Virus threat is just warming up, GAO warns

Virus threat is just warming up, GAO warns

Recent assaults by Internet viruses and worms underscore the government's failure to protect information resources, a General Accounting Office official last month told House lawmakers.

'The attacks we are dealing with now are smarter and more threatening than the ones last year and the year before,' GAO chief technologist Keith A. Rhodes said at a hearing of the House Government Reform Subcommittee on Government Efficiency, Financial Management and Intergovernmental Relations.

'I believe we are just witnessing warning shots of potentially much more damaging attacks,' he said.

The subcommittee held a field hearing in San Jose, Calif., at which a number of state and industry officials also testified.

Rhodes said that, 'despite some improvements, poor security and planning and management are the rule rather than the exception.'

Despite the problems, the National Infrastructure Protection Center was able to point to some successes in the fight against malicious code. Leslie G. Wiser Jr., chief of training, outreach and strategy, said the impact of the Code Red worm was limited by warnings issued in July by NIPC.

Book 'em, Dano

In June, an FBI investigation led to the arrest in the United Kingdom of the creator of the Leave Worm.

But, 'we often are frustrated when we are forced to obtain several separate court orders tracing intruders back through several Internet service provider hoops,' Wiser told the panel. 'This is difficult enough when all the activity is within the United States; it often becomes formidable when the trail leads overseas.'

With so much of the nation's critical infrastructure in private hands, Rhodes said, divergent interests in public and private sectors threaten security.

'In the long run, it is likely that hackers will find ways to attack more critical components of the Internet, such as routers and network equipment, rather than just Web servers and individual computers,' he said.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above