Information Security News mailing list archives
Security: No Blanket Solution
From: William Knowles <wk () C4I ORG>
Date: Wed, 10 May 2000 02:45:22 -0500
http://www.wired.com/news/politics/0,1283,36223,00.html by Elisa Batista 2:40 p.m. May. 9, 2000 PDT MENLO PARK, California - Government officials and high-tech business leaders met Tuesday to brainstorm about ways to stop hackers in their tracks. Prompted by the recent spate of denial-of-service attacks, along with last week's Love Bug worm, two technology firms sponsored the "Internet Defense Summit" and introduced their own solutions to prevent future break-ins. Meanwhile, Senator Fred Thompson (R-Tennessee) introduced legislation at the conference that would require the federal government to increase its own security against hackers. Calling the increase in computer-related crimes a "national security risk," Thompson drafted the Government Information Security Act. The bill, approved Tuesday by the Government Affairs Committee that Thompson chairs, requires yearly reviews of all federal agencies' computer systems and asks managers of those systems to prove they work. Acknowledging that the recent Love Bug worm crippled Capitol Hill in several ways, Thompson said the government is ill-equipped to combat hackers but that it cannot and should not regulate the high-tech industry to do so. Thompson said the government can only help beef up computer security by increasing the number of high-tech workers allowed into the country on H-1B visas; by offering tax breaks to private companies that come up with security solutions; or by enforcing the existing laws against offenders. However, Thompson acknowledged that it is a difficult task for the government to enforce the law because the number of computer-related crimes "quadrupled" in the last three years, while the number of prosecutors remained stagnant. "We don't yet know how to run our own shop," he said. Most of the speakers at the summit agreed with Thompson that the private sector should be responsible for regulating and protecting itself. Keynote speaker Ray Kendall, secretary general of Interpol, said that because the Internet is international territory, the proposed guidelines cannot be implemented worldwide. Instead, each country should be responsible for adopting and enforcing its own regulations for computer-related crimes, he said. Conference sponsors, the Stanford Research Institute and its e-business spinoff, consulting firm AtomicTangerine, introduced their own prevention solutions. SRI unveiled Emerald, a host-based intrusion-detection suite of applications. The detection-censor component of Emerald, which runs on Sun Microsystems SPARC servers, can be downloaded for free. AtomicTangerine also unveiled security software at the conference. NetRadar, which is available free of charge as well, goes beyond currently available solutions by offering more than a filter that can defend a system against certain cyber-attacks, said CEO Jonathan Fornaci. *-------------------------------------------------* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen. Alfred. M. Gray, USMC --------------------------------------------------- C4I Secure Solutions http://www.c4i.org *-------------------------------------------------* ISN is sponsored by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Security: No Blanket Solution William Knowles (May 10)