Obama makes cyber security a priority

The US has moved to increase spending to protect its computer networks from cyber attacks.

By Reuters
Washington, 11 Apr 2013

President Barack Obama proposed on Wednesday increased spending to protect US computer networks from Internet-based attacks, in a sign that the government aims to put more resources into the emerging global cyber arms race.

Obama's budget proposal for the 2014 fiscal year, which begins on 1 October, calls for more military "hackers" to head off escalating cyber threats from China, Iran, Russia and other countries. It would also bolster defences for government and private-sector computer networks.

Intelligence officials said last month that cyber attacks and espionage have supplanted terrorism as the top security threat facing the United States, and military officials sounded the alarm as well. "Lock your doors," Air Force general Robert Kehler told space and cyber industry executives at a conference in Colorado on Tuesday. "Someone from halfway around the world is trying to get into your network looking to steal what you are developing."

The Pentagon said the spending would be used to beef up US defences against increasing cyber attacks, as well as boosting its offensive capabilities. The Stuxnet computer virus, which was discovered in 2010 after it was used to attack a uranium enrichment facility in Iran, is widely believed to have been developed by the US and Israel.

The administration is making cyber security a priority at a time when it is cutting back or holding the line on spending across wide swaths of the government. Obama's budget, released on Wednesday, proposes to boost Defence Department spending on cyber efforts to $4.7 billion, $800 million more than current levels, even as it plans to cut the Pentagon's overall spending by $3.9 billion.

The Pentagon said it plans to expand its Cyber Command, a team of military hackers conducting what it calls "reconnaissance, surveillance, development, maintenance and analysis". The Pentagon also said it would expand efforts to protect its own computer networks.

Under the budget proposal, the Department of Homeland Security would spend $44 million more on a government-wide information-sharing effort even as its overall budget would shrink by $615 million, or 1.5%. The department also would fund more cyber security research and help private businesses and local governments bolster their online defences.

Much of the cyber security spending is contained in classified reaches of the government that do not make their budgets public, making quantifying the overall proposed increase sought by the president impossible.

"The budget includes increases and improvements to a full range of cyberspace activities," the Obama administration said about its classified activities. Separately, the House Intelligence Committee passed a Bill to remove legal barriers that have prevented the government and private companies from protecting their networks against foreign hackers, including tough provisions aimed at protecting privacy.

Representative Dutch Ruppersberger, the top Democrat on the committee, on Monday said the modified Bill had a better chance of winning support in the Senate this year after privacy concerns derailed similar legislation last year.

"A year later, what's changed? This is just getting more and more serious," Ruppersberger told hundreds of industry executives at a cyber conference hosted by the Space Foundation. He cited government estimates that US businesses had lost more than $400 billion in intellectual property to cyber espionage.

Congressman Jim Langevin, co-founder of the Congressional Cyber Security Caucus, said the new Bill included measures aimed at ensuring private information was not unwittingly exposed during any information-sharing between industry and government.

For instance, the Bill encourages the private sector to "anonymise" or "minimise" the information it voluntarily shares with the government, and authorises and encourages the government to create procedures to protect privacy.

It also puts in place restrictions on the use, retention, and searching of any data voluntarily shared by the private sector with the government, and permits individuals to sue the federal government for any such disclosures.

Learn more

You can uncover more on cyber security at ITWeb Security Summit 2013, on at the Sandton Convention Centre from 7 to 9 May.

These top level speakers will unravel the issue, and provide usable, practical information:

* Lessons learned from the trenches of targeted attacks: Robert McArdle, manager of Trend Micro's Advanced Threat Research team for EMEA.
* A higher-level approach to cyber security: Key principles to prepare for, defend against and respond to threats: Inbar Raz, malware research, Check Point.
* Cyber threat combating initiatives planned for Africa: Craig Rosewarne, founder, chairman and MD of ISG / Wolfpack Information Risk.
* Offence-oriented defence: Dominic White, CTO, SensePost.

To book your place at the event, click here.