Thursday, June 21, 2007

Here's a problem:
The Department of Homeland Security is in charge of protecting us from cyber-terrorists.
In a report released recently, senior officials in that agency acknowledged 800 computer break-ins in the past two years (over one per day, by my admittedly shaky math) including virus outbreaks, compromised systems, stolen laptops containing unknown data, and stolen passwords -- On their own internal computers.
This is a sore spot for me, because I know why they get hacked like n00bz.
The reason is simple -- They are n00bz.
I almost (almost) accepted a position (badge, gun, car and caseload) with the FBI cyber-crimes division. However, I could not afford to.
Government salaried computer jobs like these pay half (or a little less than half) of the current (depressed) private sector I.T. rate. For us, the desire to live indoors outweighed my desire to crack hippie skulls, though I'm still bitter about it.
If the government is serious about stopping cyber crime, they have to offer incentives to get qualified people to do the work.
This is not intended as a slight on the men and women who work hard for the DHS. This is a request that someone send them some help.
Eight-Hundred times in two years, someone maliciously compromised the computer systems of the people responsible for protecting ours.

3 comments:

Anonymous said...

Well it must be hard when you are the DHS, I mean you are what every bored teenager as well as hard core hack test their skill against. They need all the help they can get

tess said...

The state of gov't networking is a sad sad thing, that most days I try not to think about (despite the fact that I'm stuck using said gov't network currently). But other days it rears it's ugly head so high that I can't very well ignore it.

Example:
My IT dept publishes my email address in its entirety in several places on our department website. Now I get about 500 junk mails a day, at least half of which are phishing schemes and viruses.

Example:
My IT dept's solution to the vulnerabilities in IE is not to install a different less hackable free browser, but instead is to disable java and flash.

Example:
My IT dept has no idea who has admin rights on the dept's computers and who doesn't. They sent out emails not too long ago ASKING us if we had admin rights or not.

Example:
We use Windows for everything, because none of the applications that the university has spent millions of dollars on having custom built work on anything else. Our professors use UNIX and Linux and Mac, but have to have a windows machine stashed somewhere just so they can order their research supplies.

I love our IT guys to death. They're sweet, and funny, and even fairly attractive. But yes, they need some serious help -- in the form of better training, and better resources.

Garrick said...

Tess,

Your examples actually gave me chills. I've done time (as a consultant) in a State I.T. department. No Firefox? They don't know who has what access?

OMG,

G