Slashdot Mirror

← Back to Stories (view on slashdot.org)

Obama Creates a Color-Coded Cyber Threat 'Schema' After the DNC Hack (vice.com)

Posted by msmash on from the clearing-the-clutter dept.

The White House on Tuesday issued new instructions on how government agencies should respond to major cyber security attacks, in an attempt to combat perceptions that the Obama administration has been sluggish in addressing threats from sophisticated hacking adversaries, Reuters reports. The announcement comes amid reports that hackers working for Russia may have engineered the leak of emails stolen from the Democratic National Committee in an attempt to influence the outcome of the upcoming presidential election. Motherboard adds: George W. Bush's Homeland Security Advisory System -- the color-coded terrorism "threat level" indicator that became a symbol of post-9/11 fear mongering -- is getting its spiritual successor for hacking: the "Cyber Incident Severity Schema." President Obama announced a new policy directive Tuesday that will codify how the federal government will respond to hacking incidents against both the government and private American companies. [...] The Cyber Incident Severity Schema ranges from white (an "unsubstantiated or inconsequential event") to black (a hack that "poses an imminent threat to the provision of wide-scale critical infrastructure services, national government stability, or to the lives of U.S. persons") , with green, yellow, orange, and red falling in between. Any hack or threat of a hack rated at orange or above is a "significant cyber incident" that will trigger what the Obama administration is calling a "coordinated" response from government agencies. As you might expect, there are many unanswered questions here, and the federal government has announced so many cyber programs in the last few years that it's hard to know which, if any of them, will actually make the US government or its companies any safer from hackers.

2 of 133 comments (clear)

  1. Show of hands by nehumanuscrede · · Score: 5, Interesting

    Who here keeps up with what the current color is for our " Terrorism Threat Level " ?
    * crickets *

    ( Who here remembers we even have one ? )

    Exactly. No one cares. Even fewer are going to give a sh*t about some other lame ass color coded scheme.
    ( LoudSpeaker: Today's cyber-threat level is Muave with just a hint of Magenta ) :|

    Don't want your networks hacked ? Maybe you should keep a competent IT staff on hand. ( and treat them like you want them to stick around )
    Not the contractors from India you're using because it's cheaper.

  2. Re: Waste of time by ArmoredDragon · · Score: 4, Interesting

    A lot of people misinterpret what that was for. It wasn't "fearmongering" in any sense. Such a system was already in place for decades, only in a different form. I was in the Army at the time of 9/11, and that day we went to threatcon delta. All it was for was to signal all government personnel to assume a different security posture, as per protocol.

    The public version just came off to me as being the same thing, only if any civilian entities (i.e power plants, etc) wanted to safeguard themselves based on recent events, they could reliably follow that.

    It occurs to me that this is a similar system, only for cybersecurity. If people get all panicky over it, that's their problem, and it's not intended to make people afraid of anything.