U.S. Cyber-Security Tsar Quits Without Explanation
Modernizing Authentication — What It Takes to Transform Secure Access
The director of the United States Computer Emergency Response Team resigned last week without any official explanation.
Randy Vickers resigned July 22, effective immediately, according to an email to employees sent by Roberta Stempfley, acting assistant secretary at Department of Homeland Security's Office of Cyber-security and Communications. Lee Rock, the deputy director, would step in as the interim director until a new director was found, Stempfley said in the message.
"We are confident that our organization will continue its strong performance under his Rock's leadership," Stempfley wrote. She wished Vickers success in future endeavors.
It's not known at this time what Vickers will be doing next. His LinkedIn profile has been updated to reflect that he's no longer at US-CERT, but no other information was available.
While the email did not provide a reason for his departure, Vickers was in charge of an organization tasked with mitigating cyber-threats to federal networks and to the .gov domain. The last few months have seen a dramatic uptick in the number of high-profile attacks against government agencies and private firms that work with them. Some attacks were activist in nature, such as the ones from hacker collective Anonymous and the smaller LulzSec gang looking to expose government and military secrets. Others have been attributed to nation-states and the sources for a handful remain unknown.
LulzSec alone claimed responsibility for attacking Websites belonging to the Central Intelligence Agency, the U.S. Senate, the Arizona Department of Public Safety, two public-private partnerships with the Federal Bureau of Investigation and others during its 50-day spree that ended in June.
The Department of Defense believes that a foreign intelligence service swiped 24,000 files from a U.S. defense contractor in March, Deputy Defense Secretary William Lynn said earlier this month. Unknown attackers have also breached Department of Energy's Oak Ridge National Laboratory and defense contractor Lockheed Martin this spring.
Cyber-attacks against federal government networks spiked 40 percent last year, from about 30,000 in 2009 to nearly 42,000 in 2010, according to an Office of Management and Budget report from this spring.
Part of the National Cyber Security Division at DHS, US-CERT also coordinates information sharing efforts between the government and private sector. The group released a new set of security guidelines for agencies to implement in hopes of preventing or mitigating future cyber-intrusions.