[ISN] White House cyber czar describes next phase of Internet plan

From: InfoSec News (isnat_private)
Date: Fri Apr 19 2002 - 01:55:17 PDT

  • Next message: InfoSec News: "RE: [ISN] Indian hacker turns cyber cop"

    Forwarded from: William Knowles <wkat_private>
    By Shane Harris 
    April 17, 2002 
    ORLANDO, Fla. - Speaking before a conference of hundreds of federal
    technology personnel and industry officials Wednesday morning, Richard
    Clarke, President Bush's point man on national cybersecurity, outlined
    the next phase in the controversial plan to build an impenetrable
    information network for the federal government, known as Govnet.
    Clarke said a team from the General Services Administration had
    completed a review of more than 167 responses from technology
    companies on how the network could be built, and that the reviewers
    had concluded that creating a stand-alone network, one not connected
    to the vulnerable systems of any other networks, is technologically
    feasible. Clarke added that some Defense Department and intelligence
    agencies, as well as some organizations in the Energy Department,
    already operate these kinds of solo networks today.
    The government can't afford to put off major upgrades to information
    security, Clarke said, noting that terrorists have continued to call
    upon their followers to attack the nation's critical infrastructure of
    power grids and information systems, many of which are connected to
    the Internet.
    Every government agency has failed a test of its information security
    conducted by the National Security Agency, Clarke said. He criticized
    technology experts in government and the private sector for living in
    a "fantasy land" where they underestimate the power of online attacks
    and the vulnerability of agencies and corporations to such attacks.
    Clarke qualified the Bush administration's commitment to Govnet,
    saying it is merely a "concept," not an actual program or project.  
    "Govnet is a question - that may lead to programs," Clarke said.
    Lawmakers have not set aside any money in the president's budget for
    next year to fund the network, even though Bush has called for a 64
    percent increase in information security spending across the board.  
    Leading technology firms have criticized the Govnet plan as immature,
    unclear and underfunded.
    Clarke said the White House would seek permission from Congress to
    begin assessing how much it would cost to build the hacker-proof
    network and what the design of that system would be. He mentioned five
    possible paths the next phase of Govnet could take:
    1. Use ideas received from industry in response to the initial Govnet
       proposal to improve security on existing networks.
    2. Switch agencies over to other existing stand-alone networks.
    3. Allow agencies to build their own stand-alone networks.
    4. Create a back-up network to ensure continuity of critical
       government operations in the event of a terrorist attack.
    5. Create a multi-agency stand-alone network.
    Those options have been informally floated by technology firms over
    the past several months and offer little in the way of new thinking on
    how Govnet would be built. Clarke offered no insight into which
    approach the White House might favor, nor did he specifically endorse
    one approach over another.
    Clarke admonished the information technology industry, including such
    giant firms as Microsoft, for not manufacturing sufficiently secure
    products. He noted, however, that commitment to security has been
    revitalized by the Sept. 11 terrorist attacks.
    Clarke said that in a recent videotaped message, al Qaeda terrorist
    network chief Osama bin Laden praised the September attacks and called
    on his followers to attack the information infrastructure of the
    United States. "I hope the bastard is dead," Clarke said. His comments
    were greeted with applause from the audience.
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Fri Apr 19 2002 - 06:09:39 PDT