BBC News reports how a 17-year-old male was investigated after he expressed his dislike of President Barack Obama and the American government. Bedfordshire police, who paid a visit to the boy, said the email contained abusive and threatening language.

“He was told that he wouldn’t be able to go to America,” they added.

A spokeswoman said it was a case of a boy “being silly” and no criminal action was being taken.

“We were informed by the Metropolitan Police and so we went round to see him,” she said. “He said ‘oh dear, it was me.’”

The male told police he could not remember exactly what he had written in the email. A British tabloid quotes him as saying, “I don’t remember exactly what I wrote as I was drunk.”

Photo: White House

British Prime Minister David Cameron has raised the issue of Pentagon hacker Gary McKinnon’s extradition case with President Barack Obama, according to The Guardian. Cameron and his deputy PM, Nick Clegg, have each criticized the extradition attempts of McKinnon, arguing that he should instead appear in a British court.

McKinnon stands accused of hacking Department of Defense systems and could face up to 60 years in prison. McKinnon, who has Asperger’s Syndrome, has been trying to fight off extradition to the United States for 6 years.

“Clearly there is a discussion going on between the British and the Americans about this, but I don’t want to prejudice those discussions,” Cameron said at a joint press conference. “We completely understand that Gary McKinnon stands accused of a very important and significant crime in terms of hacking into vital databases, and nobody denies that is an important crime that has to be considered. I have had conversations with the US ambassador as well as raising it with the president, and I hope a way through can be found.”

President Obama stayed relatively aloof of the situation, saying historically, presidents avoid getting directly involved in such processes.

“One of the traditions we have is that the President doesn’t get involved in decisions around prosecutions, extradition matters,” Obam said. “I trust that this will get resolved in a way that underscores the seriousness of the issue, but also underscores the fact that we work together, we can find an appropriate solution.”

McKinnon claims his motivation for hacking the DoD system was his search for UFOs. Many McKinnon supporters see the public pronouncement by Cameron, the first since he became PM, as a step forward in keeping McKinnon in the United Kingdom.

“We’re very pleased that David Cameron has raised this and had a face-to-face discussion about Gary,” McKinnon’s lawyer said. “Obama has used the term an appropriate solution and the appropriate solution is that he stands trial in the UK.”

The 60-day Cyberspace Policy Review, spearheaded by Melissa Hathaway, recommended a number of ways to enhance U.S. cybersecurity efforts. One of which was the creation of a Cybersecurity Coordinator position within the White House. In December, President Obama finally named Howard Schmidt to the position.

The U.S. military has also moved forward with cyber, looking to protect DoD networks from the thousands of probes they receive daily. The creation of U.S. Cyber Command was announced last summer. The Navy, Air Force and Army have all stood up a cyber commands to deal with the threat to their individual services. And in May, the U.S. Senate confirmed Gen. Keith Alexander to lead CYBERCOM, following months of delay.

Congress has also joined the cyber frenzy with over 40 bills currently in Congress that touch on cybersecurity. Also, in March, the Obama administration declassified portions of the Comprehensive National Cybersecurity Initiative (CNCI).

Also, several efforts were put forward in the past year to promote greater cooperation domestically and abroad with regards to cybersecurity. The FBI has started to embed cyber investigators abroad with foreign police units in the Ukraine, Estonia and Holland.

In May, representatives from the United States and Russia sat down to discuss cooperation on cyber issues. Additionally, Deloitte sponsored the First International Cybersecurity Summit, which brought together representatives from more than 30 countries.

Domestically, the Obama administration has moved towards greater collaboration, particularly in the research and development sector. Late last month, Schmidt and federal CTO Aneesh Chopra announced the launch of a web forum designed to promote collaboration on R&D.

Despite these advances, some cyber experts believe that more needs to be done to secure the United States.

In an article that appeared over the weekend, Melissa Hathaway and Jack Goldsmith wrote: “This approach demands leadership from the White House and Congress that is difficult to muster in hard economic times. The lesson of the past two decades is that the nation will not get serious about cybersecurity until the costs of not doing so are more apparent — probably after some component of our economy is destroyed by a catastrophic cyber-event.”

Howard Schmidt

The White House has unveiled a declassified version of the Comprehensive National Cybersecurity Initiative (CNCI). The CNCI was originally started by the Bush Administration and President Obama has decided to evolve the CNCI to become key sections in an expanded and up-to-date cybersecurity strategy for the US.

The decision to declassify portions of the CNCI is part of the wider effort under the Obama administration to increase government transparency. At the RSA Conference out in California this week, White House Cybersecurity Coordinator Howard Schmidt announced the declassification and highlighted in his address the need for transparency and partnerships.

The CNCI’s broader mandate is to:

1) Establish defensive capabilities against the current threat landscape

2) Defending against the broad range of cyber threats

3) Strengthen future cybersecurity efforts

The CNCI contains twelve major initiatives:

1) Manage the Federal Enterprise Network as a single network enterprise with Trusted Internet Connections

2) Deploy an intrusion detection system of sensors across the Federal enterprise

3) Pursue deployment of intrusion prevention systems across the Federal enterprise

4) Coordinate and redirect research and development (R&D) efforts

5) Connect current cyber ops centers to enhance situational awareness

6) Develop and implement a government-wide cyber counterintelligence (CI) plan

7) Increase the security of our classified networks

Expand cyber education

9) Define and develop enduring “leap ahead” technology, strategies, and programs

10) Define and develop enduring deterrence strategies and programs

11) Develop a multi-pronged approach for global supply chain risk management

12) Define the Federal role for extending cybersecurity into critical infrastructure domains

The PDF version of the declassified CNCI can be viewed here

Sen. Al Franken

Late last year, President Obama signed into law the Franken Amendment, which is an amendment to the Defense Appropriations Bill. It took effect last Tuesday and received both praise and derision from interested parties.

The initial impetus behind the Franken Amendment was a result of the alleged rape by fellow contracting employees of Jamie Lee Jones. Based on arbitration agreements signed with the company, Jones was unable to move the case through court channels.

The Amendment states that funds in the Defense Appropriations Act cannot be used to fund new or existing contracts in which a contractor or subcontractor requires employees to sign an agreement to resolve claims related to the Civil Rights Act of 1964 or any instances related to sexual assault or harassment. This means that any contractor currently operating in Iraq or Afghanistan now needs to go back and re-negotiate its contracts with its employees, which will likely prove to be an expensive undertaking.

An interesting side to the Franken Amendment, which is not specifically spelled out, is the issue of cyber sexual harassment or bullying. In recent years, increasing levels of attention have been paid to cyber bullying of young children, which has led to instances of suicide.

So, does the Franken Amendment extend into the cyber arena? What are some of the implications and challenges that it will face?

The Amendment most certainly would extend into sexual harassment actions that emanate from cyberspace. As the Amendment fails to define a particular medium under which such harassment must occur, it is necessary to take the broadest interpretation.

The extension of the Amendments reach could certainly prove a significant aid to victims seeking justice. However, it also opens up a range of difficulties that arbitration could potentially be the more appropriate venue.

While instances of rape and other versions of sexual harassment/assault are not necessarily easy to attribute, it is generally more definitive than the cyber realm. Cyberspace provides a level of anonymity that in today’s age is difficult to achieve in the physical realm.

Cyber bullying or harassment could appear to come from a particular email address or even IP address. However, criminals that utilize cyberspace are perfectly adept at hijacking valid credentials to carry out their misdeeds.

In these instances, arbitration would have significant advantages over court procedures. Individuals who are accused of being perpetrators of sexual harassment (but are in fact innocent) would suffer less through an arbitration process.

While victims of sexual assault and harassment certainly deserve unfettered access to court procedures, information and evidence in the cyber domain can prove incredibly complex. In the realm of cyberspace, the Franken Amendment has the potential to make more victims, despite its good intentions.

The bill, HR 4061, known as the Cybersecurity Enhancement Act, will now be sent to the Senate for approval.

Rep. Dan Lipinski (D, IL), the sponsor of the bill, said:

“The amount of time all of us spend on the Internet, the vulnerabilities that are out there, hopefully through this work, we can really make things better, make our Internet more secure, so we have fewer problems with attacks, not just on government but on individuals.”

The bill is designed to help the federal government acquire skilled cyber security professionals, coordinate R&D efforts, promote education and awareness among the general populace, and enhance the ability to transfer cybersecurity technologies.

If the bill is passed by the Senate and approved by President Barack Obama, it will strengthen the power of the National Institute of Standards and Technology. NIST will be required to develop an educational campaign to encourage wholesale cyber hygiene. The bill also authorizes the National Science Foundation to conduct R&D surrounding the cyber workforce.

Identity management is a central issue for any cyber security team. Ensuring that the right person is able to access the appropriate level of information is essential for government cohesiveness and efficiency. To improve identity management in the federal sector, the administration wants to ‘implement the Federal identity management roadmap,’ according to a presentation released by federal CIO Vivek Kundra.

One of the major complaints about FISMA and previous federal cyber security efforts, is the reliance on compliance instead of focusing on real-time security. The new budget calls for outcome-based security metrics and using Cyberscope and DNSSEC programs to increase cyber security.

Finally, the budget seeks to improve information sharing by utilizing the National Information Exchange Model to share information regarding cyber incidents.

Included in the recent budget announcement is also $364 million the National Cybersecurity Division of DHS and the CNCI, which was developed by the Bush administration and was predominately classified. The new budget requests $3.6 billion for CNCI funding for the 2011 fiscal year.

The Obama administration intends to release an unclassified summary of the CNCI shortly in an effort to increase government transparency.

The hacked web pages were defaced with abusive language directed at President Obama. The defaced websites were all hosted in the house.gov domain. Several Committee sites were also hit in the attack.

The list of the 49 hacked websites can be viewed here.

While the Internet has developed as an essential tool, it is also used for more nefarious purposes. Individuals and governments are able to take advantage of our networked society to steal intellectual property and conduct damaging attacks against unsuspecting victims.

Last week, search engine giant Google announced that it was considering withdrawing from the Chinese market following a cyber attack. The dispute has delayed the roll out of the Android, Google’s smart phone, in the Chinese market.

The Android, like the iPhone, has a common apps store that allows users to develop and share apps. However, the Android does not require approval by staff prior to the new app being available for download, making wider distribution possible.

Google’s approach to content and sharing is in direct conflict with the ideas of some large scale Internet giants. Rupert Murdoch, head of News Corporation, has threatened recently to move all content to a ‘pay-to-play’ format, in which users must pay subscriptions to read content.

Additionally, the Obama administration appears to be backing away from its earlier push for net neutrality, according to Larry Downes, author of The Laws of Disruption: Harnessing the New Forces that Govern Life and Business in the Digital Age. Late last week, the Federal Communications Commission closed its comments section following a 60 day review of six proposed net neutrality rules. In the final day, close to 4,000 comments were submitted.

The FCC is currently conducting a review into both sides of the net neutrality debate. The results of the review will be eagerly and critically viewed by Internet users and providers. While content providers are often reticent to support net neutrality, companies like Google promote it vigorously.

As we look forward into the new decade, the Internet will clearly continue to play a central role in our lives. The results of the struggle between net neutrality proponents and opponents will determine the future of the Internet, though the matter is unlikely to be settled quickly. Any rules that are implemented will likely be challenged in court.

Ultimately, the judiciary system will seemingly determine the future of the Internet.

In a recent article published in Computer Week, Ira Winkler discussed some of the concerns surrounding the use of smart grid technology. While some have questioned the potential for damage from a hacking attack into a smart grid or the motivation for criminals to do so, Winkler sees a plethora of evidence pointing the other direction.

Winkler notes that while a smart grid is supposedly not networked, the devices it services in every home and business are. Hackers will be able to find exploits in the smart grid in the same way they have in virtually every other man-made system.

In the article, Winkler outlines several avenues of attack that are within the realm of possibility. These include: cutting electricity, force brown outs, flood the grid, use the devices to attack the grid, shake confidence in the system and appropriate free service.

While Winkler is not suggesting the United States not transition to smart grid technology, the nation should consider the security implications of such a move.