U.S. at Risk for Cyberattack
The United States would lose a cyberwar if it fought one today, warned Michael McConnell a former US intelligence chief. McConnell, a retired US Navy vice admiral who served as President George W. Bush’s director of national intelligence, also compared the danger of cyberwar to the nuclear threat posed by the Soviet Union during the Cold War.
McConnell also told the Senate Committee on Commerce, Science and Transportation, in a hearing on cybersecurity. “We’re the most vulnerable, we’re the most connected, we have the most to lose . . . as a consequence of not mitigating this risk, we are going to have a catastrophic event.” McConnell is now an executive vice president for the consulting firm Booz Allen Hamilton’s national security business.
The hearing came a little over a month after Internet giant Google revealed that it and other US companies had been the target of sophisticated cyber attacks originating in China. Democratic Senator Jay Rockefeller, the co-sponsor of a bill seeking to bolster public and private sector cybersecurity cooperation and panel’s chairman said “National security and our economic security are at stake.”
James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said that government intervention would probably be needed to crack down on the “Wild West” the Internet has become. The greatest threat to the United States comes from cyber espionage and cyber crime, he said, calling them a “major source of harm to national security.”
Scott Borg, director of the US Cyber Consequences Unit, also warned of the economic damage from cyber attacks. “The greatest damage to the American economy from cyber attacks is due to massive thefts of business information . . .This type of loss is delayed and hard to measure, but it is much greater than the losses due to personal identity theft and the associated credit card fraud.”
“[The United States needs a] national strategy for cybersecurity that matches our national strategy that guided us during the Cold War, when the Soviet Union and nuclear weapons posed an existential threat to the United States and its allies.” McConnell said in his prepared remarks. Although US President Barack Obama’s appointment of a cybersecurity coordinator in December and his national cybersecurity initiative were moves in the right direction, McConnell said they were not enough. McConnell pointed out that the United States spends more on missile defense than it does on cybersecurity; even though, the latter could compromise the future prosperity of our nation and destroy the global financial system.
He called for establishing a National Cybersecurity Center modeled after the National Counter Terrorism Center set up after the attacks on New York and Washington of September 11, 2001. The center would work as a cybersecurity hub for the Federal government, state governments, local governments, and private sector. As such it handle information sharing and integration, situational awareness and analysis, coordination and collaboration.
To address this problem Senators Jay Rockefeller, and Olympia Snowe, introduced a bill that would create new cybersecurity regulations for private companies designated as critical infrastructure. The Cybersecurity Act was introduced in April 2009, and has been rewritten several times after complaints from the private sector. The bill would also require a national licensing and certification program for cybersecurity professionals, and make it illegal to provide certain cybersecurity services without being licensed and certified. Some versions of the bill would have also allowed the President of the United States to order that parts of the Internet under attack to be shut down.
As of now the Cybersecurity Act has not been passed by either house of the Congress and is under review in the Senate Committee on Commerce, Science and Transportation. For now the national cybersecurity is handled by a handful of federal agencies such as the F.B.I. and the Military.
Read more at Federal Times
Read more at Washington Post