Few war-induced attacks, feds say

With the war in Iraq commencing last week, federal agencies were poised for possible cyberattacks on critical information systems from tech-savvy political activists and possibly from hostile countries, but few materialized or made it through agencies' cyberdefenses, federal information technology managers said.

The launch of the U.S.-led war prompted "hacktivists" — hackers who attack government computer systems to send a political message — to deface Web sites worldwide with anti-war slogans. Some reports said that a Navy site and an Agriculture Department site were defaced, and a hacker gained control of an unidentified military Web server by exploiting a vulnerability in Microsoft Corp.'s Windows 2000 operating system.

But IT managers said few attacks were successful because federal agencies — which have been on heightened alert since the Sept. 11, 2001, terrorist attacks — have installed the latest security software and hardware to secure networks and have assigned personnel to monitor networks for attacks and intrusions.

For example, IT officials at the Bureau of Customs and Border Protection saw some denial-of-service attacks but no serious attempt to break into its systems last week. "Nothing really has occurred," said Woody Hall, former chief information officer at the Customs Service, which recently moved to the Homeland Security Department (DHS).

During the past three years, Customs installed firewalls, developed and followed better Internet security practices, installed monitoring software to detect anomalies and worked closely with the Federal Computer Incident Response Center (FedCIRC) to install software patches and defenses. "It takes money and the right kind of people," Hall said.

Prior to the war's outbreak, DHS set up an incident response center, which has seen two or three minor incidents but no attacks, said Steve Cooper, the department's CIO. "It went smoothly. [Incidents] were responded to. There was no damage."

The reports are good news for agencies, which have been criticized for poor security management practices. In November 2002, former Rep. Stephen Horn (R-Calif.) gave two-thirds of the 24 agencies he graded an F for their security practices. The Bureau of Indian Affairs at the Interior Department is still disconnected from the Internet after an outside security firm proved it could easily hack into a computer system that manages Indian trust funds.

The Transportation Security Administration also reported positive results. "There is nothing significant to really report," said Joe Peters, IT services and infrastructure leader at TSA.

The Department of Health and Human Services saw no significant attacks either. HHS is working "with DHS, [the Office of Management and Budget] and the FBI in the continuous monitoring of [our] networks, looking for hacking and cyberhacking attempts," said spokesman Bill Hall.

Agency officials didn't feel it was necessary to implement any new security policies once the war started. "We've been very vigilant about hacking attempts on our systems for a long time," Hall said, citing an attempt by Chinese hackers to attack the HHS system a couple of years ago.

FedCIRC, which tracks cyberattacks on federal information systems, reported no unusual increase in attacks governmentwide. Sallie McDonald, who oversees FedCIRC, said the center expected an increase in attacks once the war started, but as of late Friday, no increase materialized. "We have been much more vigilant, but we have not seen any increased activity," she said.

The security consulting firm mi2g Ltd. reported March 21 that companies were seeing more cyberattacks and that government and military systems were "also being targeted but in smaller numbers," according to a company statement.

Mi2g officials attributed the low number of attacks on federal Web sites and servers to the government's increased investment in security, a fear among hackers that they could be caught and prosecuted, and their desire to hurt the economy by attacking .com rather than .gov and .mil sites.

Alan Paller, director of research for the SANS Institute, an information security education and consulting organization, said that enhanced security has made it more difficult for cyberattackers to wreak havoc on government sites. "The number of people watching [network] traffic and the skill level of people [are] up," he said.

IT managers in the Navy also have "hardened" their systems against attack during the past several years. "There's definitely a heightened sense of awareness on the part of everybody, but we have been working really hard over the last several years to put into place a robust structure from the standpoint of information security, threat levels and those sorts of things," said Dave Wennergren, the Navy Department's CIO.

Strong security was one of the top requirements of the $8.8 billion NMCI contract from the outset, said Capt. Chris Christopher, NMCI staff director. "These are the proper security measures from their perspective, so in that sense, we are not doing anything differently because of any current events or situations."

Dan Caterinicchia, Diane Frank, Matthew French, Judi Hasson, Allan Holmes, Megan Lisagor and Sara Michael contributed to this story.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group