Connect to share and comment
Administration considering how to achieve cyber security without compromising civil liberties.
SAN FRANCISCO — The Obama administration is reviewing the cyber security posture of the United States, a process that Europe is keeping a close eye on as the world's economic powers become increasingly concerned about threats to their vital electronic networks.
The review, which should be completed soon, coincides with the recent introduction of legislation by Democratic Sen. Jay Rockefeller of West Virginia and his Republican colleague Olympia Snowe of Maine. They want Congress to give the president power to shut down portions of the Internet during cyber attacks. The bill would also create a new White House office to improve the security of critical public and private networks.
This policy push comes amid revelations that Pentagon officials have spent $100 million in the last six months protecting military networks against cyber damage. The Wall Street Journal has reported that intruders, some possibly from China and Russia, have hacked into the U.S. electrical power control network and left behind potentially disruptive programs. Researchers at the University of Toronto recently reported finding evidence that Chinese sources had “infiltrated at least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices.” The governments involved have dismissed or ignored such claims.
How the United States addresses its cyber security concerns will influence similar deliberations in Europe, where officials are still unnerved by events like the 2007 attacks that shut down the Estonian Internet, according to James Lewis with the Center for Strategic and International Studies.
Lewis was the principal author of a December 2008 white paper, “Securing Cyberspace for the 44th Presidency.” To prepare that report CSIS, a defense think tank that often presages official policy, brought together dozens of corporate and government security officials to discuss how to protect a global network where traditions of openness and anonymity give attackers the advantage.
“At the end of the day there's only three ways to secure the Internet, all of which are difficult and have civil liberties implications,” Lewis told GlobalPost. “You can re-architect the basic network, increase monitoring and surveillance and have more authentication of digital identities.”
Among the first steps the United States can take toward greater security is reconfiguring sensitive government networks and critical infrastructure, like the power grid, so they have fewer connections to the wider Internet, thereby reducing the number of back doors through which hackers might attack.