By Jill R. Aitoro
A breach of computer networks that contractors use to support a major
weapons program provides the latest argument for why government should
enforce stricter cybersecurity requirements for companies that do
business with federal agencies, said former security professionals.
Hackers downloaded data about the Joint Strike Fighter, a
multibillion-dollar high-tech fighter jet, known as the F-35, the
Defense Department is building, by exploiting vulnerabilities in the
computer networks that contractors use to design and build the
aircraft's weapon systems, according to a Wall Street Journal article.
While the potential impact of the breach is unknown, the most sensitive
material was stored on computers not connected to the Internet and could
not be accessed, WSJ reported.
"This shows how interconnected our government and industry systems are,"
said Gregory Garcia, who served as assistant secretary of cybersecurity
and telecommunications at the Homeland Security Department during the
Bush administration and now runs the information security consulting
firm Garcia Strategies. "DHS and DoD have been trying to get contractors
and other major companies to find common standards of practice to
protect networks from these sophisticated breaches. There needs to be a
new-order requirement on companies doing business with the federal
Government should develop similar standards for securing the global
supply chain from malicious software and hardware implants that send
stolen information to cyber spies who have access to federal networks,
LayerOne 2009, Information Security for the discerning professional.
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California
Visit http://layerone.info for more information