Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror
Government Security The Military News Your Rights Online

Department of Homeland Security Wants Nerds For a New "Cyber Reserve'" 204

Posted by samzenpus
from the grabbing-geeks dept.
pigrabbitbear writes "Just three weeks after Defense Secretary Leon Panetta told an audience at the Sea, Air and Space Museum that the U.S. is on the brink of a 'cyber Pearl Harbor,' the government has decided it needs to beef up the ranks of its digital defenses. It's assembling a league of extraordinary computer geeks for what will be known as the 'Cyber Reserve.'"
This discussion has been archived. No new comments can be posted.

Department of Homeland Security Wants Nerds For a New "Cyber Reserve'"

Comments Filter:
  • NO! (Score:5, Funny)

    by ganjadude (952775) on Thursday November 01, 2012 @07:14PM (#41848655) Homepage
    you cannot commandeer /.!
  • by chill (34294) on Thursday November 01, 2012 @07:16PM (#41848679) Journal

    You know they are jealous of Best Buy and wanted to call this the Geek Squad.

  • by rsilvergun (571051) on Thursday November 01, 2012 @07:21PM (#41848719)
    give the prevalence of H1B immigrants and the fact that most aren't staying in the country (better digs back home) does America have any hope of hanging onto a competitive edge? Not that it matters much for the guys at the top (they're global, they don't think about little stuff like countries anymore), but for little 'ole me stuck here in the good 'ole US of A it's a worry.

    And if you think I'm exaggerating, you either aren't working in tech or you're not paying attention.
    • by AHuxley (892839)
      Depends on the competitive edge they want.
      The USA usually finds just the people they need for any role.
      NSA, CIA, DIA know where to find people, get them into crypto, make life more easy as they move up the advanced math ranks.... or trade tracer fire during peace time in distant lands.
      The TSA found its people in other parts of the US and even the tame US press seems to have to report on the lack of basic background reports on staff, missing items... but they had the 'hands' on skills needed...
      So what
  • Assembling? (Score:5, Funny)

    by The Grim Reefer (1162755) on Thursday November 01, 2012 @07:22PM (#41848727)

    Or rounding up?

    [puts on tinfoil hat]

    • Re:Assembling? (Score:5, Interesting)

      by reboot246 (623534) on Thursday November 01, 2012 @08:20PM (#41849151) Homepage
      Many would say that working for DHS would be working for the enemy. They are quite good at terrorizing U.S. citizens.
      • Re: (Score:2, Insightful)

        by cold fjord (826450)

        The enemy is trying to blow up shopping malls and Christmas tree lightings, not prevent those actions. Very few people will shuffle off this mortal coil due to a pat-down for refusing the back-scatter sensor, or from having excess shampoo removed from their baggy of liquids before boarding a flight. Very few people will survive having a building collapse on top of them, their plane being flown into the ground, or standing too close to a truck bomb that goes off 50 feet away at the mall.

        I would say that so

    • by Anonymous Coward on Thursday November 01, 2012 @08:22PM (#41849167)

      Look she spouted a lot of garbage about 'cyber-geddon' and it was torn apart by geeks pointing out that hacking a web page of a power station with its 10 visitors a day, is not synonymous with attacking the power station, and that the fix for these problems is to keep critical stuff on private network links.

      So they hire a few geeks who will talk sh1t to attack the real enemy, us and our plain talking common sense! The War on Common Sense!

      I noticed that the Russian Hacker, Georgia revealed a few days ago, was a sad man living in a crappy room, not a soldier in a military uniform surround by War Game screens. They are just a pest, and for Georgia it should have patched its servers and locked down its logins, even for the government websites so he couldn't deface them.

      If you have a problem, you fix the problem, you don't declare war on it.

      • I don't think the US is worried about traditional a-hole "hacker" who is deluded into thinking cyber-vandalism is a good thing. I think now that Israel and the US teamed up to cyber-attack Iranian nuclear enrichment facilities, the entire world is racing to bone up their cyber-warfare divisions. Real war stuff where people die, not just kids who misunderstood what the term hacker meant.

        Has anyone heard what the extra transistors TSMC was adding to every Xilinx FPGA were for? I doubt they're a good thing.

    • Or rounding up?

      My thought exactly. You're looking at the official suspect list when our digital armageddon finally comes...

  • by jerpyro (926071) on Thursday November 01, 2012 @07:22PM (#41848733)

    Think about it, you participate one weekend a month for sec training and preparedness drills, and take on a special project every once in a while, and get the military benefits without leaving your house. I'd be in for that, especially if it (being those projects) could be done as moonlighting outside my regular job. That doesn't sound so bad.

    • by sgt scrub (869860)

      Count me in too. Well, assuming "preparedness drills" involve donuts instead of pushups.

    • by girlinatrainingbra (2738457) on Thursday November 01, 2012 @08:39PM (#41849269)
      re: If it worked like the Army reserve, I'd be in. Think about it, you participate one weekend a month for ,,,

      .

      You do know that :

      -- quite a few of the reserves are actually deployed at the present;

      --a lot of the National Guard is called out and deployed at the present;

      -- a lot of people who have finished their tours are told that they must re-up.

      .

      Even if they are not deployed overseas, they are often activated to take the place on base of combat troops who are deployed overseas. So if you're part of the Ready Reserve [wikipedia.org], be ready to be deployed at any time of need. Not that there's anything wrong with that. Just know about that ahead of time.

      • The relative number of reserve and National Guard active are not that large compared to the total reserve force. The current goal is no more than three or four deployments over the course of a career - assuming there is a need for that force level deployed to a war zone, which seems unlikely to me.

        Managing the Reserve Components as an Operational Force [defense.gov]

        In January 2007, the Secretary of Defense established total force utilization guidelines that included the planning objective for involuntary mobilization of National Guard and Reserve units and individuals of a “one year mobilized to five years demobilized ratio.” This guideline does not mean that every Reserve member will serve one year out of every six years. . . .

        Many skills that are useful to the uniformed military are difficult to acquire through traditional accession policies, are challenging to obtain on short notice, or are only needed for a limited duration. These skills might include cutting edge, technical skills such as those possessed by engineers, scientists, or information technology professionals, as well as specialized skills such as languages and cultural understanding. Flexible affiliation options allow the Services to meet requirements with individuals who may be willing to volunteer for some form of military service for short periods of time or in response to specific emergencies, but for whom traditional affiliation programs are not of interest. Thus, removing barriers that limit Reserve members from contributing more to defense missions is an ongoing and necessary process.

        - - -

        -- a lot of people who have finished their tours are told that they must re-up

        I think you're confused. Service members were not told they must re-up, but rather some had their service period involuntarily extended by a "Stop Lo

        • You're right that I used the wrong words. Your words were: "Service members were not told they must re-up, but rather some had their service period involuntarily extended by a "Stop Loss" order due to critical wartime need." However, there is no functional difference between thou must stay on the job vs. thou shall not be let go from your duty obligations even though the obligations may have ended in fact your duty obligations must continue onwards.

          .

          Those are two phrases that parse out to the same func

    • by stephanruby (542433) on Thursday November 01, 2012 @08:41PM (#41849279)

      I'd be in for that, especially if it (being those projects) could be done as moonlighting outside my regular job. That doesn't sound so bad.

      If they actually pay you for it, I doubt they'd let you do it at home.

      Think about it, you participate one weekend a month for sec training and preparedness drills, and take on a special project every once in a while, and get the military benefits without leaving your house.

      The US military is famous for switching job descriptions once people have entered their ranks.

      Many people want to be Air Force pilots for instance, so they sign up with the Air Force, but when they find that it's really too competitive to be a pilot, or they don't have the political connections to make that happen. It's too late already -- they've signed on the doted line. The same goes for State Military Reserves, most thought they were committing themselves for a limited time duration of possibly doing disaster relief work, or at most that they might fight within the US in case it ever got attacked, not they were going to fight in Iraq in a pre-emptive war, and nor did they know that their contracts could be changed indefinitely at will.

    • up till your called in and end up on a year long project and then what happens when you go back to your job??? The law says they can't do anything but you may have to stand up for your rights.

  • Please, just stop... (Score:5, Interesting)

    by FSWKU (551325) on Thursday November 01, 2012 @07:23PM (#41848739)
    Once again, the clueless people in high places prove they don't understand. Attaching "cyber", "e", "online" or even "with a computer" to something does NOT make it a new threat. And "Cyber Pearl Harbor"? Gimme a damn break. There is no need to try and compare unlawful access to a computer system by a foreign entity to an attack that killed thousands of people and drew the US into one of the bloodiest conflicts in human history.

    Espionage is espionage, regardless of wether it's someone sneaking documents out of a building or tapping into someone's computer system. Just because something happens on a computer does not automatically make it a new class of crime for which there must be an immediate expenditure of untold sums of taxpayer money.

    So please, governments....stop with the crap already...
    • by Penurious Penguin (2687307) on Thursday November 01, 2012 @07:39PM (#41848873) Homepage Journal
      I think they know this well enough, but their terminology is specifically targeted at the sort of people who consider the act of defacing a webpage serious hacking. What we really need is a GUI interface in Visual Basic to track the IPs of these terrible cyber-terrorists. That'd do it, mark my wurd.
    • by Anonymous Coward on Thursday November 01, 2012 @07:46PM (#41848909)

      But but but people connect their power plants and natural gas pumping stations to the internet because they wanted to post some updates on their facebook or do a foursquare checkin and they forgot their iPhone at home! Then when some work gets into these control systems and causes problems (maybe even people could die), it is not because of action of some locals that hooked up critical systems to the internet. It will be "digital perl harbor"!!

      In politics it is not about rationality and common sense. It is about posers and perceptions. Hell, that's how we almost all died back in the engineered "Cuban missile crises".

      So when some retards screw up a power grid, the result will be "how do we respond?!? war! WAR!", not "why were these systems on unprotected networks?".

      Times change, but our thought patterns seem to clearly remain back in the stone age. DHS just proves the point once again.

      • the power grid needs to link all the plans and substations to each other so they can control all the switches on the lines.

        • by dynchaw (1188279) *

          Yes, but plants and sub-stations don't need to shop on e-Bay or check their Facebook status now do they?

          If they need to be connected to a network, make it a private network and most of these issues go away.

          There is no sane reason that these networks and these facilities should not be air-gapped from the internet at large. There are ways around the air-gap (stuxnet), but even these are trivial to prevent by not allowing random USB keys from outside by gluing the port closed and/or securing the hardware prope

          • by dkf (304284)

            Yes, but plants and sub-stations don't need to shop on e-Bay or check their Facebook status now do they?

            You mean you don't detect when your power station has been hacked by seeing whether the generators have unfriended you?

    • There is no need to try and compare unlawful access to a computer system by a foreign entity to an attack that killed thousands of people and drew the US into one of the bloodiest conflicts in human history.

      Yes there is if you are looking to provide a justification for continuing to feed trillions of dollars to the military-industrial complex.

    • by flonker (526111)

      Regardless of terminology, a massive attack on the virtual infrastructure is a different class of attack and requires a different class of defense. The term 'cyber Pearl Harbor' is ridiculous and disrespectful to those who were at the real Pearl Harbor. Also, DHS is probably the worst department to be in charge of, well, pretty much anything. The NSA would be a much better choice.

      With that said, I think it's not too bad of an idea once you realize what the proper response is to a massive attack on the en

    • by zerro (1820876)

      Espionage != sabotage

      Look at the computers on the desk here:
      http://ronslog.typepad.com/ronslog/2008/05/eagle-mountain.html [typepad.com]

      Any clues as to control over some of the SCADA systems here might do?

      in my best "say what again!" voice: Tell me it's not gonna cause problems!

      • by Hentes (2461350)

        Sabotage, and even assasination have been part of espionage for quite a while. Neither of the necessarily means war.

    • by AK Marc (707885)
      What would you call it if someone hacked ATC and crashed airplanes, killing thousands of people? Would it matter if it started the next bloodiest conflict in human history?

      Espionage is espionage,

      So far it has been, but what happens when it isn't centrifuges targeted, but humans? Train crashes and infrastructure failures?

  • by Anonymous Coward

    I can't help thinking we'd be better off sending our very worst programmers overseas instead. If you really are a computing screw up, the kind of guy that turns a "hello world" into an infinite loop, your truly are an asset to this nation and we'll gladly sponsor your job application to iran or north korea. Problem solved.

  • by epyT-R (613989) on Thursday November 01, 2012 @07:28PM (#41848781)

    well then it's time for the people in charge of this, who were probably the lawyer/prep/ivy league have-it-alls in highschool, to get over their cliquish demands for irrelevant shit like dresscode conformity, good looks, superficial pop culture interests, and top tier athleticism if they want the very best technologists. Of course, if these assholes had learned anything since high school, they'd realize calling anything 'cyber' or 'virtual' scares away the people they're trying to bring in before they even start.

  • sorry leon (Score:4, Funny)

    by Lehk228 (705449) on Thursday November 01, 2012 @07:29PM (#41848787) Journal
    Sorry leon, /b/ still is not your personal army
  • by Anonymous Coward on Thursday November 01, 2012 @07:45PM (#41848899)

    If that were true, it would have already happened by now. I mean, wtf are the US's enemies waiting for?

    Here's what someone said back in 1998: [fas.org]

    PREPARED STATEMENT OF SENATOR FRED THOMPSON
    CHAIRMAN

    COMMITTEE ON GOVERNMENTAL AFFAIRS

    MAY 19, 1998

    "WEAK COMPUTER SECURITY IN GOVERNMENT: IS THE PUBLIC AT RISK?"

    The Governmental Affairs Committee today is holding the first of a series of hearings on the security of federal computer systems. The potential benefits promised by computers are contrasted with inherent risks to our security and public safety. While advances in computing power potentially can remake how the government does business and how future wars are fought, it also creates vulnerabilities which must be reduced. Today’s hearing will address the darker side of the information revolution while exploring how we can better protect government information.

    Computers are changing our lives faster then any other invention in our history. Our society is becoming increasingly dependent on information technologies, which are changing at an amazing rate. Consider a couple of examples:

    The singing greeting cards which you buy today for $2 have more computing power then existed in the world before 1950.

    A video camera which you buy today for less then $1000 has more computing power then a 1960s computer the size of this room.

    Combine this rapid explosion in computing power with the fact that information systems are being connected together around the world without regard to geographic boundaries. The increasing ability of computers talking to each other offers both opportunities and challenges.

    In today’s hearing, we will discuss these challenges. We will hear that the nature of this challenge comes from the fact that our nation’s underlying information infrastructure is riddled with vulnerabilities which represent severe security flaws and risks to our nation’s security, public safety and personal privacy.

    While "hacker attacks" receive much media attention, what worries me are the attacks that go unknown. The nature of attacks in the information age seems to allow a malicious individual or group to reach out and inflict extensive damage from the comfort and safety of their home.

    We must ask whether we are becoming so dependent on communications links and electronic microprocessors that a determined adversary or terrorist could possibly shut down federal operations or damage the economy simply by attacking our computers.

    At risk are systems that control power distribution and utilities, phones, air traffic, stock exchanges, the Federal Reserve, and taxpayers’ credit and medical records. Unfortunately, government agencies are ill-prepared to address the situation. We as a nation cannot wait for the "Pearl Harbor" of the information age. We must increase our vigilance to tackle this problem before we are hit with a surprise attack.

    Our witnesses today have substantial knowledge about what the problems really are and can recommend solutions. First, Dr. Peter Neumann, a recognized private-sector expert on computer security, will provide the Committee with an overview of information security issues and testify on the systemic security problems in the government’s computer systems.

    Then we will hear from L0pht -- seven members of a "hacker think tank" who identify security weaknesses in computer systems in an effort to persuade companies to design more secure systems. L0pht members will testify about specific weaknesses which enable hackers to exploit the nation’s information infrastructure and government information.

    Excuse me if I can't take the government seriously about preventing a cyber "Pearl Harbor". What'll happen is that there will be some attack w

  • Why would you hire an expert computer hacker/programmer/systems guy/girl if they can get paid 3x the amount working in a private company?

    If you want to create an elite set of 'ubergeeks' you need to pay them a lot of money, allow them to work in jeans and tshirts, endless supply of mountain dew and snacks.

    Or otherwise work for Google.

    • by AHuxley (892839)
      That feeling of knowing of 1000's doing math, crypto, mapping, science - all over the USA every year:
      a team of agents talked to your grandparents, parents, friends, other extended family, teachers all over the USA and you passed...
      That feeling of knowing your in for life and your clearance might help your kids get a good job?
      That feeling of knowing your clearance is good for the public and private sector or an effortless mix of both.
      That feeling of knowing all private companies in the USA use your netwo
  • I put on my robe and wizard hat.
  • Yes I'm sure that Network Security
    Specialists enjoy anything related to the word
    CYBER, it is like the New Wave era of
    HACKING (not to be confused with
    cracking)... or something like that

  • How much does it pay,
    How long until I qualify for a pension, and
    Do I get to hack other countries for fun and profit without worrying about legal repercussions?

    (Hey, the SCADA hacks on Iran sound like pure geek porn. Don't lie, you all wish you could have done that without fear of the MIBs showing up at your door to ship you off to Gitmo!)


    Oh, and most important - I want a guarantee, in writing, notarized, and reviewed by my lawyer, that they won't ship me off to die in some foreign sandbox (no tech-p
    • by pchan- (118053)

      It does sound like fun and I would enjoy it given the right working conditions, though I imagine these are highly unlikely to be found in a military operation.

      However, no lawyer can get you the guarantee you're looking for. If you are a male and a United States citizen, you'll remember having registered for Selective Service ("The Draft") before your 18th birthday. Under the right conditions any registered person can be called up for service, all it takes is an act of Congress.

      • by pla (258480)
        Under the right conditions any registered person can be called up for service, all it takes is an act of Congress.

        True, of course, but an extreme situation (and one in which I would have no qualms about telling them where to stick their "act"). I'd rather spend a war in Canada than getting tortured by Muslims/Koreans/UnknownFoeX, thankyouverymuch. :)

        I mean more of a basic contractual agreement - Short of Congress choosing to terminate my interest in the well-being of the USA, an understanding that I w
  • by GodfatherofSoul (174979) on Thursday November 01, 2012 @08:08PM (#41849059)

    ...just hook me up with some of them Colombian hookers the Secret Service has been recruiting for their Randy Reserves.

  • It could be a hard sell, but if Samuel L. Jackson called, I'm sure people would join. Of course, Anonymous would have to kill the Phil Coulson of nerds first.

    "There was an idea to bring together a group of remarkable people, so when we needed them, they could fight the battles that we never could... "

  • This whole thing is useless, and counter intuitive.

    Essentially, government is going "ZOMG! We have (t)error(ist)s causing problems in our networks causing mayhem and loss of our priviledged informations!" And instead of going "hmm.. maybe we should audit our standards and practices, and actually hire people who know what they are doing...", they instead proclaim "we must create a new branch of the armed forces to be responsible for our existing and unwieldy information infrastructure! We'l call it "cyber so

  • by Penurious Penguin (2687307) on Thursday November 01, 2012 @08:27PM (#41849183) Homepage Journal
    New Pearl Harbor is a melodramatic pre-imagining of the teenage attack on U.S. power-grids and the subsequent DooAlittleMoreThanNecessary Raid. While not directed by Michael Bay, fans of his in the CIA have collaborated with the makers of Innocence of Muslims and Rupert Murdoch in this captivating mind-wrenching sequel.

    "When you see the part where Leonardo DiCaprio telnets into the Pentagon and sends drones to Moldova, you'll shit your pants!" -- Sock Puppet Reviews

    "If you told me Justin Bieber could've played such a convincing hacker, I'd have laughed in your face" -- Hillary Clinton

    "It brought tears to my eyes, and I was a POW." -- J. McCain

    "Thank Yahweh for benzodiazepines! " -- Janet Napolitano (Eight-Time Mother of the Year Award Winner)

    "You'll need your Mountain Dew for this one!" -- Anonymous

    *Partially plagiarized from wikipedia [wikipedia.org].
  • by Anonymous Coward on Thursday November 01, 2012 @08:30PM (#41849201)

    Didn't we all get into technology for the meetings, the red tape, the bureaucracy, the TPS reports, the PHBs (pointy haired bosses)

    In no particular order, the Heroes at Homeland Security will clap the leg-irons onto all their tame geeks, will lock down every box, will firewall every internal network, will take away every admin priv, will assign a "handler" to every geek with veto authority on every mouse click. And then? Of course the token techies will be crucified for not being able to use their non-existent resources to defend Wal-Mart from the script kiddies

    They're looking for scapegoats my friends, don't fall for it

  • How are the Japanese going to fly virtual planes into virtual harbors to cause real damage?
  • by Infernal Device (865066) on Thursday November 01, 2012 @08:57PM (#41849387)

    The DHS is the worst idea to come out of Washington and that's a town that's pretty much only ever generated bad ideas. I'd rather be waterboarded than lift a finger to suport that particular government agency.

    • by chrismcb (983081)
      We already have several crime fighting agencies to protect the country. We don't need the DHS nor their TSA.
  • ...TIMES A THOUSAND.

    • Easily! People don't understand. When plane-loads of infected USB-drives strike you at terminal velocity, it really sucks. Dude, even the discarded pizza crusts and soda cans can damage paint. But it's those Kamikaze anonymous bastards you've really got to look out for; they'll fly right into a power-plant just to insert a USB-drive manually before they die. Yeah, if we don't toss a few bombs around, uphold copyright and have a purge, we're gonna get it, bad. All you can really do without the government's h
  • by bunbuntheminilop (935594) on Thursday November 01, 2012 @09:29PM (#41849571)

    All right maggot, fallout! Colonel Homestarrunner is recruiting the most elite team of crack commandos to invade Strongbadia. Do you has what it takes to join the Homestarmy? Will you bring a sack lunch and some orange slices for me and serve your country? WILL YOU STUPID!?

  • private company's are the ones with poor security and some has to do with cut backs and other PHB driven stuff.

    Like PHB buying stuff on the golf course with out getting tech people there to do a look over.

    Staff cut backs that leads to people being over worked / not have the time to do security right.

    Old hardware / software that forced them to use systems full of security holes.

    outsourcing / 3rd party's techs that can have lot's of trun over / overhead and propel who don't know whats going on. There is this

  • by 3seas (184403) on Thursday November 01, 2012 @10:01PM (#41849753) Journal

    Hitler and the motherland....

  • Capability Based Security can make our systems secure. The Unix security model was optimum for CS labs in the 1970s... but it clearly isn't suitable for mobile code in a network of 1,000,000,000+ hosts.

    Only give a piece of code the resources it needs to do it's job, and it can't take the world with it.

    Your intellectual inertia biases you against change... it's time to grow up and really think about this.

    • by Animats (122034)

      Capability Based Security can make our systems secure.

      It would help, but you have to be hard-assed about who gets what capability tickets. No, Angry Birds, you can't phone home and share high scores (and user ID info). No, you can't paste data from emails into the banking program.

      There are a few things that ought to be done, at least as demos. An EAL 7 BGP server and an EAL 7 DNS server, formally verified down to the machine instructions, would be a good place to start,

      • by Rich0 (548339)

        No, you can't paste data from emails into the banking program.

        Ugh - I can imagine how well that would go over at work. That's the problem - we can't even figure out if a piece of code will run to completion, let alone whether it is doing something "bad."

        I do think capability-based security is a good idea, but the fact is that if you want people to get anything done things will still need to be reasonably open. You can't live like you're in a perpetual state of war...

  • From a person that doesn't do email. Truly, truly incredible.

    I know this will ruin my Karma, and... I have never used this language in a public forum in my life, but, it's warranted...

    Not only "no," but "HELL NO!" you Hitlarian Fascist bitch.

  • ...circus music. Where is it coming from?

  • "Why don't y'all take that badge and shove it up your ass. All up in your ass." I'm American.

  • Ready to assist, make check payable to me.

  • Want hackers working for you? Change the law so that ponting out a security hole doesn't land the guy in jail. Suddenly, the majority of 'cyberterrorists' will be working for you.

  • by datapharmer (1099455) on Friday November 02, 2012 @07:31AM (#41851735) Homepage
    Does that website actually use tables? maybe one of the first "1337 skilz" they get should be someone that knows how to use something newer than frontpage 2000 and knows better than to put an unobfuscated email addresses like infragardteam@infragard.org as a contact link.... unless this is a honeypot those poor bastards are going to get a serious introduction to spam. How clueless.

Never try to teach a pig to sing. It wastes your time and annoys the pig. -- Lazarus Long, "Time Enough for Love"

Working...