In just the past couple of days, there have been reports of two moves the feds are making to protect the country’s vital information infrastructure from cyber attacks -- both of which are sure to attract the attention of privacy advocates.
The Washington Post reported that President Bush authorized the nation’s intelligence agencies to monitor the Internet traffic of all federal departments.
The Post noted there have been a number of attacks in the past 18 months aimed at the State, Commerce, Defense and Homeland Security departments. “Until now, the government's efforts to protect itself from cyber-attacks -- which run the gamut from hackers to organized crime to foreign governments trying to steal sensitive data -- have been piecemeal. Under the new initiative, a task force headed by the Office of the Director of National Intelligence (ODNI) will coordinate efforts to identify the source of cyber-attacks against government computer systems. As part of that effort, the Department of Homeland Security will work to protect the systems and the Pentagon will devise strategies for counterattacks against the intruders,” the paper said.
The presidential directive, called the National Security Presidential Directive 54/Homeland Security Presidential Directive 23, was signed on Jan. 8.
The paper said the program will cost billions and that the White House was expected to request funding for it in the fiscal 2009 budget.
Separately, a story in The Wall Street Journal reported that President Bush has proposed building a $6 billion system to protect the country’s communications network from terrorism, espionage and hacking.
“Administration officials and lawmakers say that the prospect of cyberterrorists hacking into a nuclear-power plant or paralyzing Wall Street is becoming possible, and that the U.S. isn't prepared. This is ‘one area where we have significant work to do,’ Homeland Security Secretary Michael Chertoff said in a recent interview,” reported the paper.
The Journal noted that in order for the government to safeguard commercial systems, the feds would have to put sensors on private company networks.
The government, however, seems to understand the delicate nature of what it’s doing – at least in regard to any move to protect commercial computer systems.
"We need to be very careful," Secretary Chertoff was quoted by the Journal. "There is a lot of thought being given to: How do you organize this in a way that protects an incredibly valuable asset in the United States but does it in a way that doesn't alarm reasonable people, and I underline reasonable people, in terms of civil liberties?"
However, as the Journal noted, the Homeland Security Department counted 37,258 attacks on government and private networks last year, compared with 4,095 in 2005. Granted, 2005 was the first year it really started counting, and reporting mechanisms are constantly improving. But, looking at those numbers together with the Post’s report that several agencies have come under attack, it’s apparent that our vital information infrastructure is threatened.
Granted, as a nation, we must always take care to safeguard our liberties – for ourselves and for future generations. But America’s computer systems present a big, fat target to a lot of people and proper countermeasures must be put into place.
Of course, arguments need to be heard on both sides, but let’s hope the debate doesn’t drag out and we can find that fine line between protection and privacy sooner rather than later.