Department of Homeland Security

Dear Action Line: How do I keep track of all the computer software vulnerabilities floating around the Internet? I can't really trust the sellers to keep me informed of their latest glitches and don't see it in the newspaper or on TV. -- H.E., Tulsa.

Two sources of "cyber security news" are US-CERT and Help Net Security.

A cloud-computing initiative was outlined Tuesday by the Obama administration. It aims to cut costs and reduce the government's environmental impact.

Vivek Kundra, the first U.S. chief information officer, said the government has been building multiple data centers, so many that about a quarter of its $76 billion IT budget goes to infrastructure. He noted that the Department of Homeland Security has 23 data centers.

As a result, he said, federal energy consumption doubled from 2000 to 2006. "We cannot continue on this trajectory," Kundra said.

The Obama administration is moving cautiously on a new pilot program that would both detect and stop cyber attacks against government computers, while trying to ensure citizen privacy protections.

The pilot program, known as Einstein 3, was supposed to launch in February. But the Department of Homeland Security is still pulling the plan together, according to senior administration officials.

Einstein 3 has triggered debate and privacy concerns because the program will use National Security Agency technology, which is already being employed on military networks.

A little over two months ago, President Barack Obama appointed Melissa Hathaway as the acting senior director for cyberspace for the National Security Council and the Homeland Security Council. Her primary task, the president said, was a two-month review of the nation's cybersecurity readiness and to propose improvements.

Ghost hackers infiltrating the computers of Tibetan exiles and the U.S. electric grid have pulled the curtain back on 21st-century espionage as nefarious as anything from the Cold War -- and far more difficult to stop.

Nowadays, a hacker with a high-speed Internet connection, knowledge of computer security and some luck can pilfer information thought to be safely ensconced in a digital locker. And the threat is growing, with countries -- including the U.S. -- pointing fingers at each other even as they ramp up their own cyber espionage.

Mohamed Shommo, an engineer for Cisco Systems Inc., travels overseas several times a year for work, so he is accustomed to opening his bags for border inspections upon returning to the U.S. But in recent years, these inspections have gone much deeper than his luggage.

Border agents have scrutinized family pictures on Shommo's digital camera, examined Koranic verses and other audio files on his iPod and even looked up Google keyword searches he had typed into his company laptop.

The Commission on Cyber Security for the 44th Presidency released a report Monday on Internet security with recommendations. The focus of the commission, part of the Center for Strategic and International Studies, is to provide President-Elect Barack Obama's administration with insight on cybercriminal activities.

In recent years U.S. agencies, including the Pentagon and the Department of Homeland Security, have experienced computer break-ins.

A hacker broke into a federal Homeland Security Department telephone system during the weekend and racked up about $12,000 in calls to the Middle East and Asia.

The hacker made more than 400 calls on a Federal Emergency Management Agency voice-mail system Saturday and Sunday, according to FEMA spokesman Tom Olshanski. FEMA is the principal government agency for helping victims of natural disasters.

The agency is part of Homeland Security, which in 2003 put out a warning about such a vulnerability.

Thousands of network security professionals are in Las Vegas for the annual Black Hat Briefings computer security conference, which will be immediately followed by the DEFCON hacker convention. Both events focus on network and Internet security issues. The Black Hat conference is held at Caesars Palace Las Vegas Hotel & Casino, while DEFCON is at the Riviera Hotel & Casino August 8-16.

Federal agents may take a traveler's laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies, the Department of Homeland Security recently disclosed.

Also, officials may share copies of the laptop's contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement.