The US Computer Emergency Readiness Team (US-CERT) isn’t looking quite so ready at the moment as its director has just quit. US-CERT, part of the Department of Homeland Security (DHS), is charged with the task of protecting US government agencies and networks from cyberattacks.
According to an Information Week report on Monday, the former DHS official, Randy Vickers, left his post at the end of last week. He’d been in the position since April 2009.
The report said that in an email announcing the news, sent to staff by DHS’s acting assistant secretary for cybersecurity and communications Bobbie Stempfley, no explanation was given as to why Vickers had decided to resign.
In the past few months, however, a number of government agencies have been hit by hackers in a string of embarrassing cyberattacks.
In June the LulzSec hacker group hit the CIA website with a denial-of-service attack, and shortly before that the website of InfraGard, a non-profit organization that serves as a partnership between the FBI and private business, was hit by the same group.
In the same month, officials working at the White House were at the center of a phishing attack where hackers, believed to be located overseas, tried to trick users of Gmail into giving away their passwords.
Federal contractors dealing with confidential government information have also been targeted by hackers – earlier this month Booz Allen Hamilton lost 90,000 email addresses and passwords after a security breach orchestrated by another hacking group, Anonymous.
On its website, US-CERT cites its mission as “to improve the nation’s cybersecurity posture, coordinate cyber information sharing and proactively manage cyber risks to the nation while protecting the constitutional rights of Americans.”
US-CERT deputy director Lee Rock will fill Vickers’ position until a new director is announced.
In the email sent to staff on Friday, Stempfley wrote: “Lee has been the deputy director for US-CERT for over a year and we are confident that our organization will continue its strong performance under his leadership.”
Describing the performance as “strong” may be scoffed at by some observers, but there’s little doubt that in the world of cybersecurity, this must be one of the toughest jobs going. Whichever brave soul takes on the role full-time, hopefully they’ll have been able to learn a lot from the recent string of cyberattacks.