Sign-In.gif

Dennis Clem, the Office of the Secretary of Defenseâ''s (OSD) chief information officer, reportedly said last week at the Information Processing Interagency Conference that the June 2007 network hack into defense computers stole an â''amazing amount" of information, according to Government Executive magazine.

According to the magazine Clem said, â''We don't know when they'll use the information they stole, [which was] an amazing amount, [including] processes and procedures that will be valuable to adversaries.â''

While Clem didnâ''t say who the attackers were, the speculation has been that it was Chinese government sponsored hackers, a charge the government vigorously denies. CNN posted a story yesterday interviewing a number of Chinese hackers that suggests that the Chinese government was indeed behind the attack.

According to Government Executive, after the intrusion was discovered and the network shut down, it took OSD three weeks, $4 million, and the introduction of a boatload of new security processes before recovery was complete. The US Department of Defense gets some 70,000 intrusion attempts per day.

In a case of good timing, according to a story in yesterdayâ''s Washington Post, the Department of Homeland Security (DHS) is next week going to conduct a follow-on to its Cyber Storm I exercise. The Post says that Cyber Storm II is planned to be â''the largest-ever exercise designed to evaluate the mettle of information technology experts and incident response teams from 18 federal agencies, including the CIA, Department of Defense, FBI, and NSA, as well as officials from nine states, including Delaware, Pennsylvania and Virginia. In addition, more than 40 companies will be playing, including Cisco Systems, Dow Chemical, McAfee, and Microsoft.â'' Also involved will be government agencies from Australia, Canada, New Zealand, and the United Kingdom.

The exercise is needed none too soon, according to another Government Executive story this week that quotes National Intelligence Director Michael McConnell that the US is not prepared to deal with threats against military and civil networks and information systems.