WELCOME

Capella has been designated a National Center of Academic Excellence in Information Assurance Education (CAEIAE) by the National Security Agency and the U.S. Department of Homeland Security. Capella’s information security curriculum meets the NSA Committee on National Security Systems standards 4011, 4013, 4014.

This center provides access to resources, tools, and the latest information regarding information assurance as a way to enhance understanding in this field of study.

CNSS Certification

The NSA’s Information Assurance Courseware Evaluation (IACE) Review Committee has validated that Capella’s information security curriculum meets the Committee on National Security Systems (CNSS) National Standards 4011, 4013, (and 4014 coming). Learn what this means to a Capella learner.

ARCHIVES

Current Topics

«
»


True Cybersecurity — or is Government Seizing the Ultimate Power? You Decide.

From Jimmy Arendt | September 14th, 2009

What am I talking about? I am talking about Bill S.773 that is before the 111th Congress 1st Session – AKA Cybersecurity Act of 2009. This bill was introduced to the Senate by Senator Rockefeller, et al. dated March 31, 2009. According to the “Cybersecurity Act of 2009 as found on OpenCongress.org’s Web site; this is “A bill to ensure the continued free flow of commerce within the United States and with its global trading partners through secure cyber communications, to provide for the continued development and exploitation of the Internet and intranet communications for such purposes, to provide for the development of a cadre of information technology specialists to improve and maintain effective Cybersecurity defenses against disruption, and for other purposes. “ (OpenCongress.org, 2009).At first glance this sounds like a great program, except for the fact that the above statement is vague because it fails to state what and who is affected by the bill.  It’s no wonder that out of approximately the 1000 people that responded, only two percent support this bill. I, for one, oppose the bill.

In Sec. 2 paragraph 1, it states that “Congress finds the following:  America’s failure to protect cyberspace is one of the most urgent national security problems facing the country.”  Currently the American portion of the cyberspace is owned by private companies.  The government is looking to take over the responsibility of protecting its citizens and its infrastructure against attacks. 

The bill, if passed, will give the President of the United States of America or the Cyber Advisory Panel the ability to SHUT DOWN any Internet connection they deem a threat to national security or to the National Cyber Infrastructure.  This will inhibit freedom of speech and could raise a large number of violations of the freedom of speech lawsuits.  Currently it is estimated that 18-22 percent of cyber attacks originate from within the United States.  The other approximately 78 percent, should be the responsibility of the governments from which the attacks originated.

This bill will punish citizens by failing to honor "innocent until proven guilty."  It is also designed to protect companies that have been too stupid to protect themselves against attacks.  Maybe these businesses should not remain in business if they fail to implement some form of cybersecurity. (Cisco.com, 2009)

Booz Allen Hamilton recommended to “establish a single voice for cybersecurity in government.”  This statement goes against all democratic values that our country was founded upon.  The proponents of this bill allude to the government needing more power to protect its people.  This would violate the very principles of the Declaration of Independence and “Life, Liberty and the pursuit of Happiness" by taking away the functions of top networking companies like Cisco.  According to Cisco, they currently employ more than 65,545 employees worldwide.  If these regional cyber centers are government run, then many of these Cisco employees would be out of a job.

Do you feel that we should give the President or an advisory committee the ability to cut off people’s business Internet service or even home Internet service just because they say it’s a national security risk?  In the Section sub paragraph 13, President Obama implies that we are doomed if this bill isn’t passed. (Opencongress.com, 2009)

References:

Cisco.com – News@Cisco – > Fact sheet, 2009. Retrieved September 11, 2009 from http://newsroom.cisco.com/dlls/corpinfo/factsheet.html

Open Congress  Text of Senate bill S.774 – Cyber Security Act of 2009, 2009. Retrieved September 11, 2009 from http://www.opencongress.org/bill/111-s773/text

http://www.politechbot.com/docs/rockefeller.revised.cybersecurity.draft.082709.pdf

 

 

Tags: , ,

You can leave a response, or trackback from your own site.

3 Responses to “True Cybersecurity — or is Government Seizing the Ultimate Power? You Decide.”

  1. Mary Brown says:
    September 14th, 2009 at 1:32 pm

    There have been recent examples of distributed denial of service attacks against the federal governments of some nations. If someone points an army of BOTS against the federal governments Internet assets, is it not reasonable to have a single authority able to make the decision to ‘disconnect’ in response to such an attack? Why or why not? :)

    http://www.associatedcontent.com/article/415077/turkish_cyber_terrorists_attack_the.html

    http://www.computerworld.com/s/article/9135406/Analysis_Was_North_Korea_behind_the_DDOS_attack_?source=rss_security

  2. Jimmy Arendt says:
    September 17th, 2009 at 1:19 am

    I still do not believe that it is reasonable for any ONE individual to cease traffic to any network system just like you would not give that power to a General on a battle field the ability to launch nuclear weapons. In an article found actonline.org’s website it discusses how “Bot networks are already generating attacks of overwhelming volume, in ways that are nearly impossible to stop or to trace back to their origins”.and “how more than 250,000 personal computers are infected with bots each day, putting at least 10 million computers at the disposal of those with bad intentions” (actonline.org, 2009)

    With the current scope of how bots are running rampant, how can just one person control the attacks? One problem that I see with the “Kill Switch” concept is that if someone truly wanted to cripple our government via bot attacks, the kill switch would have exactly the desired effect. Because it would halt all traffic to the affected network.

    I think the best approach of the Cyber Security Act of 2009 is funding training of America’s citizens about what bot attacks are and how to prevent them. If we imposed sanctions against corporations that fail to patch their system with reasonable due care, these funds can go to continuing education of future cyber investigators, watchdog organizations and contribute to lowering the cost of certified software to reduce the threat on a personal computer level. Also according to actonline.org, “The ‘Next Billion’ Internet Users may bring on the ‘Next Billion’ Bots.

    The Wall Street Journal reported this week that ICANN, manager of the Internet domain name system, is implementing internationalized domain names (IDNs). IDNs will help the next billion Internet users enter web addresses entirely in their native language and character sets. As part of this project, ICANN is encouraging users to test native character domain names in their browsers, email software, and other applications.

    At the same time, ICANN and others should be warning new internet users against downloading any patches or new applications unless they are dealing with a trusted website and scanning for viruses and malware. Otherwise, ICANN is inviting the “next billion” users to download the “next billion” bots capable of generating spam, phishing fraud, and the kind of denial-of-service attacks that brought down Estonia’s internet.”

    These next billion users, instead of perpetuating the problem can become part of the Army to fight Viruses, Spyware, malware, adware and the many bots, phishers and spammers that are currently plagueing the Internet. With this said, I still believe one person should not have the power to stop traffic. A committee of qualified individuals should be required to provide a corrective action scenario to the President and then and only then can the President have the switch flipped to turn off a portion of the Internet.

    One fear I have is that if this power is abused or falls into the wrong hands then the attacker now has the ultimate power. Do you think that this scenario I possible and how can we prevent it from happening if we do not have checkpoint measures in place to prevent runaway power?

    Reference:
    ACT Organization – BOT Armies, What is the threat to US Cybersecurity, (2009). Retrieve September 16, 2009 from http://www.actonline.org/library/bot_armies.html

  3. Mary Brown says:
    September 17th, 2009 at 2:20 pm

    I agree that educated users make a safer Internet for all of us. Maybe one day we will have a mandatory training program for anyone firing up their browsers but then I’ve been reading a lot of “1984″, “Brave New World”, “This Perfect Day” kinds of books lately so may have an overinflated idea of what government can control :)

Leave a Reply

Let us know what you think. All comments will be reviewed prior to going live. Comments that are profane or obscene, or unrelated to the topic of the post will not be published.

Categories

RESOURCES

NEWS FEEDS

META

CAPELLA CONNECTION

Capella University offers several degree programs which specialize in the information assurance and security field. Visit one of the links below for more information.

To learn more about Capella, please visit http://www.capella.edu or call 1.888.CAPELLA, option 2, to speak to an enrollment counselor.

Capella University