In financial results issued late yesterday, San Diego defense contractor SAIC attributed its increased second-quarter revenue and earnings to “recent wins in defense logistics, information technology, and cyber-security,” among other things.
That last part about cyber security may be an understatement, based on a conversation I had last night with Alan Paller.
As a founder and director of research at the SANS (SysAdmin, Audit, Network, Security) Institute, a cooperative computer security organization in the Washington, D.C. area, Paller has a front-row view of the relentless electronic attacks besieging the nation’s computer infrastructure. He gains much of his insights through his work with SANS, which conducts research and training for system administrators, and oversees the Internet Storm Center, a volunteer Internet security monitoring organization. In the 20 years since the institute was founded, Paller also has developed an extensive network of professional connections in network security both in and out of government.
As Paller told me last night, Internet attacks on government computer networks have become a constant threat, an intense storm that’s not just rattling windows and doors, but also breaking into sensitive government computer systems that store data about U.S. technology. It is a warning he often makes. Yet one reason why SAIC is becoming so crucial stems from testimony he delivered just five months ago to the U.S. Senate Committee on Homeland Security and Government Affairs. In his presentation, Paller emphasizes two new realities about the nation’s cyber-infrastructure:
—Computer attacks by hackers, nation states (e.g. China), organized crime in Eastern Europe, and even terrorist groups have more deeply penetrated U.S. civilian government agencies and the critical national infrastructure computer networks (e.g. computers that control power grids) than has been publicly disclosed.
—The attackers are improving their techniques far faster than the U.S. government has been improving its defenses. In other words, the threat is increasing at an accelerating rate.
Paller contends that SAIC, with its institutional expertise in IT systems integration for U.S. intelligence and defense agencies, is way ahead of other defense contractors because “a lot of the guys with security clearances don’t have the necessary skills.” His insights helped give