Two of the file systems contained payroll files for employees who were with the agency in the first week of February 2006, however the FAA insisted that the server that was accessed was not connected to the operation of the air traffic control system or any other FAA operational system, and that there was no indication that those systems had been compromised.
A recent report from market research provider, Government Insights, indicated that cyber security makes up almost 12% of the US Defense Department’s current IT budget – up from almost 8% in 2005, while the US Government has plans to allocate over $10 billion (over £7 billion) in cyber security contracts over the next four years, mostly to large US defense companies such as Northrop Grumman and Lockheed Martin.
Brian Ahern, president and CEO of US based cyber-risk protection provider, Industrial Defender, believes that in spite of such developments, breaches still occur because agencies like the FAA are not effectively monitoring their own networks.
“The current state of economy, coupled with increased speculation of cyber attacks since 9/11, has undoubtedly contributed to heightened sensitivity from the Presidential administration around protecting our nation’s critical infrastructures,” he says. “These outdated legacy systems that protect our oil, gas, electric, water and power plants are at risk simply because they were initially designed at a time when cyber security concerns were a non-issue. However in today’s world, implementing a sound cyber security strategy is absolutely vital toward protecting our nation’s resources and ultimately, ensuring citizen safety.”
Previous report:
Obama orders cybersecurity review
President Obama has ordered a 60-day review of federal cybersecurity, appointing a former key executive in the Bush administration to lead the charge. Melissa Hathaway, former top cybersecurity advisor to the director of national intelligence under Bush, will carry out the review for the White House National Security and Homeland Security Councils.