Cyber-attacks on U.S. interests and infrastructure are on the increase, and we need all the expertise we can get--including the full resources of the National Security Agency.
The United States
is under attack. Right now most of the attacks are against the commercial
interests of the United States,
much like the attacks against Google earlier this year in which the Chinese
government attempted to breach the company's security to steal source code and
to learn the identities of human rights activists.
But those attacks are expanding to cover a wide variety
of government and private interests outside of China
and other nations with similar aims. The problem, in fact, has reached the
point where radio ads for cyber-security services are beginning to crowd off
the ads for airborne tankers and fighter jets that usually populate the
airwaves here in Washington.
Yes, I know that it's kind of a stretch to gauge any
trend by the frequency of advertising in D.C., but like anything else, if a
need is perceived, there will be money to be spent. Here in Washington,
we get a constant barrage of ads on the radio, on bus signs and in the
newspaper for everything from armored personnel carriers and warships to
fighter jets and missile systems. But now the focus is changing to cyber-security.
There's a good reason for the change in emphasis. The
Obama administration has begun to make cyber-security a priority, the National Security Agency
has been working on the
problem for many years, and in fact has been conducting tests of cyber-security
readiness. It also has been giving awards to security professionals for their
work in the area. Meanwhile, the head of the NSA, Lt. General Keith Alexander,
has told the Senate Armed Services Committee that he's going to work to protect
the rights of Americans against cyber-criminals.
According to Brian
Prince's story in eWEEK
, the NSA is developing a program to monitor
attempts to attack interests in the United
States. The story quotes the Wall Street
Journal as saying that a number of government networks, as well as some private
networks, would be outfitted with sensors to detect attacks. The story also
quotes the Journal as saying there are those who believe that the NSA is going
too far and that this could be an attempt by the agency to gather more
information on American citizens.
The fact is that if such a program to monitor critical infrastructure
for signs of cyber-attacks actually exists, then the biggest concern should be
whether it goes far enough. Much of the infrastructure in the United
States that the NSA is allegedly going to
monitor has been in existence for decades. Some, such as the national power
grid, consist of components that were never designed for computer control when
they were built, but now depend on such control to remain