The presidential campaign is turning a focus to cyberterrorism. Democrat Barack Obama has unveiled plans for a “national cyber advisor” position as well as updated standards for protecting computer-based infrastructures if he is elected. John McCain, the presumptive Republican nominee, has spoken of the need for increased cyber security in recent weeks as well.
Already this year, the current administration has increased its efforts to protect America from Internet-based attacks, with plans for a US$30 billion effort to expand federal network monitoring over the next seven years — but Obama, taking the strongest stand on the issue, insists it’s not enough.
Speaking at Purdue University on Wednesday, Obama said he intended to make cyber security a “top priority,” with an advisor reporting directly to him rather than to the Department of Homeland Security.
“I’ll bring together government, industry and academia to determine the best ways to guard the infrastructure that supports our power,” Obama stated.
“We need to prevent terrorists or spies from hacking into our national security networks. We need to build the capacity to identify, isolate and respond to any cyber attack. And we need to develop new standards for the cyber security that protects our most important infrastructure — from electrical grids to sewage systems, from air traffic control to our markets,” he continued.
McCain also has touched on the subject in speeches this month. During a talk in Indianapolis on July 1, he said the nation needs to spend far more money on cyber-security and high-tech protection.
“In this new century, and especially with the threat of terrorist attacks, every state, local and federal agency concerned with public safety should have access to a shared repository of information,” McCain stated. “In the case of any suspected terrorist, we must make certain that law enforcement knows who they are, where they are, and what they’re up to.”
The idea of an Internet-based attack may not be as far-fetched as it seems. Nearly all the nation’s critical systems are computer-based now — and that means they could be vulnerable.
“There’s hardly anything that’s mechanical any more,” Ed Clark, principal consultant of Executive Interface and former director of the Homeland Security Threats Office, told TechNewsWorld. “The entire power grid is managed by virtual circuit breakers. Chemicals are mixed and moved and transported, pipelines are run and monitored — all based upon information technology systems. The overarching rule — ‘computer security 101’ — says if it has computing power, it can be hacked, and I believe that,” he said.
Need for Centralization
While many agencies are now starting to include cyber security in their regulations, Clark believes more can be done — and that a centralized process is needed.
“I think they’re conscious of it, I think they’re doing more about it — but I think … they need to really exercise the leverage of the intelligence community and say, ‘Look, what’s out there, who’s trying to get in, how are they trying to get in, and how do we keep them out?'” Clark explained.
“If the government doesn’t mandate it, then in turn provide grants to do it, it’s not going to get done,” he added.
The key, Clark said, is planning in advance — whether on a government level or on a personal level.
“As much emphasis as there’s been on [security], a lot of people go out and spend money on a new firewall device — and then they don’t configure it,” he told TechNewsWorld. “We don’t just move one row of squares and then everything’s OK. You install that firewall, you install the policies and procedures, and then you have to manage it — you have to massage it,” he said.