ACE built to withstand cyber attacks, CBP says
U.S. Customs and Border Protection has placed great emphasis on defending against cyber attacks as it builds out the new Automated Commercial Environment to prevent hackers from getting at government and commercial data, Chief Information Officer Charles Armstrong said Wednesday.
ACE is the information technology system designed to replace existing programs that monitor, control and expedite commercial imports and exports. Already operating with limited functionality, ACE eventually will provide a single portal for importers to file trade data with federal agencies and then access and analyze that data, as well as a company's compliance history, on an enterprise-wide basis rather than port by port.
CBP collects massive amounts of proprietary data about companies and their shipments through various channels such as customs entries, carrier manifests, importer security filings, and applications to join security and trade compliance programs.
The Office of Information and Technology is fending off computer hackers trying to enter existing CBP computer networks and is planning new layers of protection for ACE, the assistant commissioner for technology said during a webinar to update the public about progress on ACE.
'I can't underscore the need for a system that addresses the cyber security threats. It's important not just to us, but to you, the global supply chain, to ensure the security and integrity of your data. There's not a day that goes by where we don't come under some kind of cyber security attack. It's a daunting number of attacks that hit our network everyday,' Armstrong said.
CPB systems recently got hit by the Zeus Trojan, a piece of malicious software that steals banking information by putting keystroke loggers on keyboards and is spread by downloading phishing e-mails.
Phishing is a technique used by cyber criminals posing as a legitimate entity in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information that the legitimate organization already has.
The Zeus bot, or automated Web robot, has attacked several government agencies, banks, retailers and media companies.
'Fortunately, we've been able to stay out ahead of it, so it hasn't had any negative impact on us so far,' Armstrong said.
CBP programmers are spending a lot of time engineering technology countermeasures to monitor ACE for cyber threats 'so that we can ensure the integrity and reliability of our data and the intellectual property rights within that data,' he said. ' Eric Kulisch