Hackings at State, Commerce draw House subcommittee's attention

The House Homeland Security Committee’s Emerging Threats, Cybersecurity and Science and Technology Subcommittee wants more information from at least two agencies on recent network break-ins.

In letters to State Department Secretary Condoleezza Rice and Commerce Department Secretary Carlos Gutierrez, committee Chairman Rep. Bennie Thompson (D-Miss.) asked them to answer eight questions regarding each agency’s recent cyberattack. The subcommittee will hold a hearing April 19 on this subject with Jerry Dixon, director of the National Cyber Security Division in the Homeland Security Department’s National Protection and Programs Directorate; David Jarrell, manager of Commerce’s Critical Infrastructure Protection Program; Don Reid, senior coordinator for security infrastructure in State’s Bureau of Diplomatic Security; and Greg Wilshusen, the Government Accountability Office’s director of information security issues.

The letters to State and Commerce sought information on how long it took the departments to become aware of the break-ins, how long the hackers were inside the network before they were discovered and whether the attack compromised other systems.

The committee also wants the agencies to address the last time all personal computers were tested for egress and ingress and how many systems that were certified and accredited under the Federal Information Security Management Act (FISMA) were compromised.

In addition to the break-ins, the committee wants more information about FISMA, including how much the agencies spent on meeting the requirements, whether there is policy to use secure configurations and procurement requirements and how long it took to contact DHS.

Cyberattacks on agency systems have been steadily increasing in the past few years. The Office of Management and Budget reported in its 2006 FISMA report to Congress that agencies reported 706 unauthorized accesses last year, up from 304 in 2005. OMB credits most of the increase to the focus on reporting lost or stolen computers and other hardware containing personal identifiable information.

“Privileged or root system access accounted for 25 percent of unauthorized access incidents, more than double that of non-privileged access,” the report states.

Meanwhile, denial-of-service attacks increased by six in 2006 to 37, while incidents involving malicious code dropped to 1,465 from 1,806 in 2005, the report states.

“The fact is some agencies have greater vulnerabilities because they are open targets,” said Rep. Tom Davis (R-Va.), at a recent event where he handed out his annual FISMA report card. “We should be worrying about a cyber Pearl Harbor. It is troubling agencies still are behind.”