News Analysis: DDoS Attacks Highlight Need to Reduce Government Internet Access Points

The network attacks that severely disrupted several federal agency Web sites this week highlights the need for the government to quickly finish implementing its ongoing consolidation of Internet access points, the former de facto CIO of the federal government and others said today.

By Jaikumar Vijayan

Thu, July 09, 2009Computerworld The network attacks that severely disrupted several federal agency Web sites this week highlights the need for the government to quickly finish implementing its ongoing consolidation of Internet access points, the former de facto CIO of the federal government and others said today.

Online Attack Hits US Government Web Sites
The Botnet World is a Booming World

Multiple government Web sites, including that of the Federal Trade Commission (FTC), the Federal Aviation Administration (FAA) and Department of the Treasury, were temporarily knocked out or slowed down earlier this week by a wave of distributed denial of service attacks.

The attacks were launched from a botnet believed to comprise of nearly 50,000 infected computers, and were designed to render Web sites inaccessible by inundating them with useless traffic.

Security researchers have described the attacks as being relatively unsophisticated. Even so, the attacks still managed to totally shut down the Web sites of the FTC and Department of Transportation for several hours over the weekend, according to statistics available from Internet monitoring firm Keynote Systems.

The most important lesson learned is that many federal agency security people did not know which network service provider connected their Web sites to the Internet, said Alan Paller, director of research the SANS Institute. "So they could not get the network service provider to filter traffic," Paller said.

The problem has to do with that federal agencies have more access points to the Internet than they know how to monitor or to manage, said Karen Evans, former de facto CIO of the federal government during the Bush administration.

An initiative called the Trusted Internet Connections (TIC) program, which was launched in November 2007, is designed to tackle this issue by getting agencies to drastically reduce the number of individual external network connections, including those to the Internet.

Since the effort was launched, the number of access points across government has been reduced from more than 4,300 to about 2,750, per the last time data on the effort was publicly released in June 2008. The goal is to whittle that number down to about 80.

Instead of having each individual agency manage its own connections, the plan is to have a small group of TIC access providers offering centralized connectivity and gateway-monitoring services to a majority of civilian federal agencies. While 16 agencies will act as their own access providers, 121 others will have their connections managed via a U.S. General Services Administration-approved service provider.

Such a consolidation of access points and management functions would allow for much better network monitoring, filtering and incident response than is possible today across civilian government, Evans said.

Security
Loading...
Security MarketSpace
8 Tactics to Combat Vulnerabilities
This white paper reviews 8 key elements of vulnerability management and provides advice on combating known vs. unknown vulnerabilities. Learn more »
Email and Web Threats Require a Layered Defense
Learn how web threats are changing and how using a layered defense strategy can give you the security you need. Learn more »
The Case for Data Protection for SMBs
Take Fraudsters Out of the Game
Easily identify account-device relationships and get data for in-depth forensic analysis. Learn more »
Mobile Security Landscape
This paper examines the current mobile security landscape, including myths surrounding the risks and threats, and how organizations can establish a solid mobile security strategy. Learn more »
Reducing Energy Costs in Your Data Center
This white paper examines the most common roadblocks to improving data center efficiency. Learn more »
Security convergence equals network security cost savings
 Security convergence equals network security cost savings Learn more »
IBM ISS X-Force Threat and Risk Report
Read this Trend and Risk report from IBM® ISS X-Force® to learn statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and general cyber criminal activity. Learn more »
 
SPONSORED LINKS
 

Mobile Security: The Essential Ingredient for Today's Enterprise

IDC White Paper: CCM for IT Compliance and Risk Management

Keeping Your Members Safe from Online Scams and Predators

Learn about the growing threat of insider data theft.

See how AT&T can help protect your network.

Webcast: Unleashing the Power of Customer Data

White Paper: 5 Best Practices for Smartphone Support

Global Research: CIOs Weigh In On Virtualization

5 Key Virtualization Management Challenges

The Total Economic Impact of Network Security Intrusion Prevention

Join us at the US-Brazil IT-BPO Summit, on November 10th in New York.

Increase UPS efficiency without sacrificing protection.

Learn how advanced forecasting tools can deliver significant business results for global corporations.

Lower IT Costs with Oracle Database 11g Release 2

White Paper: Visibility and the New Normal of Mobile Work

Quell your virtualization concerns and realize significant cost savings

IDC Whitepaper: How virtualization will improve your medium-size business

Taking the Service Desk to the Next Level

Learn about The Information Technology Infrastructure Library.

Top Five CIO Challenges

Streamline IT Costs. Boost Performance with WAN Optimization.

Want to know how you can maximize employee productivity?

Build your 1st app FREE with Force.com

TDWI checklist helps define data readiness for analytics. Download report.

A new fleet of PCs with a total ROI in 10 months. Find your ROI.

White Paper: Managed Security for a Not-So-Secure World

Secure Email and Web-Based Communication from Evolving Attacks

WagerWorks Takes Fraudsters Out of the Game using iovation

White Paper: A Security Blueprint Delivered From within the Network

White Paper: 4 Customer Service Myths

White Paper: Improve Agility with Operational Responsiveness

White Paper: Legacy Tools: Not Built for the Helpdesk

Taking a Seat at the Executive Table: The Reality of Virtualization

White Paper: Next Generation Remote Infrastructure Management

Seven Design Requirements for Web 2.0 Threat Protection

Generation Remote Infrastructure Management - Changing the Paradigm

Cloud-Based Email Management: Opinion Shifts In Favor

eBook: How Can You Make Your People Productive Anywhere?

Achieving Business Agility with Application Grid

Ready to virtualize tier one applications? Check your virtualization maturity.

Why your midsize enterprise should consider virtualization

It's time your midsize enterprise adopts server-virtualization technology.

Seven Ways ITIL Can Help You in an Economic Downturn

Tips for successful virtualization management.

Unified Communications: Thoughts, Strategies and Predictions. Join the discussion

Read the RSA report: Security for Business Innovation

Webcast: Looking to the Cloud for Email and Collaboration Services

64-page prescriptive guide to security, compliance, and IT operations.

Keep your IT expertise up to date. Join the Intel Premier IT Professionals.

A Clear View Toward Virtualization

 
 
RESOURCE CENTER
 
buy a link »
Ads by TechWords