Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Government Security

Obama Creates a Color-Coded Cyber Threat 'Schema' After the DNC Hack (vice.com) 133

The White House on Tuesday issued new instructions on how government agencies should respond to major cyber security attacks, in an attempt to combat perceptions that the Obama administration has been sluggish in addressing threats from sophisticated hacking adversaries, Reuters reports. The announcement comes amid reports that hackers working for Russia may have engineered the leak of emails stolen from the Democratic National Committee in an attempt to influence the outcome of the upcoming presidential election. Motherboard adds: George W. Bush's Homeland Security Advisory System -- the color-coded terrorism "threat level" indicator that became a symbol of post-9/11 fear mongering -- is getting its spiritual successor for hacking: the "Cyber Incident Severity Schema." President Obama announced a new policy directive Tuesday that will codify how the federal government will respond to hacking incidents against both the government and private American companies. [...] The Cyber Incident Severity Schema ranges from white (an "unsubstantiated or inconsequential event") to black (a hack that "poses an imminent threat to the provision of wide-scale critical infrastructure services, national government stability, or to the lives of U.S. persons") , with green, yellow, orange, and red falling in between. Any hack or threat of a hack rated at orange or above is a "significant cyber incident" that will trigger what the Obama administration is calling a "coordinated" response from government agencies. As you might expect, there are many unanswered questions here, and the federal government has announced so many cyber programs in the last few years that it's hard to know which, if any of them, will actually make the US government or its companies any safer from hackers.
This discussion has been archived. No new comments can be posted.

Obama Creates a Color-Coded Cyber Threat 'Schema' After the DNC Hack

Comments Filter:
  • Waste of time (Score:2, Insightful)

    by Anonymous Coward
    This is what the government does when they want to give the appearance of doing something when they really don't have any idea what to do. It didn't do anything after 9/11 and nobody really will pay any attention to it now, either.
    • He's just mad as all get out because they got caught.

    • Re: Waste of time (Score:5, Interesting)

      by ArmoredDragon ( 3450605 ) on Tuesday July 26, 2016 @02:28PM (#52584277)

      A lot of people misinterpret what that was for. It wasn't "fearmongering" in any sense. Such a system was already in place for decades, only in a different form. I was in the Army at the time of 9/11, and that day we went to threatcon delta. All it was for was to signal all government personnel to assume a different security posture, as per protocol.

      The public version just came off to me as being the same thing, only if any civilian entities (i.e power plants, etc) wanted to safeguard themselves based on recent events, they could reliably follow that.

      It occurs to me that this is a similar system, only for cybersecurity. If people get all panicky over it, that's their problem, and it's not intended to make people afraid of anything.

      • by Anonymous Coward

        ROFL! The filter error made me get rid of all the exclamation points after that, but really you gave me a good belly laugh there.

        The Terror Threat level was one of the biggest disseminators of FUD the world has EVER seen. The Homeland Security Advisory System NEVER went below Yellow during its existence (condition 3 of 5.) It went to red once and was kept there for a couple of weeks based on the 5th anniversary of 9/11, not apparently because of any specific actionable intelligence.

        Why was it finally dis

    • It's kind of sad. People shouldn't have written those communications in the first place.

      Stop trying to fix the leaks and start trying to fix the problem that caused people to subvert democracy.

    • Re:Waste of time (Score:4, Insightful)

      by chispito ( 1870390 ) on Tuesday July 26, 2016 @02:33PM (#52584327)

      This is what the government does when they want to give the appearance of doing something when they really don't have any idea what to do. It didn't do anything after 9/11 and nobody really will pay any attention to it now, either.

      Yes, it's called the Politician's Syllogism [wikipedia.org]. In summary:
      1. Something must be done!
      2. Look, this is something.
      3. Therefore, we must do this!

      It also seems to apply to IT.

      • They could try to stay neutral during the primaries.

      • To tack on to your point, it was most effective and swaying political opinion. Bush's approval rating went up when the terrorist mood ri, er, threat level went up. I understand not disclosing classified intelligence on why that level might change, but there never seemed to be any correlation to anything other than "my rating's getting low, let's pump that baby up to orange!"
    • But Obama's version is way better than Bush's! So it is Better, because Obama!

    • by Dunbal ( 464142 ) *
      Yup, now when the color threat level changes you'll know you have to change your password from "1234567" to something completely un-guessable and devious like password1234.
    • What I find interesting is that the Obama administration has selected this particular event as a rallying point for creating some kind of response to cyberattacks. Massive government data breaches, stolen healthcare records, SCADA attacks, and IP theft just weren't quite cutting it. But an attack that exposed hypocrisy and corruption within the ranks of his own party? INTOLERABLE!
  • by cayenne8 ( 626475 ) on Tuesday July 26, 2016 @01:48PM (#52583825) Homepage Journal
    Isn't that racist....??

    [tongue in cheek]

    I guess it isn't since Obama says it is ok....

    :)

    • No it is not racist. If white was on the top level and blacks, reds and tans were at lower levels, then it would be racist. This is a diverse pallet and diversity helps make us safe.

      Now, much the content in various emails written by Democrats for Democrats was racist.

      • "You whites are too picky"

        "You blacks are too easy going"

        Sergeant: "This is the Army, we're all GREEN. Say it, We are green! We are green!"

        Men: We are Green!

        Men: We are Green!

        Sergeant: "Good! and you, the dark green one, clean up your desk!"

        -- Beetle Bailey, before the world went PC

  • by phantomfive ( 622387 ) on Tuesday July 26, 2016 @01:51PM (#52583875) Journal
    Our current level is solid black.....because programmers don't care about bugs, managers don't let them care, and our critical infrastructure is connected to the internet.
    • by EvilSS ( 557649 )

      Our current level is solid black.....because programmers don't care about bugs, managers don't let them care, and our critical infrastructure is connected to the internet.

      Got to be agile bruh!

  • by Anonymous Coward

    Yes, let's adopt the most widely-mocked concept of Rumsfeld's DOD and apply it to the most widely-obfuscated topic of national security, making the whole thing seem absolutely as trollish as possible.

    The only thing missing is an article by Gersh Kuntzman about how his amazon gift order invoices got leaked to family members and ruined his Hanukkah.

    • Mod points!
    • by jon3k ( 691256 )
      It was only mocked because it was invented by a conservative. It's value is the same as the doomsday clock. People just intentionally ignore the actual use of these things to mock the creator.
      • by Anonymous Coward

        It was mocked because except for New York City and airline flights (where they were perpetually Orange) it was perpetually Yellow. It was even suggested that they just get rid of Blue and Green [wikipedia.org] and admit that it would never go down.

        NTAS, which replaced yellow and orange (that might as well have been painted on) with "precise, actionable" alerts [wikipedia.org] is superior in nearly every way, except for not insisting everyone panic day in and day out.

  • by Anonymous Coward

    I just want to hear a high-ranking government official say we gone to plaid.

  • Whew! Everything is ok now!
  • by Anonymous Coward

    Obama didn't build that. Someone else built that system.

  • Show of hands (Score:5, Interesting)

    by nehumanuscrede ( 624750 ) on Tuesday July 26, 2016 @02:01PM (#52583951)

    Who here keeps up with what the current color is for our " Terrorism Threat Level " ?
    * crickets *

    ( Who here remembers we even have one ? )

    Exactly. No one cares. Even fewer are going to give a sh*t about some other lame ass color coded scheme.
    ( LoudSpeaker: Today's cyber-threat level is Muave with just a hint of Magenta ) :|

    Don't want your networks hacked ? Maybe you should keep a competent IT staff on hand. ( and treat them like you want them to stick around )
    Not the contractors from India you're using because it's cheaper.

    • Re:Show of hands (Score:5, Informative)

      by phantomfive ( 622387 ) on Tuesday July 26, 2016 @02:25PM (#52584247) Journal

      ( Who here remembers we even have one ? )

      We don't have one anymore, actually [wikipedia.org].

    • Exactly. No one cares. Even fewer are going to give a sh*t about some other lame ass color coded scheme.

      Your comment is the exact reason why they shouldn't have brought up the Homeland Security Advisory System. While the colors are the same the systems themselves are completely different. This system is an incident response system. It's like the International Nuclear Event Scale. It's a post-event system. There would never, and should never, be an ambient "color level" for this system.

      The HSAS is not a post-event system. It's a system that is intended to convey the ambient risk and possibility of a terrorist

    • Hey I like my rainbows of death.
    • The biggest problem with the Terrorism threat level was that it didn't convey any useful information. It was a vague, seemingly arbitrary distraction that didn't tell you anything other than maybe how scared the government wanted you to be (really scared or super mega scared) - and even that just faded into the background. Contrast it with the U.S. Military's force protection levels, each of which had very specific and meaningful implications, and which had very high levels that weren't intended to be maint
    • The only time I have ever actually seen the threat level posted in public was on the front window of a gas station just off the I-84 in Eastern Oregon. I thought it was amusing.

    • Who here keeps up with what the current color is for our " Terrorism Threat Level " ?
      * crickets *

      ( Who here remembers we even have one ? )

      That color-coded 'terrorist' threat level was colored in an obtuse way. It was ROY B GIV. The DHS had its cluelessness on clear display in releasing that color chart (of how 'scared' you should be). The color order was wrong.

      The usual standard for a color-scale is to follow the well-memorized rainbow color-order: ROY G BIV. That is, Red, Orange, Yellow, Green Blue, Indigo, and Violet.

      And now Napolitano (former DHS chief) is heading-up the huge University of California System. Oy veh!

  • by PeeAitchPee ( 712652 ) on Tuesday July 26, 2016 @02:02PM (#52583955)
    So, when can we expect this system to be applied to rate the mass surveillance activities of the NSA, CIA, FBI, and others against law-abiding US citizens? Sounds like a good way for the EFF to rank the severity of abuses.
  • OPM gets hacked... 'bama doesn't care.

    His party gets hacked... well, now we need new laws and regulations and procedures!

  • by Anonymous Coward

    All the times U.S. agencies and depts got hacked, nothing. But shit got real when it was only political.

  • Would Obama do the same thing if it was the Republican National Convention?
    • by Terwin ( 412356 )

      Would Obama do the same thing if it was the Republican National Convention?

      They probably did, but having proof that the RNC colluded to try and stop Trump would be such a non-event that it might even increase political stability.

      Presumably the goal here is to cause instability by undermining the candidate that is being proclaimed as the likely next president by the major media outlets.
      And if those claims turn out to be more wish than fact, it still servers to make politicians nervous.

    • by LWATCDR ( 28044 )

      Isn't more interesting that the actual contents of the email leak is not getting much attention on Slashdot? For example the email where they call outreach to hispanic voters Taco bowl engagement. Or the meeting between the DNC and MSNBC or the fact that a Poltico blogger sent a story to the DNC to get feedback before publishing it.

  • 0 means non-event, 5 means kiss your ass goodbye.
    • a number of years ago, our kids' elementary introduced a novel grading system. We had to have a sit down with the principal to walk us through it. She told us how the new system would be 1-2-3-4-5 etc as opposed to traditional A-B-C-D - F. This would take time and cause obvious confusion with parents, but the administration felt it was for the benefit of the children so it was worth all the hassle. Swear to god.
  • What's the blue screen mean? Windows is giving me one now.

    • Everything normal.

  • None of the previous security protocols worked either.

    Information just wants to be free, especially when it can be socially engineered and exists in multiple locations at various times.

  • So Obama pretends to be everyone's President, but when it comes down to threats to the Democrat Election Fraud machinery, it suddenly becomes an issue of color.
  • Instead of showing leadership by going medieval on the DNC bigwigs, we get some stupid color coding scheme. Obama administration in a nutshell.

  • by Anonymous Coward

    So, the government gets hacked and no overall action is taken, pentagon hacked, no particularly overarching initiatives. But the private organization, the DNC, they get hacked and Obama springs into action and creates an overarching initiative, because, well, political strategy is more important than Chinese military hacking, Russians hacking defense organizations and industry, etc. But threaten the liberal agenda by disclosing the truth, sure. Hacking the DNC warrants a more active response than Snowden wh

    • by fedos ( 150319 )

      Obama has consistently acted as if hacking a private company is worse than hacking the government. This attitude predates him.

      Hacked the pentagon and stole technical data on a top secret weapon system? Meh, that's just what governments do. Hacked into Apple and leaked the release date for the next iPhone? Cyberterrorism!

  • One more perpetually orange indicator.
  • "Go to Blue Alert!"
    "Sir, are you absolutely sure? That does mean changing the bulb."

    Red Dwarf: https://www.youtube.com/watch?v=Qa_gZ_7sdZg [youtube.com]
  • The chart [vice.com] specifically mentions "civil liberties" being impacted. Does that mean we can get the Patriot Act classified as a terrorist document?

  • Oh goody, more color coding bullshit. I'll throw it in the trash along with the other color codes, and the food pyramid.
  • So, when the DNC's email servers have been compromised, the White House scrambles to come up with some cockamamie Directive on United States Cyber Incident Coordination. However, if the Secretary of State uses her own, unsecured server, the POTUS just states that "it was just a mistake" and doesn't endanger national security and the AG doesn't even try to slap a wrist.
    What a bunch of inconsistent idiots.

  • No threat level pink? This is an insult to all women...and people that are sympathetic to women...and people that are men that really want to be women.

    And no threat level rainbow? Oh the humanity!!! Once again we have left our LGBT brothers and sisters in the lurch.

    And code black is an imminent threat? Sounds vaguely racist.

    No...this just won't do. Back to the drawing board Barack.

  • This is a fairly pathetic response from the Obama administration. Rather that focusing on DNC corruption, the President is working to create better infrastructure to assist them in keeping their corrupt secrets. I don't want to call out the US government as being entirely corrupt, but here we are. Maybe, instead of this, the Obama administration would be better of using the money as a reward, to Guccifer 2.0, for his assistance for doing their job.
  • Citizen, understand that the DNC breaking its own rules by working for one particular campaign in the primaries is NOT NEWS! If you talk about this, the evil russians win!!!! Accept that the rules are only for you, not for those in office! Stop thinking so much and learn to love exclamation marks!!!!

    Regards, The Chosen Few Who Truly Understand
  • Years ago I remember a pundit joking that Obama would change the terror threat level colors (from the W era) into "chick colors", implying that Obama was effeminate, gay, and/or p-whipped.

    It had colors like chartreuse, coral, fuchsia, periwinkle, peach, etc.

  • The DNC has been working hard to change the story from one about how they rigged the primary in collusion with the Clinton campaign and the media to one about Scary Russian Hackers. Unfortunately they've been rather successful.

Keep up the good work! But please don't ask me to help.

Working...