DHS official suggests sharing IT resources to survive hacks

Groups of companies in the same industry could mitigate the effects of cyberattacks by pooling infrastructure resources and working together on security issues, a senior official in the U.S. Department of Homeland Security has suggested.

The comments by Mark Weatherford, deputy undersecretary for cybersecurity, came as several U.S. banks were dealing with a fourth week of distributed denial-of-service (DDoS) attacks.

The targeted banks include Wells Fargo, U.S. Bancorp, PNC Financial Services Group, Citigroup, Bank of America and JPMorgan Chase. Hackers in Iran have claimed responsibility.

"This has been an eye-opening experience," said Weatherford, speaking at a cybersecurity awareness conference in Santa Clara, Calif., organized by local businesses.

Weatherford suggested "a co-op kind of model" where Internet service providers buy many more servers than any one company might need and then "co-op that for like-minded organizations" so that when someone needs the capacity, it would be available.

"We need to think of different ways of sharing resources," he said, but also acknowledged that he has "no idea" if such a scheme is legal or even possible.

This version of this story was originally published in Computerworld's print edition. It was adapted from an article that appeared earlier on Computerworld.com.

Read more about security in Computerworld's Security Topic Center.

Tags: Cybercrime and Hacking, JPMorgan Chase, Department of Homeland Security, Bank of America, cyberwarfare, security, U.S. Department of Homeland Security, Wells Fargo, citigroup

Today's Approach to Security is Broken

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Deep Security - Enterprise Virtualization Security

Advanced protection for physical, virtual and cloud servers

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.