National American fayervol for $6 billion it was non-working

The Einstein firewall created by request of the U.S. Department of Homeland Security in 2003 is positioned by U.S. authorities as the national system of cyber security which serves for identification of hacker attacks and fight against them. $6 billion were invested in project development.

2016: Recognition of inefficiency of Einstein

At the end of January, 2016 the Government Accountability Office (U.S. Government Accountability Office, GAO) published results of confidential federal check of Einstein. The inefficiency of operation of this firewall intended for detection and prevention of the hacker attacks of the national level was investigated.

Auditors came to a conclusion that despite use of signatures of viruses for determination of suspicious traffic of Einstein it is not capable to find about 94% of the known vulnerabilities and to check Internet traffic for presence of harmful content.^[1]

National American fayervol for $6 billion it was non-working

During testing of Enstein the following software was applied: Adobe Acrobat and Flash, Internet Explorer, Java and Microsoft Office. The firewall reacted only to 6% of gaps in a security system — 29 of 489.

One of weak points of a fayervol as auditors report, the lack of synchronization with the national database of vulnerabilities which is kept by National Institute of standards and technologies (National Institute of Standards and Technology) is.

Incident when the Chinese espionage group bypassed protection of Einstein is mentioned in the report of the American Accounts Chamber and got access to the classified information about 19.7 million people applying for the work connected with national security.

Functioning of Einstein was checked in 23 departments which are not connected with military forces (among them — Department of energy of the USA, Administrations of general services, National scientific fund and Nuclear Regulatory Commission). Only 5 of them as it appeared, involve the intrusion prevention system which received the name "Einstein 3A". It uses signatures of National Security Agency and other sources for determination of nature of network activity.

Until possibilities of a national system of cyber security do not reach the due level of perfection, it will be difficult to U.S. Department of Homeland Security to provide effective support of cyber security of the federal agencies — the director of questions of information security from GAO Gregory Wilshusen and the director of GAO Center for Technology and Engineering Nabajyoti Barkakati in the report on check of Enstein said.

The minister of internal security of the USA Jeh Johnson rose in defense of Einstein, having said that the technology of prevention of threats really can be not unrolled everywhere in departments, however it is precisely available on a half of computers of public servants.

Unlike commercial products, "Einstein 3A" works with especially confidential information therefore the government is protected from our most sophisticated ill-wishers" — Johnson said, having added that by the end of January, 2016 a system blocked more than 700 thousand cyberattacks.

In 2013 the hacker known under the name Peace loaded the espionage code into computers of Department of energy of the USA — the agency which is responsible for the American military nuclear program, electricity generation and other important interests of the country.

The inspections which are carried out after this incident showed that many federal agencies do not own even basic literacy in the field of information technologies and do not know about that, how many at them computer systems. From here and slow implementation of Enstein in State departments: only 20% from them began to use fayervol by the end of 2014, Johnson noted.

In December, 2015 the American Congress directed that by the end of the 2016th all state agencies passed to Enstein. Democrat senator from Delaware Tom Carper who was one of initiators of the requirement about compulsory use of Enstein by the government, said that the White House should give to the federal authorities installation on that they made process of implementation of the national firewall a priority task.

Notes