Cyber Security Panorama: How the U.S. Should Fight Cyber Attacks
Lieberman's calls for a "cyber czar" have bloggers debating the best way to defend the nation's data
Just how safe are America's computer networks? Most tech security experts agree that sensitive data are vulnerable to domestic and international hackers, and recent findings back them up. Such concerns lay behind Senator Joe Lieberman's speech last Friday outlining his cyber-security vision, which would call for the appointment of a new czar. On the same day as Lieberman's speech, Department of Homeland Security Secretary Janet Napolitano cut the ribbon on the nation's newest cyber security command post. Will these measures be effective?
- Lieberman's Right, We Need a Cyber Czar, Now urges James D. Zirin in a column in the Miami Herald. Examining an attack by Eastern European hackers that took down Twitter and other social networks in August, Zirin describes an "international cyber arms" market, complete with dealers hocking destructive malware software on online auction sites. He doesn't think that an attack from an enemy government is out of the question, either. According to Zirin, the best way to begin fortifying the nation's networks is by appointing a permanent "cyber czar" sooner rather than later. As he writes: "The cyber czar would have to coordinate with agencies that engage in constant turf wars, including the CIA, the FBI, the Department of Defense, the National Security Agency and others. That is a daunting task for an outsider -- even a 'czar' appointed by the president. But the need is great."
- Not Another Czar! Back in August, the nation's leading "cyber czar" candidate Melissa Hathaway forfeited her shot at the role when resigned from her post as Acting Senior Director for Cyberspace (citing personal reasons). Wired's Michael Tanji applauded the move, arguing that a cyber czar was a bad idea. He argued that a more unofficial leader was needed: "Forget trying to shoe-horn technology stars into government cyber security jobs (a worthy if doomed-from-the-start experiment) or creating more useless bureaucracy with another czar. We need a facilitator - someone with a lot of betweenness and closeness, to use some social networking terms - to make sure that the right people are talking, sharing, and collaborating as they best see fit. Collaboration is key to improving security and collaboration comes from trust, not edicts from the Kremlin."
- Trust the NSA Larry Wortzel, chair of the congressionally-appointed U.S.-China Economic and Security Review Commission makes the case for why the National Security Agency should be in charge of safeguarding U.S. networks. He cites a report from his group that details bold, increasingly successful efforts of the robust Chinese cyberspying program to hack into U.S. Defense Department and banking data. Noting that Britain has also grown more concerned about Chinese cyber attacks, Wortzel recommends the Obama administration cultivate a broad coalition of international and private-sector allies. But he says the NSA should ultimately remain the keystone of cyber security: "It would also behoove Mr. Obama to clarify which government agency will take the lead in protecting the country from cyber attack. The National Security Agency should be at the top of his list: it has decades of experience conducting operations in the electronic and cyber realms. The agency has skilled personnel, wide contacts in the private sector and abroad, and highly skilled linguists able to work in languages associated with the origin of some of the intrusions."
- Why Should We? James Bamford writes in the New York Review of Books against increasing NSA power: "Based on the NSA's history of often being on the wrong end of a surprise and a tendency to mistakenly get the country into, rather than out of, wars, it seems to have a rather disastrous cost-benefit ratio. Were it a corporation, it would likely have gone belly-up years ago….But pulling the plug, or even allowing the lights to dim, seems unlikely given President Obama's hawkish policies in Afghanistan. However, if the war there turns out to be the train wreck many predict, then Obama may decide to take a much closer look at the spy world's most lavish spender."
- Obama Trusts The NSA At Newsweek, Mark Hosenball explains that while the NSA's role in monitoring cyber networks remains controversial, especially to "Congress and civil libertarians," the agency continues to have White House support: "If anything, the Obama administration, citing the threats of computer hacking and cyberterrorism, is now moving to involve the NSA more deeply in domestic security issues." He points to the fact that Napolitano was joined by NSA director Keith Alexander at the formal opening of the National Cybersecurity and Communications Integration Center on Friday. Furthermore "The NSA’s official seal was displayed prominently on a big-screen graphic listing the center’s participants." Hosenball admits that the government is being tight-lipped about the project, so the level of official NSA involvement remains debatable.
- Self-Defense Defense Tech writer Kevin Coleman responds to the latest findings from AFCOM, the world's largest data center association, indicating that the nation's cyber security measures are presently grossly underfunded. Noting that an expert cyber attack on financial data centers could cripple the economy, he says that data managers shouldn't wait for the government to take the lead in beefing up cyber defenses: "It is time organizations move to security their information assets that today are said to make up over 80 percent of an organization's value. Data center managers and IT executives must develop and implement a comprehensive set of policies, procedures and security measures particularly those in and industry segment that are at high risk of experiencing cyber attacks from activists, terrorists, criminals and rogue nation states.
This article is from the archive of our partner The Wire.