AOH :: IS2009.HTM

Breach indicates need for stricter security requirements for contractor networks




Breach indicates need for stricter security requirements for contractor networks
Breach indicates need for stricter security requirements for contractor networks



http://www.nextgov.com/nextgov/ng_20090421_4305.php 

By Jill R. Aitoro 
Nextgov.com
04/21/2009

A breach of computer networks that contractors use to support a major 
weapons program provides the latest argument for why government should 
enforce stricter cybersecurity requirements for companies that do 
business with federal agencies, said former security professionals.

Hackers downloaded data about the Joint Strike Fighter, a 
multibillion-dollar high-tech fighter jet, known as the F-35, the 
Defense Department is building, by exploiting vulnerabilities in the 
computer networks that contractors use to design and build the 
aircraft's weapon systems, according to a Wall Street Journal article. 
While the potential impact of the breach is unknown, the most sensitive 
material was stored on computers not connected to the Internet and could 
not be accessed, WSJ reported.

"This shows how interconnected our government and industry systems are," 
said Gregory Garcia, who served as assistant secretary of cybersecurity 
and telecommunications at the Homeland Security Department during the 
Bush administration and now runs the information security consulting 
firm Garcia Strategies. "DHS and DoD have been trying to get contractors 
and other major companies to find common standards of practice to 
protect networks from these sophisticated breaches. There needs to be a 
new-order requirement on companies doing business with the federal 
government."

Government should develop similar standards for securing the global 
supply chain from malicious software and hardware implants that send 
stolen information to cyber spies who have access to federal networks, 
he said.

[...]


--
LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information 



Site design & layout copyright © 1986-2014 CodeGods