June 20 was a particularly long day for Scott Charbo, the Chief Information Officer for the Department of Homeland Security (DHS). He was the lead witness in a hearing held by a subcommittee of the U.S. House Committee on Homeland Security. The hearing was convened as part of the Committee's ongoing investigation into the cybersecurity vulnerabilities of the United States.
In his opening statement, the subcommittee's chairman, Rep. James R. Langevin (D-R.I.), emphasized that, from the series of hearings on cybersecurity, it has become clear that "infiltration of federal government networks and the possible theft or exploitation" of government information is "one of the most critical issues" confronting the U.S.
0'Significant Security Incidents'
The irritation of federal lawmakers was heightened by the release of a report by the Government Accountability Office that concluded that, despite some progress, there were still significant flaws in key DHS security programs.
"These program deficiencies," the report states, "contribute to significant weaknesses in computer security controls that threaten the confidentiality, integrity, and availability of key DHS information and information systems."
Langevin said that he was deeply disappointed by the failure of DHS to deal with the security issue. "It was a shock and disappointment," he said, "to learn that the Department of Homeland Security -- the agency charged with being the LEAD in our national cybersecurity -- has suffered so many significant security incidents on its networks."
In a recent report to the Committee on Homeland Security, DHS stated that it had experienced 844 "cybersecurity incidents" in 2005 and 2006. The incidents in question ranged from the discovery of malware for password dumping on DHS computers, to the installation of beacon and botware, to writing out administrator IDs and passwords on hard copy.
The Chair of the Committee on Homeland Security, Bennie Thompson (D-Miss.), said that he questioned Charbo's fitness to continue in his job as DHS CIO. "I've spent some time reviewing Mr. Charbo's responses to our questions," Thompson said, "and reviewing the numerous IG [Inspector General] and GAO audits of his work. I am not convinced that he's serious about fixing the vulnerabilities in our systems."
The Chinese Connection
In one of the hearing's more interesting exchanges, Langevin suggested the possibility that some of the attacks on the DHS stemmed from a single foreign government. "Have you ever requested or received intelligence briefings about Chinese hackers penetrating federal networks," Langevin asked Charbo, "and on a scale of 1 to 10, how concerned are you about this threat?"
"Myself, I have not received intelligence briefings on these incidents," Charbo replied. "Do we receive scans from foreign governments, I believe so. We report those; those are not penetrations. From a scale of 1 to 10, it is significant. It would be at a high scale in terms of concern."
Charbo defended DHS security, telling the subcommittee that, "We do have a decent perimeter for the Department, where we are trapping things that come through, but none of those point back to being an orchestrated attack."