This bureaucratic foolishness and paralysis comes more than three years after the White House published a 60-page National Strategy to Secure Cyberspace, which noted that "in the past few years, threats in cyberspace have risen dramatically ... We must act to reduce our vulnerabilities to these threats before they can be exploited."
Computers and the Internet are used to control and coordinate airports, radio stations, electric utilities and radio communications between first responders. Imagine how much worse the panic and death toll on 9/11 might have been if New York were left without electric power, without access to computers and without working phones, radio, television or traffic lights.
A cyberattack could plunge all or part of the nation into chaos.
Still, federal bureaucrats have their heads stuck in the sand. In May, red-faced officials at the Veterans Affairs Department acknowledged that sensitive personal information on more than 26 million veterans -- including names, addresses and Social Security numbers -- had gone missing. The data wasn't lifted by hackers: it was stored, uncoded, on a computer taken home by a government official whose last security background check took place 32 years ago.
It gets worse.
The head of the VA acknowledged he wasn't even informed of the data theft until two weeks after the fact. And while the computer eventually turned up with no harm done, Pedro Cadenas, the agency's cybersecurity chief, quit -- telling Government Executive magazine that "the department has no interest in doing the right thing," and that he'd only met the Veterans Affairs secretary once, at a social event.
The laxity of the Veterans Affairs Department isn't an isolated case; several federal departments - including Defense and Homeland Security
- have received a grade of F for the past few years on a Computer Security Report Card issued by Congress. The government's overall grade is D-plus.
Every day, according to a recent report in The Washington Post, hackers make more than 2,000 attempts to crack the Department of Agriculture's computers -- and apparently succeeded a few weeks ago, leading the agency to announce that personal data on more than 26,000 contractors and active and retired employees may have been stolen.
Last year, an unknown intruder got into a computer at the National Nuclear Security Administration, a division of the Department of Energy that monitors the safety and reliability of military nuclear weapons. Information on more than 1,500 agency workers and outside contractors was stolen. Incredibly, the security breach wasn't reported to senior officials; it was buried with more than 830 other incidents the agency experienced last year. Hiding such breaches is common, according to government auditors.
Years before the 9/11 terrorist attack and the destruction of New Orleans, federal officials were warned about grave danger, and did too little to prepare for it.
Chertoff has got to do better -- before it gets worse.
Originally published on July 25, 2006
All contents copyright 2006 Daily News, L.P.