<<< Date Index >>>     <<< Thread Index >>>

[IP] NYTimes.com: Virtually Unprotected



June 2, 2005
Virtually Unprotected

When the East Coast and Midwest were hit by a blackout in 2003, the first fear of many people was that terrorists had attacked the electricity grid. It turned out not to have been terrorism, but the fears were well founded. Experts have long warned that the nation's power, transportation and communications systems are vulnerable to "cyberattacks" that could devastate the economy and cause huge damage to life and property. Now a new government report has concluded that far too little is being done to close these gaps.

After Sept. 11, 2001, a group of leading scientists sent a stern warning to President Bush about the danger of a computer-based terrorist attack on the nation's infrastructure. They called for the creation of a major Cyber-Warfare Defense Project, modeled on the Manhattan Project, to prevent, detect and respond to potential attacks. "Fast and resolute mitigating action is needed to avoid national disaster," the scientists warned.

Power grids, water treatment and distribution systems, major dams, and oil and chemical refineries are all controlled today by networked computers. Computers make the nation's infrastructure far more efficient, but they also make it more vulnerable. A well-planned cyberattack could black out large parts of the country, cut off water supplies or worse. The Nuclear Regulatory Commission found that in 2003 a malicious, invasive program called the Slammer worm infected the computer network at a nuclear power plant and disabled its safety monitoring system for nearly five hours.

Despite the warnings after 9/11 - and again after the 2003 blackout - disturbingly little has been done. The Government Accountability Office did a rigorous review of the Department of Homeland Security's progress on every aspect of computer security, and its findings are not reassuring. It found that the department has not yet developed assessments of the threat of a cyberattack or of how vulnerable major computer systems are to such an attack, nor has it created plans for recovering key Internet functions in case of an attack. The report also expressed concern that many of the department's senior cybersecurity officials have left in the past year. Representative Zoe Lofgren, the California Democrat who was among those who requested the G.A.O. report, said last week that it proved that "a national plan to secure our cybernetworks is virtually nonexistent."

Protecting the nation from a potentially devastating cyberattack is not easy. The technological challenges are considerable - even major technology companies have trouble defending themselves against hackers. The number of potential targets is enormous. And because many of the targets are in private hands, the Department of Homeland Security has to work with entities that may be reluctant to follow the government's lead.

But overcoming these obstacles should be a high priority. One of the lessons of the Sept. 11 attacks in New York and Washington was how much damage a few men with simple weapons, like box cutters, could do if they targeted a point of maximum vulnerability. In a well-planned cyberattack, a single terrorist with nothing more than a computer and Internet access could do an extraordinary amount of harm from half a world away.

An Insecure Nation: Editorials in this series remain online at nytimes.com/insecurenation.



-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/