Go to the FreeLists Home Page Home Signup Help Login 		 



[cybercrime-alerts] || [Date Prev] [07-2003 Date Index] [Date Next] || [Thread Prev] [07-2003 Thread Index] [Thread Next]

Government preps Net security system

  • From: "cybercrime-alerts" <alerts@xxxxxxxxxxx>
  • To: cybercrime-alerts@xxxxxxxxxxxxx
  • Date: Thu, 31 Jul 2003 20:02:19 -0400
Government preps Net security system
By Declan McCullagh
Staff Writer, CNET News.com
July 31, 2003, 4:03 PM PT
http://news.com.com/2100-1009-5058578.html

LAS VEGAS--A centralized early warning system for Internet security alerts 
should be working by this fall, an official from the U.S. Department of 
Homeland Security said Thursday afternoon.
Marcus Sachs, the department's cyber program director, said the system will 
provide an Internet counterpart to the Terrorist Threat Integration Center 
(TTIC) that President Bush announced in his State of the Union address in 
January. The TTIC, a mammoth data-collection project intended to fuse 
information collected domestically by police and internationally by spy 
agencies, has a broad mandate but has focused on physical threats to national 
security.

"We don't have today a way to do early warning detection broadly," Sachs said 
in an interview after a speech at the Black Hat Briefings security conference 
here. Defense contractor SRI International is expected to deliver a preliminary 
version of a working system--called the Global Early Warning Information System 
(GEWIS)--by October 2003 and a final version by March 2004, Sachs said.

GEWIS is intended to act as a kind of central hub that monitors sensitive areas 
of the Internet and alerts Department of Homeland Security officials to 
suspicious activity. Sachs offered the example of the department monitoring 
unusual numbers of domain name lookups and requests to authenticate VeriSign 
certificates as possible precursors to an electronic attack.

"That'll fall under us," Sachs said. "We recognize there's a lot of good 
information out there that's not connected."

In 1999, the FBI proposed a related plan, called the Federal Intrusion 
Detection Network, or FIDNet, but was forced to dramatically limit its scope in 
response to public outcry and pressure from libertarian-leaning members of 
Congress. Texas Rep. Dick Armey, who was House Majority Leader at the time, 
wrote a letter to then-Attorney General Janet Reno saying: "This new 
bureaucracy would look for suspicious activity on both government and private 
computer networks, and the information collected would be gathered at the FBI's 
National Infrastructure Protection Center, under your jurisdiction. News 
reports about this system have understandably caused a great deal of concern."

David Sobel, general counsel of the Electronic Privacy Information Center, said 
GEWIS raises similar legal and constitutional concerns if it includes 
monitoring Internet resources operated by the private sector.

"It warrants closer examination, and more details need to be disclosed so a 
full assessment of the legal and privacy issues that may be raised can be 
made," Sobel said.

The FBI's National Infrastructure Protection Center is now part of the 
Department of Homeland Security. When Congress created the department in 
November 2002, it mashed together five agencies that previously had divvied up 
responsibility for "critical infrastructure protection." The other four were 
the Defense Department's National Communications System, the Commerce 
Department's Critical Infrastructure Assurance Office, an Energy Department 
analysis center and the Federal Computer Incident Response Center.

Sachs said the government already has "a prototype that's been under 
development in the last year." GEWIS will take over where the efforts of the 
five individual agencies had ended, Sachs said.

He said GEWIS is not intended to focus on content and should not raise the same 
concerns that plagued FIDNet. GEWIS is based in part on work conducted by the 
National Communications System, a Defense Department agency that became part of 
the Homeland Security Department.




--
Article distributed for the purposes of education, discussion and review.
http://theMezz.com/forum

Unsubscribe:
http://www.freelists.org/cgi-bin/list?list_id=cybercrime-alerts
Archives: http://theMezz.com/cybercrime/archive
Brought to you by: http://theMezz.com/lists




[ Home | Signup | Help | Login | Archives | Lists ]

All trademarks and copyrights within the FreeLists archives are owned by their respective owners.
Everything else ©2008 Avenir Technologies, LLC.