Security

Topics:   Security

  • Email this page E-mail this page
  • Print this page Print this page
  • Bookmark and Share
  • icon

Lawmakers: Chinese Hackers Pwn3d US


Posted by George Hulme, Jun 11, 2008 09:31 PM

There are numerous news reports that multiple congressional computers have been hacked from systems apparently residing in China. The hackers’ target: a list of dissidents.

According to a Washington Post story, Rep. Frank Wolf, R-Va., and Rep. Chris Smith, R-N.J., both known to be critics of China's record of (non) human rights (and what reasonably minded person isn't), say several of their computers were compromised. Smith is a senior member on the House Foreign Affairs Committee.

The outcome of these compromises goes far beyond an annoying denial-of-service attack, embarrassing Web site defacement, or identity theft. From The Washington Post:

The hackers, he said, gained access to sensitive information about the identities and locations of many Chinese dissidents and refugees he has worked with during his years in Congress. He said he suspects that he was targeted because of his human rights work.

But there's so much more:

Wolf said he was urged by government agencies not to speak out about the breaches but decided to go public now for fear that most members of Congress and their staffs do not know of the threat they face from cyberattacks by foreign governments or other groups.

Wolf has it right. The urge to be silent about breaches is one of the biggest challenges with IT security. No one wants to talk about it. Companies, government agencies, and other organizations want to just clean up a compromised system and move on. If organizations talked more openly about security, there'd be more learning, greater understanding of the challenges, and help driving innovative solutions. There'd also be the political will by government agencies and corporations to do the right thing, and that's to deploy security that is Good Enough.

"Good Enough" security is relative to the value of the information being stored. And in this case, where the names of those objecting to an oppressive Communist regime are listed, the security of those systems obviously wasn't.

Following years of lax security at government agencies, it is well beyond time this country get serious about securing government networks. Our Wolfe, Alex Wolfe, is right to say that the Senate should stop bellyaching and sign President Bush's Comprehensive National Cyber Security Initiative.

« Google v. Apple | Main | T-Mobile Hits A Not-So-Hot Spot »



Sign Up Now
For InformationWeek News Alerts




This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.