Reported raids on federal computer data soar

WASHINGTON -- Reported cyberattacks on U.S. government computer networks climbed 40% last year, federal records show, and more infiltrators are trying to plant malicious software they could use to control or steal sensitive data.

Federally tracked accounts of unauthorized access to government computers and installations of hostile programs rose from a combined 3,928 incidents in 2007 to 5,488 in 2008, based on data provided to USA TODAY by the U.S. Computer Emergency Readiness Team (US-CERT).

"Government systems are under constant attack," says Joel Brenner, counterintelligence chief in the Office of the Director of National Intelligence. "We're seeing … a dramatic, consistent increase in cyber crime (and) intelligence activities."

The government does not publicly detail the number or types of attacks that succeed. A commission of government officials and private experts reported in December that the departments of Defense, State, Homeland Security and Commerce all have suffered "major intrusions" in which sensitive data were stolen or compromised.

"The damage from cyberattack is real," says the report, issued by the Center for Strategic and International Studies with Reps. Jim Langevin, D-R.I., and Michael McCaul, R-Texas.

The new data on attacks represent a small sampling — just 1% of federal agencies have fully developed tracking systems — and some of the increase may reflect better reporting, says Mischel Kwon, who heads US-CERT at the Department of Homeland Security. Still, the reports are the best public accounting of such attacks and underscore concerns driving federal cybersecurity initiatives.

Director of National Intelligence Dennis Blair told Congress last week that government networks are targeted by foreign nations seeking intelligence, such as China and Russia, as well as criminal groups and individuals who may want to disrupt power, communication or financial systems.

Some attackers may be less interested in stealing data than in undermining a system's ability to operate, such as by planting software that could slow critical networks in emergencies, Brenner adds.

Security officials are especially alarmed about phishing, in which seemingly legitimate e-mails solicit sensitive information, and "web redirects," which shunt a computer to a website where it downloads malicious software, Kwon said.

As part of a Comprehensive Cyber Security Initiative launched by President Bush, the government has cut the number of portals linking federal computer networks to the Internet from 4,500 to 2,500.

Last week, President Obama named Melissa Hathaway, who headed the cybersecurity initiative, to run a 60-day review of federal cybersecurity programs.

The review should spur more cybersecurity initiatives, Brenner says. "What's going on now is not enough, but it is the absolute necessary condition for the progress we have to make."