US plots to KILL hackers – with bureaucracy! A new US government "cyber threat" agency will take information on computer security breaches at private companies, pair it with classified intelligence – and put it back out to businesses so they can learn how to beef up their defences. That's the dream, anyway, according to President Obama's homeland security and …
Why start up another bureaucracy when the ones we have already tasked aren't doing the job? Ok.. maybe it's a "feel good" deal that can be pointed to while saying "see, we're doing something". Reality.. is they'll do nothing but play politics and in-fight amongst themselves and with the people they are supposed to be serving. History repeats itself again.
Have an upvote, theres no "maybe" about it. Obama has meddled in the affairs of almost every agency in the administration. He has a difficult time letting people do their jobs and has lost several key military and staff advisers because of it. He does not like the fact that the people responsible for the NSA and CIA already know more than Obama ever will. His advice goes unheeded because it's useless. The NSA and CIA are not charged with protecting private business.
The solution is the create another agency that is entirely beholden to him so he can point at it and say he is "tough on hackers" (when nothing could be further from the truth) while bending the new bureaucracy to his will. On a political perspective, it gives him his own personal spy agency. Given how the IRS has acted during the Obama Administration, that becomes a very scary proposition.
Sea-Stick will be about as useful against zero-days as a windows internet security package. Meanwhile they'll have legal grounds to slurp up all sorts of consumer data for the greater wood... err good.
"CTIIC will also hook up different arms of the government, pulling in intelligence from everyone and then act as a source of information for all."
Ah, so a prime target for any and all hackers then. 50 cents says there will be at least phishing attacks within the first 6 months of operation. If communication isn't done via email then it will be watering hole attacks against any related websites. Or some intern will send off a copy of a few million consumer database records.
There's no need for any more agencies, committees, or bureaucracies. The solution is to do what our company does.
Our IDS/IPS notes the IP address of the attempted hack, enters a rule into the firewall, then looks up the owner in a whois database,and sends an email to their abuse/support line, together with the system log extracts.
It's totally hands-off automatic, and cuts off the hackers' source of zombies. If everyone did this, it would limit each hacker to just one hack attempt.
.
Last June, we were getting 7000 hack attempts a day from a Turkey-based botnet, which had taken over almost every subnet in Argentina and Brazil. The attack died exponentially, as each compromised server was reported and cleaned up by the ISP.
If anyone wants to do something that actually works, I'm happy to give away the source code of the IDS/IPS for free, together with a dump of our whois database. It's written for Sun, so you'll need to modify the firewall rules if you use IPtables.
If this sounds like it'll work for you, send me an email at xmarks(at)exemail.com.au.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
