Presidential Appointee’s Advice on Homeland Cyber
Security
By Dana Greenlee, co-Host WebTalkGuys Radio
Howard Schmidt says it's a matter of "when," not
"if" terrorists will electronically attack America.
Immediately following the tragic events of September 11, departments and agencies from
across the federal government took steps to strengthen the safety and security of the
American people. Everyone is aware we must be vigilant for physical world attacks, but
what is our level of risk for electronic attack?
Listen to the audio discussion with
Howard Schmidt, Cyber Security Board
17 min @ 20K Stream
 Real WinMedia
 Security professionals are constantly scrambling
to react to new threats and existing vulnerabilities.
Security expert Howard Schmidt suggests securing your personal computer plays a crucial
role in protecting our nation's Internet infrastructure. Schmidt was appointed by
President George Bush as the Vice Chair of the President's Critical Infrastructure
Protection Board in December 2001. The board reports to Condoleezza Rice, National
Security Advisor and Governor Tom Ridge, Director of Homeland Security. Previously, Howard
was chief security officer for Microsoft.
The Cyber Security Board focuses on building a specialized group of senior government and
private sector leaders to focus on cyber security issues and coordination of security
related incidents.
Schmidt gave us a glimpse into the state of cyber security and what we can do to stay
safe.
Q: Please tell us specifically about your Vice Chair appointment.
Schmidt: October 16, the President signed an executive order creating the
Critical Infrastructure Protection Board. A couple of positions were created as
Presidential appointees - the Chair, Richard Clark, and the Vice-Chair, which is myself.
Dick Clark was also appointed as the cyber security advisor for the President. The
executive order created ten standing committees dealing with things from private sector,
state and local outreach to engineering and research and development issues to national
security issues. Our job is to run the board and the standing committees.
Q: Are you facing some of the same cyber-security issues as when you were
with Microsoft?
Schmidt: Yes. All the issues around cyber-security are the issues
we’ve grown up with as we expanded the information technology sphere of activity
around national security and public safety. In this case, its being done on a
national/international level.
Q: Can you tell us who has been appointed to your Cyber Security Board?
Schmidt: The folks on the Board are the Secretary of the Treasury, the
Secretary of State, the Secretary of Defense, the Attorney General - all the senior
department heads of the national government or their designees.
Q: Everyone hears about the physical world terrorist attacks like the one
on Sept 11, but are we really facing a growing risk of this cyber-terrorism?
Schmidt: I thin simply stated that since 9/11 we can try to look for
threats in many areas that we do but the threats may become transparent to us in our daily
lives. So consequently we have to look at the risks and our vulnerabilities that currently
exist out there. The risks become greater as we become more dependant on the technology,
which has done such a tremendous job enhancing our lives and recreational time as well as
enhancing our productivity.
As far as the risks go, they break down into three major categories:
1. The risks to the issues of national security, as in the lack of ability to communicate
in times of national crisis.
2. The risk to law enforcement and public safety. People use this great technology for
malicious activities, everything from disrupting communication and online activities to
theft of property and credit cards.
3. The trust of the economic prosperity that we’ve enjoyed throughout our history.
We’ve been able to make these technological advances because we trust the systems. We
trust that when we put money in the bank, that we’ll be able to get it out when we
need it.
Consequently, anything that interferes with those three things indeed poses a risk that we
have to be very conscious of reducing.
Q: Email-borne virus that creates quite a disturbance within government
and corporations. Are these the biggest threat?
Schmidt: It depends what the intent of the virus might be. For example, a
virus that uses a mass mailing becomes more of a nuisance. But if it really does have a
destructive payload to it, where it deletes data or your ability to use a system to
control traffic lights, then its capabilities become a lot more worrisome.
Q: What are the areas that we are most at risk for electronic information
attack - banking, government, military, utilities?
Schmidt: We don’t know. We’ve seen some of the dramatic effects
from the use of worms and Trojans last year: code red, NIMDA , I love you virus, the
Melissa virus. In the scheme of things, those have all been expensive and remediating, but
they’ve not been disruptive on a long-term basis. Our goal is to create an
environment where the critical infrastructures - the banking and finance industry, the
transportation, oil and gas industries, the telecommunication and health care industries
all have the ability to withstand an attack of any kind without creating massive
destruction and when they occur - notice I said ‘when’ and not ‘if’
they occur - we can be resilient and be back up and running in a relatively short period
of time.
Q: What are your policies as we move forward and this risk grows?
Schmidt: We have ten major areas of priorities. The first is awareness.
The terms I like to use is a few years ago the only people talking about security were the
chief security and information officers, where today it becomes a CEO issue and part of
the business process itself.
One of the things we’ve done about awareness is we, working with the private sector,
academia and other government agencies, have created the National Cyber Security Alliance.
We have a website now called StaySafeOnline.info.
You can get direct information or links to other places that will make them more secure.
Q: Do you have any idea when we might see a large scale electronic
attack? As you said, it’s not ‘if’, but ‘when’.
Schmidt: We hope a ‘large scale’ becomes never. We see the
small scale on a regular basis. We’ve seen web defacements and denial of service
attacks on a daily basis. As far a prediction, none of us have a crystal ball. What we can
do is make sure we reduce the amount of surface space we have in vulnerabilities. Use
anti-virus software and update the signatures regularly. On home systems that use DSL and
cable modems, put the appropriate firewalls to stop malicious activity.
Q: Would the same terrorist organizations that attacked us on September
11th, be the same type of folks that we should be concerned about in the future or does
our biggest domestic threat come from U.S.-based hacker organizations?
Schmidt: Hard to tell. For instance, with NIMDA and Code Red we
don’t know much about who was behind that - an organized crime group, a nation-state
or just a group of hackers trying to make a statement. We should be focusing on not so
much who is doing these things as preventative measures so they aren’t able to be
disruptive.
Q: It seems these electronic attacks are coming from China and abroad. Is
there anything we’re doing to address that issue from an overseas standpoint?
Schmidt: Yes, with people from the State Department, people with the
national communications systems and the private sector are holding bilateral discussions
with a number of countries around the world looking at the impact of the critical
infrastructure protection in their countries effect the global environment. We have a
mature industry when it comes to IT. Some of the other countries are just beginning to go
through the growing pains that we had, which mean their systems are inherently far less
secure than ours. Consequently, it doesn’t necessarily mean the attack is being
originated from that country. It just means that their systems are being used. It’s
very difficult, until such time as you catch the person whose fingers meet the keyboard,
to identify where they really set in. We’ve seen instances where people sitting in
South America have launched attacks through insecure systems in Asia that affected systems
in the U.S.
Q: Our physical world defenses has a geography to it with our borders.
Are there any strategies, from a cyber standpoint, that addresses the issue of traffic
that comes in to the country as being filtered or screened?
Schmidt: We’ve had anecdotal information that some companies have
blocked receiving traffic from that geographical area. In reality, that’s just a
stop-gap measure because as the global community continues to grow and we rely more on the
IT infrastructure, we need to be able to communicate using that same infrastructure with
some of the countries that are being blocked. As we raise the bar on security, the issue
is we help those struggling now to get their systems secure to keep people from abusing
those systems.
Read more about the Homeland Security at the government's site:
http://www.whitehouse.gov/homeland/
~ WTG
(Dana Greenlee is producer and co-host of the
WebTalkGuys Radio Show. WebTalkGuys, a Seattle/Tacoma-based talk show featuring technology
news and interviews. It is broadcast on CNET Radio in San Francisco and Boston, on the web
at CNET Radio, WebTalkGuys Radio, Sonic Box and via the XM satellite network and on NexTel's
Wireless Web. Past show and interviews are also webcast via the Internet at http://www.webtalkguys.com). |
