DHS official suggests sharing resources to mitigate cyberattacks
Collaboration could cut the cost of attack mitigation between similar companies, suggests a Homeland Security official
IDG News Service - Groups of companies in the same industry could pool infrastructure resources to help each other mitigate the effects of cyberattacks and work together on security issues, a senior official in the U.S. Department of Homeland Security suggested on Friday.
The comments by Mark Weatherford, deputy undersecretary for cybersecurity, come as a handful of American banks are dealing with a fourth week of DDoS (distributed denial-of-service) attacks on their websites.
DDoS attacks are one of the simplest forms of cyberattack and seek to push websites offline by overloading them with junk traffic so they cannot handle legitimate requests from users.
The attacks have hit banks including Wells Fargo, U.S. Bancorp, PNC Financial Services Group, Citigroup, Bank of America and JPMorgan Chase, and have been claimed by hackers in Iran.
"This has been an eye-opening experience for a lot of very, very large organizations," Weatherford said. "It's got a lot of people's attention. Not just the banks, but the ISPs and some of the other third-party providers as well."
Weatherford was speaking at a cybersecurity awareness conference in Santa Clara, California, that was organized by the Bay Area Council, a public policy advocacy group made up of local companies.
"How about developing a co-op kind of a model for these Web content delivery providers, like an Akamai or Prolexic or some of those folks, where you buy a bunch of servers, more than any one company might need at one time, but you co-op that for like-minded organizations and when someone needs that kind of service you point it at them and they have it available to them," he said.
"I can tell you, because these big banks have just gone through it, they did not have enough capacity, or they barely had enough capacity [because] no one was hurt too bad over the last couple of weeks, but we need to think about different ways of sharing resources among like-minded organizations," said Weatherford.
Weatherford said he made the suggestion at a cybersecurity forum held by the National Cyber Security Alliance in New York on Monday that included representatives of some U.S. banks in the audience.
He preceded his remarks on Friday by noting, "I have no idea if this is legal or conceptually even possible, but it's something to think about."
Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address is firstname.lastname@example.org
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
If you use ‘password,’ one the worst passwords, as your password, fail to keep antivirus protection updated and don’t bother to deploy security patches to close critical vulnerabilities, then maybe you should consider working for the cybersecurity-clueless federal government; you’d fit right in, according to Senator Tom Coburn's cybersecurity and critical infrastructure report.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Red Hat Enterprise Linux - The Original Cloud Operating System
- Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse
- Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Building a Bridge to the Next Generation Data Center
- Selecting a widely adopted operating system is a foundational component of a standardization strategy.
- OpenStack and Red Hat: IDC White paper
- Most OpenStack deployments are by public cloud providers that are early adopters of technology and use OpenStack in a do-it-yourself deployment and support... All Government IT White Papers
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,...
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of...
- All Government IT Webcasts