Defense Department Pretty Much Incompetent In Dealing With Online Threats

from the but-of-course dept

Last year, we noted that there was something of an internal executive branch fight over who had the mandate to deal with so-called "cybersecurity" threats: the Defense Department (mainly the NSA) or Homeland Security. Neither group is ideal, obviously, but the Defense Department's claims were definitely much more ridiculous, in that it seemed like the entire point of asking for control over online security was to grant the NSA more spying powers. In fact, we found it somewhat hilarious that the DoD seemed to think that one of its best qualifications for managing digital security issues was its own incompetence in dealing with massive security breaches. Yes, the logic was basically "we had crappy security, so we know that online threats are real." Yeah.

Now, as a bunch of folks have been pointing out, the GAO has put out a brutal report, explaining just how incredibly incompetent the Pentagon has been in both understanding and dealing with any kind of online threats. The full report (pdf) is pretty direct in suggestion that the DoD has known about problems for ages, but has only just started addressing the problems -- and the report says it's too early to tell if they've had any real impact at all.

While we've long said that the risk of "cyberwar" is blown way out of proportion, that doesn't mean that there aren't many attempts to breach government digital security. Tragically, this report suggests that the DoD is woefully unprepared to deal with the issues, and is only just now trying to catch up (potentially from a position well behind any adversaries.).


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    The eejit (profile), Aug 1st, 2011 @ 3:43am

    Inspector Clouseau would be a better digital deterrent than these clowns.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Deviant, Aug 1st, 2011 @ 4:30am

    Bullshytt

    This article is bullshytt. I worked for DoD, NSA, and CIA, when I was in the Military blocking cyber attacks. The equipment they have is so far more advance then anything I have seen at an Intel, Microsoft, or Google. This is just a reason to pay high salaries to civilian employees. My friend works for the NSA Network Security and starting salary... yeap 170,000 a year.

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    That Anonymous Coward (profile), Aug 1st, 2011 @ 4:37am

    Re: Bullshytt

    And with a handful of flash drives scatter in different places, I can own your entire network.

    There is a difference between fending off "cyberwarriors" in the ongoing "cyberwar" and the simple fact that they might have a shiny happy "cyberwar" room to work out of and the rest of their systems are happily mailing spam out as part of a botnet.

    They have thrown lots of money at people who promise them they have the solution, and we get no good results... so we throw more money on the old problem and ignore the new ones.

    Maybe step 1 in securing their network, should be looking at all of the .mil and .gov emails that were registered on porn.com and eliminate those peoples use of computers because they can not be bright enough to have used a different password on each site they encounter.

    Oh and while you decry this as BS... don't forget the guy who blew the whistle on NSA wasting tons of money on a crappy product, and then they tried to ruin him for daring to point out they had screwed up.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    The eejit (profile), Aug 1st, 2011 @ 4:40am

    Re: Bullshytt

    Well, perhaps that should be the first thing cut (the salary, not the job) when everything goes tits up. And perhaps people should stop using their work e-mails for registering for free porn.

    But, you know, TERRORISM! CYBERWAR! MORAL PANIC!

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    PaulT (profile), Aug 1st, 2011 @ 4:42am

    Re: Bullshytt

    So, you're saying that the GAO is lying?

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Scott Templeman, Aug 1st, 2011 @ 4:53am

    Can't throw $ at problems

    Budget does not equal competence. Otherwise, every Government service would be unparalleled, and we'd all be driving a GM, that is, when not enjoying our incredible public transportation services.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    One Tom too Many (profile), Aug 1st, 2011 @ 4:54am

    Couldn't Agree More...

    Having worked for the military for longer than I care to admit, I REALLY don't have any faith in what they can do in "cybersecurity" since they can't even figure out just "what" it is. The Air Force is the most comical of the bunch since they "obviously" know that "Space" is part of "Cyberspace" and should, therefore, have CYBER Command up under SPACECOMMAND run by "Spacemen" or Pilots or even Missileers rather than, oh say, in an agency with someone who just might grok what the hell it really is and what it should do (something about that "operational stink adding validity to it). Anyway, wishful thinking on my part and I'm hanging up my geek cred since it has been tainted by guvvie work, so I probably don't know what the hell I'm talking about.

    However, if the US Gov't WERE so competent in their cyberspace dealings (in a Hollywood imagined reality) there would NOT have been a Bradley Manning in the first place and Wikileaks would have been Wiki-tightened before anything got out in a hot ASSange minute. The MafiAAs aren't even that good either so I guess I'll stick to free-tarding it.

    And that's about all I have to say on those matters other than I also would not work at any of the aforementioned organizations since their leadership are either old-school military technophobes still trying to figure it out or DHS/FBI gumshoe detectives that can't follow the law as correctly as they should as is evidenced by all the techdirt articles and the incestuous relationship they have with Big Business, Big Pharma, Big Entertainment, and the MafiAAs.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Nicedoggy, Aug 1st, 2011 @ 4:59am

    To be fair, the little dirty secret on the IT world is that there is no defense in cyberspace.

    Despite some claims for the contrary.

    Security could be improve there is no doubt about it, but total security is just a pipe dream.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    chris, Aug 1st, 2011 @ 4:59am

    It doesn't matter that the US spends way more on defense than other countries since most of it is wasted getting screwed by contractors and inflated salaries. I guarantee that China can do more with 1/10 of the amount we spend.

    I'm worried that we're spending billions on Windows licenses while other countries use a free OS and learn more about computers in the process. Meanwhile our solders are being lead into battle by Clippy.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Aug 1st, 2011 @ 5:06am

    It's the government, they're incompetent when it comes to doing anything beyond using excessive force and imposing absurd penalties for doing nothing wrong (ie: infringement). The govt is worse than useless, we'd be better off without it.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Aug 1st, 2011 @ 5:12am

    Re:

    (and taxing. They're good at taxing).

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    The eejit (profile), Aug 1st, 2011 @ 5:27am

    Re:

    Not just a pipe-dream. It's like asking the Tea Party for investment advice.

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    That Anonymous Coward (profile), Aug 1st, 2011 @ 6:06am

    Re:

    If I saw Clippy leading a tank column I would run like hell.

    So it looks like your trying to invade a country, would you like to -

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    timlash (profile), Aug 1st, 2011 @ 6:06am

    Hmm

    Mike,

    I agree that most of the cyberwarfare hyperbole is unwarranted. However, you've written about your interest in the Stuxnet story. Wouldn't you classify that incident as a cyberwarfare attack, and isn't that the prototype attack of the future that we should begin to seriously contemplate? That is: an attack conducted via computer code that causes damage in real life?

     

    reply to this | link to this | view in thread ]

  15.  
    icon
    Chargone (profile), Aug 1st, 2011 @ 6:50am

    Re:

    if by 'the government' you mean 'the US government in it's current incarnation' then it's very easy to agree with you.

    if you mean the concept of government in general this statement is flat out wrong. Human nature ensures that any anarchy will, in relatively short order, default into small scale organised governments. if you're Lucky that means a city state with a good setup. far more likely it means warlords. in the latter case if you're Lucky, again, you end up with at least some leaders who consider more than their own enrichment and power to be important and they don't get completely owned, and you end up with a feudal system. if you're unlucky you end up with someone less pleasant on top and get some combination of authoritarian dictatorship on a conquering spree, assassination and civil war.

    or you just get invaded by a neighbour who does still have a functional government. either way.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    The eejit (profile), Aug 1st, 2011 @ 7:01am

    Re: Hmm

    Technically, that was cyberterrorism, as war is terrorism at its subatomic level. But, I'm insane at this semanticry lark.

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    AMusingFool (profile), Aug 1st, 2011 @ 7:51am

    Re:

    The govt is worse than useless, we'd be better off without it.


    Sure, if you like the idea of a sharecropper lifestyle, without widespread education and unlimited poisoning of the environment. Because that's what would be left.

    And if you had any money left over to invest, you probably wouldn't want to invest in any company in which you didn't have inside info. Because otherwise you'd probably get wiped out by those who did have that info.

    And the very idea of a retirement? Nope; work until you're physically unable, then hope your kids will take care of you.

    Not saying the government ain't got flaws (far from it), but let's be realistic, ok?

    And the really sad thing about this article is that if the GAO were to analyze DHS, they'd find it just as incompetent as DoD (maybe more so).

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Aug 1st, 2011 @ 8:26am

    Re: Bullshytt

    Your point isn't really relevant. The best equipment in the world doesn't matter if it isn't being used effectively (poor leadership, training, policies, focus, etc.).

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    AnonyMouse, Aug 3rd, 2011 @ 4:45pm

    BS is right

    I took the time to read the report. Can I get a Gov Voucher for that time back?
    I cannot believe we pay someone so much money to write and read this drivel.
    I am a security pro. I would not want to deal with this type of BS, so who's going to actually do the work?
    I don't care what equipment or personel is trained on it, as long as this is what we throw money at all you end up with is experts at using the buraeucracy.
    US Gov Sucks.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This