SECURITY IN CYBERSPACE
STAFF STATEMENT
U.S. SENATE
PERMANENT SUBCOMMITTEE ON INVESTIGATIONS
(Minority Staff)
HEARINGS
ON
JUNE 5, 1996
Summary
TABLE OF CONTENTS
I. THE INFORMATION INFRASTRUCTURE 3
A. Defining the National Information Infrastructure 3
B. Our Dependency on the NII 4
II. VULNERABILITIES 7
A. Weaknesses in Hardware & Software 11
B. Human Factor 16
C. Lack of Security Culture 18
D. Examples of Vulnerabilities 21
III. THE THREAT 25
A. Lack of Intelligence Collection 26
B. Lack of Detection and Reporting 32
1. Government 32C. The Potential Attackers 38
2. Private Sector 33
IV. EFFORTS TO PROMOTE INFORMATION SECURITY 42
A. Creation of a National Policy 43
B. Current Law Enforcement Response 45
C. Private Sector Response 48
D. Computer Emergency Response Team (CERT) 50
E. Encryption and the NII 53
F. NIST and NSTAC 55
1. National Institute of Standards and Technology (NIST) 55G. International Efforts to Promote Information Security 57
2. National Security Telecommunications Advisory Committee (NSTAC) . 56
V. STAFF RECOMMENDATIONS 60
APPENDIX 64
- APPENDIX A Computer Terms and Definitions
- APPENDIX B THE CASE STUDY: ROME LABORATORY, GRIFFISS AIR FORCE BASE, NY INTRUSION
- APPENDIX C FEMA Abstract on PDD-39
- APPENDIX D SAMPLE COMPUTER LOGON BANNER
|
NEWSLETTER
|
| Join the GlobalSecurity.org mailing list |
|
|
|
