Cloud Computing: Even Einstein Couldn’t Fix Cybersecurity

Grazed from GovTech. Author: Larry Karisny.

A massive cyberattack at the U.S. Office of Personnel Management (OPM) exposed the personal information of as many as 4 million federal employees. Though this type of news is not unusual, this particular case is different given that a multi-billion-dollar federal civilian cyberdefense systems was hacked.

The cyberdefense systems supposedly protecting the OPM are Department of Homeland Security programs known as Einstein and Continuous Diagnostics and Mitigation (CDM) — and were hailed as the cornerstone of repelling cyberthreats in real time. Unfortunately this is not actually the case, as it took five months to discover the intrusion — hackers hit the OPM in December, and the agency did not detect the intrusion until April. How bad the attack really was is still being analyzed…

WHAT ARE EINSTEIN AND CDM?

Einstein (also known as the EINSTEIN Program) is an intrusion detection system that monitors the network gateways of government departments and agencies in the United States for unauthorized traffic. The software was developed by the United States Computer Emergency Readiness Team (US-CERT), which is the operational arm of the National Cyber Security Division (NCSD) of the U.S. Department of Homeland Security (DHS). The program was originally developed to provide "situational awareness" for the civilian agencies. The first version examined network traffic while the expansion in development could look at content…

Read more from the source @ http://www.govtech.com/dc/articles/Even-Einstein-Couldnt-Fix-Cybersecurity.html