|
Thank you Mr. Chairman. I appreciate
the opportunity to appear before this subcommittee to demonstrate
the cyber penetration techniques employed by my office.
As you are aware, my office provides the Secretary of Energy
with an independent view of the effectiveness of departmental
policies, programs, and procedures in the areas of safeguards
and security, emergency management, and cyber security.
Today, my staff will provide you a brief demonstration of
our cyber security penetration capabilities. With me for
the demonstration are Mr. Jason Bellone, formerly with the
FBI's Computer Analysis Response Team, Ms. Karen Matthews,
formerly with the Department of Defense Computer Forensics
Laboratory, Mr. Brent Huston, author of a soon to be published
book on hackproofing your E-commerce website, and Mr. Brad
Peterson, the Director of our Office of Cyber Security and
Special Reviews. Our cyber security office maintains a continuous
program for assessing Internet security to identify vulnerabilities
that hackers or others could exploit. As part of this program,
we continuously attempt to penetrate the DOE cyber community.
We do this by using off the shelf software and hacking programs
that are available to virtually anybody. Using these tools,
we have been successful in identifying numerous vulnerabilities
on DOE cyber security programs that, I am pleased to report,
have been largely corrected by the Department. We will take
a few minutes to demonstrate the results of some actual
inspections that have taken place over the last 6 months
in order to show you the hacking techniques that we use.
After the demonstration, we will be happy to respond to
questions. Let me now introduce Jason Bellone to lead the
demonstration.
|
