, SecurityFocus 2009-07-08
Story continued from Page 1
Signs of the latest attack started appearing over the weekend, when five U.S. government sites were targeted. By Monday, reports indicated that CIOs of federal agencies were scrambling to head off the attacks.
Yet, the U.S. government has been typically closed-mouthed about the threat. And that is perhaps the biggest lesson to be learned from the attack, said Amit Yoran, CEO of security firm NetWitness and a former cyber official in the U.S. Department of Homeland Security.
"This is a good sampling of a large scale attack that has a lot of people's attention and a lot of people concerned," he said. "It has been going for several days now, and there has been a coordinated restriction of information from the government. And that causes all sorts of issues — people are misinformed and they are jumping to the wrong conclusions."
Sharing information on ongoing attacks has been a major problem in the relationship between private industry, which owns nearly 90 percent of the Internet's infrastructure, and government agencies. Law enforcement agencies typically request incident reports from companies, but in return, give little information about attacks or distribute general warnings months after an incident has occurred.
Streamlining information sharing is not on the Obama administration's list of near-term objectives included in the target="_blank">recently released Cyberspace Policy Review, but it did make the medium-term to-do list. The latest attack shows that the government needs to give a greater priority to disseminating information, Yoran said.
"If the response to this is, 'Shut up and don't say anything,' you can see what the reaction would be to a more silent issue that did not get the media attention this attack has gotten," he said.
If you have tips or insights on this topic, please contact SecurityFocus.