Lost in cyberspace

- October 24th, 2012

This stunning revelation just in from the Auditor General: Canada’s government is at sea when it comes to computer security. In wooden ship. With a jammed cannon. Shouting “Bang” at bad guys.

OK, he didn’t say that. Auditors General don’t use that kind of language. Instead they say “Between 2001 and 2009, the government made limited progress in its efforts to lead and coordinate the protection of Canada’s critical infrastructure from cyber threats as these threats were rapidly evolving.”

Or “Eleven years after the government said it would establish partnerships with other levels of government and with critical infrastructure owners and operators to help protect Canada’s critical infrastructure, not all of the sector networks that facilitate these partnerships are fully established, and coverage is incomplete. This lack of progress limits Public Safety Canada’s ability to communicate with critical infrastructure owners and operators.”

Or “Seven years after the Canadian Cyber Incident Response Centre (CCIRC) was created to collect, analyze, and share cyber threat information among federal departments, provincial and territorial governments, and the private sector, many stakeholders are still unclear about the Centre’s role and mandate…. Furthermore, the Centre is still not operating on a 24-hour-a-day, 7-day-a-week basis, as originally intended. This restriction on operating hours can delay the detection of emerging threats and the sharing of related information among stakeholders.”

Or “The January 2011 intrusion on government systems identified weaknesses in protecting these systems. Incidents were not reported in a timely manner and cyber threat information was not properly shared with appropriate agencies. Also, good information technology (IT) security practices, such as how to store sensitive information, were not consistently followed.”

With hostile governments engaging in massive espionage (how do you say “Hello” in Chinese?) and massive denial-of-service attacks on banks by governments and freelance militants that are probably testing the bits and pieces necessary for what the U.S. Defence Secretary has called a possible “cyber Pearl Harbor” our government has leaped into committee and is firing a barrage of press releases.

Is anyone surprised? Honestly, when you watch MPs fumble files you know they’ve been studying for years that don’t require specialized knowledge, and when you’re certain 95% of them couldn’t find Regedit with a flashlight, what chance is there that they’d be on top of this problem? As for the public service, I’m sure there are people in it who see very clearly how bad this is. But what’s the chance that our swollen and dysfunctional executive branch could develop coherent substantive as opposed to public relations policy?

Hey everyone. “Bang”. Scared now?

 

Categories: Bureaucracy, Foreign affairs, Government, Military, Politics, Public Safety, United States

Subscribe to the post

2 comments

  1. Kevin S says:

    Yeah! If we do something that gets the Chinese mad at us – hold on. If we do something that really really makes them mad at us – picture the ice storm blackout conditions across the entire country. Scary stuff.

    World to Feds – it’s way past time to get off the dime on this one.

    I’m what you’d call computer illiterate, but from what I’ve read and heard, aren’t the good hackers among the brightest in the field. If that’s the case, then it seems like it would be impossible to provide any real security against their attacks. with computers set up the way they are now.
    ‘Sounds like the only way to get away from them is for institutions to unplug their operations from the computer grid, and have dedicated computers for outside communications. Any input to the dedicated computers would be by disc, whcih would be “wiped” clean after being used.

  2. JadeM says:

    I hope this article opens some eyes to the technological problems that have been rising for the past ten years. Anyone who knows their fair share about what is available on the technology market these days, knows that it is way ahead of our security measures. Internet access have developed so quickly in the last decade that it is simply not possibly to keep up with the software necessary to efficiently secure personal information. In a time when the government and big sites like Facebook, Twitter and Google are overflowing with information and users, we need to realize and hire a number of computer programmers and technicians to iron out all of these problems. These webpages all started with good intent but as time goes on we need to keep up with the glitches as they come about.

Comments are closed.