You may have seen the various stories making the rounds about how some malicious trojan originally on an unsecured USB key was put into a military laptop in 2008, and then propagated around the military
, hitting both classified and unclassified documents. Why is this massive security breach being declassified now? Well, to warn us how scary computer threats out there are:
Lynn's decision to declassify an incident that Defense officials had kept secret reflects the Pentagon's desire to raise congressional and public concern over the threats facing U.S. computer systems, experts said.
We've already noted that various government officials have been engaging in a massive hype campaign
about "cyberwar" threats, in an effort to get more control over certain networks. But there's also a bit of an inter-departmental battle within government agencies over who should get to control these new powers. And, in this case, Deputy Defense Secretary William Lynn's revelation of this security breach is party of his jockeying to make sure that the Pentagon gets more power here, rather than Homeland Security:
He puts the Homeland Security Department on notice that although it has the "lead" in protecting the dot.gov and dot.com domains, the Pentagon -- which includes the ultra-secret National Security Agency -- should support efforts to protect critical industry networks.
As Jim Harper points out, however, this is the equivalent of saying we totally failed to protect our own systems, so put us in charge of more
The failure of the military to protect its own systems creates an argument for it to have preeminence in protecting private computer infrastructure? Perhaps the Department of Homeland Security will reveal how badly it has been hacked in order to regain the upper hand in the battle to protect us.
Don't you feel safer?