To combat the increasing threat of cyber terrorism, federal and state governments, as well as the private sector, need to increase cooperation, according to panelists at the Jan. 28 San Diego Town Hall meeting of the President’s Critical Infrastructure Protection Board.
Guardian
The strategy is part of an overall effort to guard against different forms of terrorism and is a component of the National Strategy for Homeland Security.
Many of the panelists emphasized the urgency of cyber security by highlighting last weekend’s Internet attack, when a worm targeted a service provided by Microsoft SQL Server and crippled 911 dispatchers, ATMs and Internet traffic across the United States.
“”You think about the fact that a little worm can affect so much, and yet that little worm was so benign in terms of what it could have done,”” said Peter Neumann, a principal scientist at SRI International Computer Science Laboratory and moderator of the panel.
That warning was echoed by Richard A. Clarke, special adviser to the president for cyberspace security.
“”Our enemies and our vulnerabilities in cyberspace will eventually come together, and when they do, they will make this weekend look like a party,”” Clarke said.
Clarke noted that since the early 1990s, more and more of the nation’s infrastructure, which includes power, water and fuel distribution, is dependent on networks and the Internet.
“”The things that make our country work are all controlled now by the Internet,”” he said. “”They are vulnerable because they are dependent on cyberspace.””
Two years ago, the federal government spent $2.7 billion to defend its computer systems against cyber attacks. For next year, $4.7 billion has been proposed, according to Clarke.
Among those in attendance at the Neurosciences Institute included Greg Cox, chairman of the San Diego Board of Supervisors, and Chancellor Robert C. Dynes, who has been stressing the need for research universities like UCSD to focus not only on research and development of homeland security technologies, but also delivery.
Panelists included representatives of both public, military and private sectors, who discussed measures that their own organizations have taken to protect their networks.
Chief Technology Officer for San Diego County Michael L. Moore said that although San Diego County survived the weekend’s attack, the county still needs to be more focused on new vulnerabilities.
“”We are trying to form partnerships with [other local agencies] and we are also trying to make awareness of data sharing and make sure that data we transfer back and forth is safe,”” he said.
Rob Broersma, network security manager for the Space and Naval Warfare Systems Command, said that military networks are particularly popular ones for cyber attacks. Attackers include civilian hackers, anti-military groups and foreign intelligence.
Because cyber attacks to the military’s networks can put lives at risk, Broersma said that the military is particularly vigilant about keeping security tight.
“”In the military, a lot of our focus is on protecting sensitive and classified information against unauthorized access disclosure [and to] ensure the liability, availability and integrity of the network even under attack,”” he said. “”So the stakes are high.””
Broersma said that more Internet service providers needed to be more cooperative in terms of shutting down users who are hacking. Additionally, he said that an increasing number of network personnel and policy makers do not know how the Internet works or how to use security.
Irwin M. Jacobs, chairman and chief executive of Qualcomm Inc., said that his company not only has to protect against cyber attacks but must also protect against attempts to steal computer codes, of which an attempt was made.
“”That whole incident caused us to realize this is a very serious issue, particularly if you are a company that tries to innovate technology,”” he said. “”You want to be able to protect that open environment, but you also need to protect that data.””
However, Clarke said that he believes that the infrastructure can be protected.
“”I think that by using our technologies in the universities, private laboratories, government laboratories, together we can come up with ways to make our critical infrastructures and computer networks secure while maintaining our privacy rights and our civil liberties,”” he said.
Following the series of town hall meetings, President George W. Bush will issue a national strategy to address cyber attacks against national infrastructure.
“”Having that strategy will be the beginning of what has to be a public-private partnership where we all work together for the foreseeable future to identify the vulnerabilities in our networks,”” Clarke said.
