Where is the outcry to Congress to flood money into new cyber defenses? Where is the hot discussion about federal v. state sovereignty over cyber space, debating issues over ceding the later in order for the former to provide across-the-net protections? Where are the calls to upgrade government systems, to bring them into the new millennium?
An atrocious job of closing the barn door, not knowing the horse has already gotten out - - in May 2016, when the stealth attack was under way, Congress in its usual great (sarcasm) wisdom passed the Modernizing Government Technology Act of 2016, which allocated $3.1 billion to fund to retire & replace "legacy" (as in "Yikes! Some date back to the '70s!!) systems.
At the time it passed, co-sponsor Rep. Gerry Connolly (D-VA) said, "The federal government must come into the 21st century. We owe it to the people we serve. We need to streamline the management of IT assets. We need to make strategic and wise investments, and we need to have a schedule of replacement for legacy systems. We need to encrypt and protect against cyberattacks for the sake of the American people." With a paltry $3.1 billion? That's not a sop*, it shows their saps!
There has been a lot of criticism of President Obama for not doing more to stop last year's cyber attack on the election. How much could he do to protect our systems when it took almost a year for the government to investigate the successful July 2015 cyber attack on the Office of Personnel Management & the subsequent allocation of a measley $3.1 billion dollars to upgrading systems. That's like being reamed out for not thwarting an attack on your borders when they are armed to the teeth & you have a BB gun.
Have you heard anything about Congress making this a priority? Or the president demanding we face the threat with resolution & the will to mount the defenses we so clearly lack? Or we the people screaming to stop fiddling with a health care bill that is a disaster & address an actual disaster before it descends into full-scale calamity?
Silence.
It gets worse. The person in charge of government IT infrastructure, Beth Anne Killoran, was quoted as saying, "Just because something has a particular age, doesn't necessarily meant that is the end of life." When it comes to IT systems? To swipe from Speaker Boehner, "When it comes to IT systems that date back to the last millennium, it sure as H-E-double tooth picks does!"
Here's how things stood around this time last year...
Per The Hill 05/03/16:
The General Accounting Office (GAO) said the allocation should be in the $20 billion$, since most of the $61 billion already allocated for government IT systems goes to operation & maintenance, leaving wildly insufficient monies for upgrades modernization (widespread replacement).
The DEFENSE DEPARTMENT was using a 53-year-old system backup to sen/receive emergency action messages from nuclear forces, runs on a 1970s-era computer system & uses 8-inch floppy disks. Replacement parts are hard to find because it is so massively obsolete. Our DEFENSE Department. ~ The Pentagon was planning to wrap up replacing the entire system - by 2020. No worries about the floppies, because (per DOD chief IT officer Terry Halvorsen), “The reliability factor on that system is where I need it to be…it is completely secure because it is a closed system.”
The master file at the INTERNAL REVENUE SERVICE responsible for assessing generated refunds was running on a 1950s “assembly language code.” Again - no worries. The good news is the computer language is tagged by the GAO as "fast"; the bad news is it typically can only run on a single computer, is difficult to maintain. "The system, which costs $13.6 million per year to maintain, is supposed to be replaced, but there is no firm date. "
I'm just adding verbatim what The Hill writes about SOCIAL SECURITY - would send me in an emotional tailspin to use my own words: "The Social Security Administration has rehired former employees who were some of the few that knew how to operate the complex system that determines retirement benefits and eligibility. The system is 31 years old and made up of 162 subsystems, with some running on a early 1960s-era programming language called COBOL. ~ Much of the system was developed by the agency itself rather than contractors, and officials report that “most of the employees who developed these systems are ready to retire and the agency will lose their collective knowledge.” The agency has been modernizing the system over the years, but more than half of the budget is dedicated to maintaining it."
The STATE DEPARTMENT uses a 27-year old system to track and validate their visa info on 55,000 foreign nationals using graphic interface software no longer supported by the vendor. It's due to start replacing the system next year, although the GAO does caution that it is replacing one system of unsupported software with another that is also not supported.
Ah, the TRANSPORTATION DEPARTMENT.... Its records on shipping & maintaining hazardous materials have multiplied because the department has to teach employees how to use the archaic systems used to scan & maintain docs. It "uses a 2002 Microsoft platform and a 1990s program to create web pages." The hope was to retire the antiquated portions of the system by next year.
It is to weep - and tremble in our boots.
* sop -a thing given or done as a concession of no great value to appease someone whose main concerns or demands are not being met.
