American Cyber-Security Boss Abruptly Steps Down

The man in charge of the United States Computer Emergency Response Team suddenly resigned last week without any official explanation.

Director Randy Vickers resigned 22 July, effective immediately, according to an email to employees sent by Roberta Stempfley, acting assistant secretary at Department of Homeland Security’s Office of Cyber-security and Communications.

Lee Rock, the deputy director, would step in as the interim director until a new director was found, Stempfley said in the message.

No Reason Given

“We are confident that our organisation will continue its strong performance under his [Rock’s] leadership,” Stempfley wrote. She wished Vickers success in future endeavours.

It’s not known at this time what Vickers will be doing next.

His LinkedIn profile has been updated to reflect that he’s no longer at US-CERT, but no other information was available.

While the email did not provide a reason for his departure, Vickers was in charge of an organisation tasked with mitigating cyber-threats to federal networks and to the .gov domain. The last few months have seen a dramatic increase in the number of high-profile attacks against government agencies and private firms that work with them.

Some attacks were activist in nature, such as the ones from hacker collective Anonymous and the smaller LulzSec gang looking to expose government and military secrets. Others have been attributed to nation-states and the sources for a handful remain unknown.

LulzSec alone claimed responsibility for attacking websites belonging to the Central Intelligence Agency, the US Senate, the Arizona Department of Public Safety, two public-private partnerships with the Federal Bureau of Investigation and others during its 50-day spree that ended in June.

Ongoing Threat

The Department of Defense believes that a foreign intelligence service swiped 24,000 files from a US defence contractor in March, Deputy Defense Secretary William Lynn said earlier this month.

Unknown attackers have also breached Department of Energy’s Oak Ridge National Laboratory and defence contractor Lockheed Martin this spring.

Cyber-attacks against federal government networks spiked 40 percent last year, from about 30,000 in 2009 to nearly 42,000 in 2010, according to an Office of Management and Budget report from this spring.

Part of the National Cyber Security Division at DHS, US-CERT also co-ordinates information sharing efforts between the government and private sector. The group released a new set of security guidelines for agencies to implement in hopes of preventing or mitigating future cyber-intrusions.

Infrastructure Protection

The Technical Security Alert recommended agencies deploy host intrusion detection systems to block and identify common attacks, using an application proxy in front of web servers to filter out malicious requests, disabling the “allow_URL_fopen” setting on the web server to limit PHP vulnerabilities, using SQL queries with parameters or stored procedures instead of dynamic SQL code to limit SQL injection attacks. US-CERT also has strategies relating to DDoS attacks, password security and restricting the use of personal devices on the network.

DHS is responsible for critical infrastructure such as power plants, electric grids, and transportation networks. The Obama administration’s cyber-security proposal recommended that DHS take the lead role in working with the private sector to develop a framework to fight off cyber-attacks. Stempfley is also scheduled to testify before the House Energy and Commerce oversight subcommittee hearing on 26 July.

Vickers is also the second high-profile DHS official to resign in recent months. Philip Reitinger, deputy undersecretary for the National Protection and Programs Directorate at DHS, resigned in May shortly after the White House released its cyber-security plan. There have been six different directors in the last seven years. A former director, Mischel Kwon, supposedly resigned in 2009 because of “obstacles and a lack of authority to fulfill [the] mission,” according to the Washington Post.