Homeland defence research agency directs attention to cyber security.

• Author: Pappalardo, Joe
• Position: Digital Defenses

Fearing the specter of crippling attacks on government and private sector computer systems, federal officials are stepping up efforts to foil cyber terrorism.

A recent solicitation from the Department of Homeland Security's advanced research projects agency, HSARPA, illustrates the weaknesses of current computer systems, and hints at technologies and approaches to shore up gaping vulnerabilities.

A close reading of the solicitation illustrates DHS' concern over the lack of tools available to thwart hostile computer acts, whether it be a terrorist hacker manipulating valves at a natural gas refinery, a domestic agitator shutting down a government website or a strike at the national electric grid by a foreign power.

The HSARPA proposal asks for solutions to a variety of urgent problems facing the entire private sector, as well as specific DHS agencies. Awards will be given to those who can create tools and methods to measure the security of networks, tighten controls over wireless networks and enhance post-attack forensics.

HSARPA is reviewing research and development proposals, and will award $4.5 million in contracts by the end of this month, with an anticipated total of up to $15 million over three years.

Many solutions available today are geared towards marketable products and not to guard critical infrastructure, said Mark Gembicki, program director of DHS' national cyber-security exercise and managing director of critical asset protection for Bearing Point Inc. "We need to listen to the needs of critical infrastructure and not the so-called needs of the vendors," he said.

He added that much of the intelligence about terrorist networks indicates that they "are now planning physical and cyber attacks at the same time. We have to be able to defend ourselves against a blended attack."

Infrastructure systems are vulnerable, many experts agree, because the focus on availability and accessibility has left the door open to abusers. Supervisory control and data acquisition (SCADA) systems provide real-time information to operators of vast networks that keep infrastructure moving, and nearly all use off-the-shelf, commercially available and therefore easy to hack software.

"General purpose computers are increasingly being used for mission-critical tasks within critical infrastructures. Moreover, these systems are increasingly integrated into enterprise networks," according to HSARPA documents. "These trends permit companies to leverage advances in commercial technology and more closely integrate business and production activities ... However, there is a concern that this has come at the price of increasing the vulnerabilities of these systems to network attack."

Interoperability is a buzzword in Washington, D.C., but the concept is emerging in a new security environment. This delicate balance between security and accessibility is at the forefront of the government's strategy to secure cyber space for commerce and communication, said Tom Mazich, public sector chief for the computer security firm Symantec.

"The days are gone of seeing a dosed, proprietary system," he said. "There's more and more pressure to move to a more open...