Home » Politics & Society » Technology & U.S. Politics » Starting now to develop a strategy on cyber-terrorism

Starting now to develop a strategy on cyber-terrorism

© Alan Kotok

In the wake of the national tragedy of 11 September 2001, much of the activity across government has shifted to protecting the country against further terrorist attacks. As the nation’s economy and lifestyle have become more intertwined with the Internet, one of the concerns of policy makers is the vulnerability of our computer and communications infrastructure.

Ten days after the New York and Pentagon attacks this subject came up in Senate hearings and will likely be one of the responsibilities of the new homeland security agency. However, the first reports suggest we have a long way to go to protect these important assets.

Senate hearings on homeland security

On 21 September, the Senate Committee on Governmental Affairs held hearings on organizing the efforts to respond to homeland threats. Among the witnesses was David Walker, Comptroller General of the United States who heads the General Accounting Office, the investigative arm of Congress. Walker pointed out the need for a national strategy on homeland security overall. In his testimony, Walker noted:

"At present, we do not have a national strategy specifically for ensuring homeland security. Thus, the strategy must establish the parameters of homeland security and contain explicit goals and objectives. It will need to be developed in partnership with Congress, the executive branch, state and local governments, and the private sector (which owns much of the critical infrastructure that can be targeted). Without such a strategy, efforts may be fragmented and cause confusion, duplication of effort, and ineffective alignment of resources with strategic goals."

Walker pointed out four levels of activity that need to go into a comprehensive national strategy:

-- Reduce vulnerability to attacks, by hardening targets and other measures

-- Identify threats through the use of intelligence assets

-- Stop attacks before they occur, and

-- If attacks occur, manage the consequences

Once the strategy is in place, then participants at each level of government and in the private sector need to know their roles and be prepared to carry them out. The need to include the private sector applies particularly to protecting computing and communications networks. Today, much of the day-to-day work countering viruses, worms, and denial-of-service attacks comes from private rather than public sector sources.

Little done on cyber-terror protections

On the state of preparations to combat cyber-terrorism, Walker painted a bleak picture. He noted that Presidential Decision Directive 63, issued in 1998, along with other laws and guidance have called for actions to better prepare the nation for attacks on these vital resources, but progress on implementing these directives has been slow. Many agencies have taken the first steps in these preparations, and outreach efforts have raised awareness of the problems, but little has been done beyond these first few activities. Walker pointed to the lack of a national plan as “an underlying deficiency impeding progress.”

The copyright of the article Starting now to develop a strategy on cyber-terrorism in Technology & U.S. Politics is owned by . Permission to republish Starting now to develop a strategy on cyber-terrorism in print or online must be granted by the author in writing.