The Naval Postgraduate School & The U.S. Department of Homeland Security
The HSDL servers are getting an upgrade including updated operating systems, better hardware and faster network connections. This upgrade will require downtime on Friday, July 10, 2015 between 12pm and 8pm Pacific Time, although we are hoping we will be done early. For questions or concerns about this scheduled downtime, please contact us at techsupport@chds.us.

Federal Government’s Track Record
on Cybersecurity and Critical Infrastructure

CybersecurityThe Senate Committee on Homeland Security and Governmental Affairs released today a new report that outlines the recent failures of the federal government to prevent cyberattacks on the nation's critical infrastructure. The report, "The Federal Government's Track Record on Cybersecurity and Critical Infrastructure", looks into the cyber vulnerabilities of six major government agencies as well as a few major cyberattacks that occurred over the past year.

Throughout its investigation, the Senate Committee found that certain cyberattacks were the result of "real lapses" of the federal government, especially in regard to storing and securing sensitive information. A few of the main security breaches cited in the report affected the Nuclear Regulatory Commission, Securities and Exchange Commission, U.S. Army Corps of Engineers, and the National Institute of Standards and Technology (NIST).

One of the most notable cyberattacks, however, was on the nation's Emergency Broadcast System. According to the report, hackers broke into the System last February and "caused television stations in Michigan, Montana and North Dakota to broadcast zombie attack warnings. 'Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living,' an authoritative voice stated in the hacked broadcast message, while the familiar warning beep sounded. “Do not attempt to approach or apprehend these bodies as they are considered extremely dangerous.'”

Upon reviewing these cyber breaches and the devastating destructive potential they have on critical infrastructure, the report maintains that ensuring cybersecurity is often as easy as remembering to update your software. "While cyber intrusions into protected systems are typically the result of sophisticated hacking, they often exploit mundane weaknesses, particularly out-of-date software. Even though they sound boring, failing to install software patches or update programs to their latest version create entry points for spies, hackers and other malicious actors."