Pages

Categories

Search

 

Is an ‘alternate Internet’ the only refuge from mounting threats?

by
May 20, 2011
Cyber Security, FedCyber Wire
No Comment

via Government Computer News

The rapid adoption of mobile computing is creating vulnerabilities and threats faster than they are being addressed, a panel of industry and government experts said on May 18.

“Mobile is hot, and it will remain hot,” said John Landwehr, Adobe Systems’ senior director of security solutions and strategy.

Landwehr said that mobile, wireless access to the Internet is likely to surpass wired access as early as the end of this year, and most of mobile devices do not have the same level of security as laptop and desktop PCs. “That is going to cause the security landscape to shift very quickly,” he said.

Those statements, made at the FCW Federal Executive Briefing on risk mitigation, were not surprising, but a solution proposed by Steven Chabinsky, deputy assistant director of the FBI’s Cyber Division, was potentially controversial. He suggested that what is needed is an alternate network architecture that provides greater visibility and less privacy.

Chabinsky said the problem today is that the Internet is using a single set of rules in which requirements for privacy and anonymity trump assurance and attribution. This is fine for protecting civil liberties but inadequate for running processes with conflicting security needs. On some systems, such as those using sensitive information or controlling physical processes in critical infrastructure, it is more important to know exactly who is on a network and to be able to see exactly what they are doing.

The concept of separating networks for greater security is not a new. For decades, Supervisory Control and Data Acquisition (SCADA) systems were protected by the fact that they were usually proprietary systems not connected with the Internet or other networks, and difficult to breach or compromise. When legacy SCADA systems began to be replaced with standards-based networking equipment connected to the enterprise network and the Internet for greater convenience, they became more vulnerable.

Continued here.