: The information warfare side ““There were some pretty interesting cyber attacks that took place over in Iran recently.  The Iranian government turned off the Internet right before, right up to and during the election.  As soon as it came back on there were distributed denial service attacks on President Ahmadinejad's personal site and several government sites.  We had looked at that and estimated over 500,000 individual computers would have been needed in order to mount that amount of traffic on those to take down those sites. It is unnerving that an informal group associated with the opposition candidates were able to pull those together in that short of a period of time and mount such a reasonably substantial attack ““ that clearly signifies how dynamic this threat is and the challenge that we are going to have.  Just think about what could be done when they have a couple of years of planning and a million dollars behind an attack.

There's an interesting report that came out of the European Union, did you know in 2001 when we had those issues out in California with the power grid the report states it was basically China attacking it?  Just more reasons for concern!

 

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Government Cloud

mm

Written by Admin

Baroni Management to Prepare Strategic Assessment of Patriot Data Solutions Group - top government contractors - best government contracting event
Baroni Management to Prepare Strategic Assessment of Patriot Data Solutions Group
Senate $42.9 Billion Spending Bill: Quick Glance