[ISN] U.S. Government Report Exposes Computer Security Threat

From: mea culpa (jerichoat_private)
Date: Sat Dec 19 1998 - 20:17:27 PST

  • Next message: mea culpa: "[ISN] Woman says FBI wrongly suspects hacking link"

    Forwarded From: darek milewski <darekmat_private>
    U.S. Government Report Exposes Computer Security Threat
    Washington, D.C. -- Computer hackers using software widely available on
    the World Wide Web could bring down the nation's electrical power grid and
    military command and control systems, according to a U.S. government
    report released today.
    A complete overhaul of U.S. national security agencies and policies is
    needed to avert cyber attacks that could cripple the nation's and
    Corporate America's critical infrastructure, the report states. 
    The report, entitled, "CyberCrime, CyberTerrorism, and CyberWarfare:
    Averting an Electronic Waterloo," recommends several procedures U.S.
    policy makers can implement to defend the nation's critical
    infrastructures from information warfare. "Averting an Electronic
    Waterloo" is the result of a three-year effort by the Center For Strategic
    and International Studies' Global Organized Crime project, chaired by
    William Webster, former FBI and CIA director. 
    To illustrate how vulnerable the U.S. defense and national security
    community is to an information attack, the report notes the results of a
    recent Joint Chief of Staff exercise code-named "Eligible Receiver." A
    group of security experts, known as a "red team," used software widely
    available from hacker Web sites to prove that they could disable major
    portions of the U.S. electric power grid and deny computer services to the
    entire Pacific military command and control system through an information
    warfare attack. 
    "It's unsettling to know that you could be experiencing an attack from
    almost any quarter and not know when it started or where its coming from,"
    said Senator Charles Robb (D-Va.), a member of the Senate Select Committee
    on Intelligence. 
    "CyberCrime looks at the problem of cyber attacks on the U.S. 
    infrastructure -- a serious problem which, in the opinion of most
    [experts], has not been adequately addressed," Webster said. 
    A broad-based security policy must address the total impact of the
    information revolution on national security, but will not be effective
    unless government works closely with private corporations -- which are
    often on the front lines of cyber attacks, the report states. 
    Robb said the U.S. should prepare now and not wait for a catastrophe to
    occur. In fact there are already indications that about 20 foreign nations
    have already successfully penetrated U.S. information systems, according
    to the report. 
    CSIS task force recommends the development of a national security policy
    for the Information Revolution. The president should issue an executive
    order that requires a top-down review of all the organizations responsible
    for information security and CyberCrime. 
    CSIS also recommends that the government support private-sector efforts to
    improve information security such as the Information Systems Security
    Board proposed by the telecommunications industry. ISSB would be a private
    sector-organized group which would evaluate and endorse information
    security standards. 
    In the past the government has lead the private sector. But with the
    growing cyber threat, that can't continue to happen. "The private sector
    cannot sit back and wait for government to lead," Robb said. By Rutrell
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:14:09 PDT