Feds still need to define role in tackling cyberterror, panelists say

[InfoSec News <isn () c4i org>]

http://www.govexec.com/dailyfed/0501/051501td.htm

By Liza Porteus 
National Journal's Technology Daily 
May 15, 2001

The massive Y2K efforts exerted to prevent a crash of the nation's
critical infrastructure may have moved the nation into the new
millennium with a few battle scars, a panel of experts said Monday,
but officials should heed the lessons learned from that experience
when looking toward protecting the nation's technological backbone in
the future.

Cyberterrorism "has no deadline like the 31st of December. It's going
to go on forever," Utah Republican Sen. Robert Bennett said at an
Armed Forces Communications and Electronics Association (AFCEA)
conference on Monday. "We have this kind of vulnerability now that we
never had before."

Bennett said the government is far from ready to combat
cyberterrorism, noting that in the past 12 months alone, government
agencies reported 586 intrusions. Bennett added that his own Senate
Web site was defaced over the weekend when an aide in his office
opened an attachment that spread porn to Bennett's Web site and to all
addresses in the aide's e-mail account--some of which included Utah
schools.

"The time is coming, and coming rapidly, when these intrusions will
become more than a nuisance, more than embarrassing." He said
countries or individuals with vendettas against the United States
could do the most damage to the nation via the banking industry. "That
would devastate the United States more than a nuclear device let off
over a major city," he said.

Virginia Technology Secretary Donald Upson, who has been mentioned as
a potential candidate for a key technology job in the Bush
administration, and John Sopko, deputy administrator of the National
Telecommunications and Information Administration (NTIA), both hailed
recent initiatives by President Bush to streamline efforts to protect
critical infrastructure as a way to bring industry and government
together.

Upson said critical infrastructure protection needs to begin at the
top level, but "it hasn't happened yet. ... We don't know today what
the federal government's role is. ... Our challenge is figuring out
how to work together."

But Sopko said that "one has to recognize cyberdefense is a long-term
problem with several pitfalls along the way." He said Commerce
Secretary Donald Evans has made promoting and protecting e-government
a priority because "our opponents are smarter and our dependence [on
e-commerce] is greater."

Sopko said the Bush administration has approached the challenge with
"eagerness and receptivity." He said e-government is one of the
administration's "core security issues." The White House announced
last week that a review of critical infrastructure policy would be
conducted with industry input, with the results to be released later
this year.

Evans, meanwhile, told a Senate Appropriations subcommittee last week
that the administration has made a "real effort" to work with
industry. "We're not trying to worry about whose turf it's on. ...
We're trying to figure out solutions," he said. "That's what it's all
about."




ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribe () SecurityFocus com.