Home / News

U.S. Federal Government Response Too Slow to Friday’s Internet Attack, Warns Cybersecurity Official

By CircleID Reporter
  • October 25, 2016, 6:25 pm PDT
  • Views: 6,418
  • Add Comment

“We often refer to the Cuyahoga River in Cleveland that caught on fire over 20 times before we actually did something to introduce the Clean Water Act,” says Allan Friedman, the director of cybersecurity initiatives for the Department of Commerce’s National Telecommunications and Information Administration (NTIA), in conference call on Monday. “I don’t know if you can count this [Friday’s masive DDoS attack] as an internet on fire—I know a lot of the people who were affected called it an internet on fire—but it may take several of these before we are sufficiently motivated. ... Given the very uncomfortable nature of some of the policy responses and the very long lead time to implement them and bring new problems to market, I think now is the time to start.” Government should start working to prevent future attacks immediately, Friedman warned.

“Baby Steps” / Tim Starks reporting in Politico, quoting Homeland Security Secretary Jeh Johnson: “The recovery from last week’s attack that downed major websites like Twitter and Netflix appears to be complete. But preparing for the next huge distributed denial-of-service attack like the one that hit domain name system provider Dyn is still making baby steps. ... the department is working with law enforcement and the private sector to defend against Mirai and similar threats. And he pledged that DHS [Department of Homeland Security] would produce a strategic plan “in the coming weeks” to protect internet of things devices.”

“Internet Under Siege: The Cost of Connectivity,” Rachel Ansley reporting from the Atlantic Council: “In the rush to produce cost-effective connected devices, not enough focus has been placed on security measures. ... [Joshua] Corman [the director of the Atlantic Council’s Cyber Statecraft Initiative] described how the widespread dependence on connected technology is exceeding the ability to secure devices. ‘In our race to adopt technologies for their immediate and obvious benefits, we seldom do the cost-benefit equation to notice the deferred cost in security risks these [devices] incur,’ he said. Once the devices are sent to market, security is no longer accounted for. Corman claimed that if the default posture of these devices is insecure, they will continue to pose a greater and eventually unmanageable threat.”

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

View All Topics