|
Study: U.S. vulnerable to cyberterrorism
October 21, 1997
Web posted at: 3:06 p.m. EDT (1906 GMT)WASHINGTON (CNN) -- Crucial parts of the United States' infrastructure are vulnerable to computer attacks, a presidential commission to study cyberterrorism said in a report this week. The panel urged the government to step up measures to protect against potential threats.
"National defense is not just about government anymore, and economic security is not just about business anymore," the Commission on Critical Infrastructure Protection wrote in a summary of the classified report it delivered Monday to the White House.
In past wars, national infrastructure components -- airports, power plants and communication centers, for example -- were military targets whose destruction could cripple a nation.
But the commission, headed by retired Air Force Gen. Robert Marsh, said that with the country's growing dependence on computers, a new vulnerability in the nation's infrastructure has appeared. The computer-based systems that run airports, power grids and communication systems are open to cyberattacks.
"It's perfectly clear that given the tools and given our vulnerabilities, that somebody with intent to do us serious harm sometime in the future will proceed unless we take steps now to protect against that," Marsh said.
Security consultant Winn Schwartau, the author of the cyberterrorism tome "Information Warfare: Chaos on the Electronic Superhighway," says that by some estimates, the U.S. information infrastructure is attacked as many as a billion times a year -- sometimes by hackers, sometimes by cyberterrorists.
If a major attack comes over the wires, he said, it could potentially leave portions of the country without electricity, air travel, or phones. "That's going to affect the man in Iowa, affect his lifestyle," he said.
(179K/14 sec. AIFF or WAV sound)
The presidential commission says we must learn to tell the difference, as Marsh put it, between "a deliberate attack by an organized effort on the part of somebody who'd do us real harm" and "isolated incidents."
The Marsh commission recommends several steps, including more research on computer security, more education to make everyone aware of the need for computer security, development of better computer security systems, and revising laws to ensure protection against computer attacks.
Because revamping laws would be a "lengthy and massive undertaking," the commission offered several suggestions to jump-start the process.
"We identified existing laws that could help the government take the lead and serve as a model of standards and practices for the private sector," it wrote. "We identified other areas of law that ... can enable infrastructure owners and operators to take precautions proportionate to the threat."
And the commission calls for a new concept of cooperation between the private sector, which owns most of the nation's information infrastructure, and government, which regulates much of it.
"It's the private sector that's going to have to take the necessary steps," Marsh said. "It's the government that has to enable that to happen."
But before that can happen, there must be agreement on contentious issues like encryption --- a politically charged technology that the commission strongly endorses.
Correspondent David George contributed to this report.
Related story:
- U.S. to prepare for cyberterrorism attacks, but is it necessary? - July 16, 1996
Related site:
Note: Pages will open in a new browser windowExternal sites are not endorsed by CNN Interactive.
Watch these shows on CNN for more sci-tech stories:
CNN Computer Connection | Future Watch | Science & Technology Week
|
Sound off on our message boards You said it... |
|
© 1997 Cable News Network, Inc.
All Rights Reserved.