Costly U.S. Computer Security With Ease

The hackers who stole personal data on 4 million government employees from the U.S. Office of Personnel Management sneaked past a sophisticated counter-hacking system called Einstein 3, a highly-touted, multimillion-dollar and mostly secret technology that’s been years in the making.

It’s behind schedule, the result of inter-agency fights over privacy, control and other matters, and only about half of the government was protected when the hackers raided OPM’s databases last December.

It’s also, by the government’s own admission, already obsolete.

“Einstein 3 was state of the art two years ago,” said James Lewis, senior fellow in cybersecurity at the Center for Strategic and International Studies in Washington. “It’s good, but it’s not enough, and we know that because the commercial security industry is already moving away from that kind of defense.”

The breach of OPM by hackers, linked by U.S. officials to the Chinese government, has focused attention on the shortcomings of Einstein 3, and by extension the troubled effort to secure government computer networks from sophisticated adversaries such as China and Russia.

Over the last several months, U.S. officials have said that perimeter-based defenses such as Einstein, even backed by the National Security Agency’s own corps of hackers, can never prevent break-ins.

Like banks and technology companies, government agencies must move to a model that assumes hackers will always get in, specialists said. They’ll need to buy cutting-edge technologies that can detect intruders inside networks and eject them quickly, before the data is gone.

Costly U.S. Computer Security With Ease – Learn More