Reno unveils center to protect infrastructure

and TORSTEN BUSSE

Attorney General Janet Reno last week announced an interagency effort to track and analyze electronic threats to the nation's critical infrastructure, such as the private computer systems used to manage the financial, electrical and transportation industries.

The new National Infrastructure Protection Center (NIPC), headed by Michael Vatis, associate deputy attorney general, will include the FBI' Computer Investigations and Infrastructure Threat Assessment Center (CITAC) and will add real-time intrusion-detection "watch-and-warning" capabilities so that officials can identify who is attacking the infrastructure's systems and trace the attacks back to a source.

Initially, the center, which will be housed at FBI headquarters, will employ 85 FBI agents and 40 employees from the Secret Service and the departments of Defense, Transportation and Energy. Eventually, the center will add employees from other federal agencies and the private sector. Funding mechanisms have not been completed.

Our telecommunications systems are more vulnerable than ever before as we rely on technology more than ever before," Reno said.

In October the president's Commission on Critical Infrastructure Protection recommended that the government field a real-time warning capability modeled after the military's air defense and missile-warning system. While the commission found no evidence of an impending cyberattack on the nation's infrastructure, its members warned that the capability to exploit weaknesses in the country's power, telecommunications, transportation and financial segments does exist.

Reno will ask Congress for $64 million for the NIPC in fiscal 1999, a sum that would allow the establishment of six additional computer investigation centers in cities throughout the nation.

The private sector also will have a vital role to play in the electronic defense, Reno said. She called for direct electronic links between the private sector and law enforcement agencies in what she termed a "significant departure" from past behavior. The closer links, however, must be set up within the confines of the Constitution and cannot infringe on individual rights and confidentiality.

The dimensions of the threat also will require international collaboration, given the possibility that someone "can sit in a kitchen in St. Petersburg, Russia, and can steal money from a bank in New York," she said. "Cyberspace crosses borders."

Winn Schwartau, who writes about information warfare and is president of Interpact Inc., a security consulting company, questioned the Justice Department taking the lead for national infrastructure protection. "Does Justice really have enough capability, manpower [and] technical knowledge to take the lead?" he said. "The Defense Department has a much stronger skill set to manage something like this."

The NIPC officials may use the nation's Arms Control Treaty monitoring system as a model for its system. DOE's Sandia National Laboratory is designing a computer system that could become the backbone for a national information warfare indication and warning center. Kenneth Geide, deputy chief of NIPC, said CITAC officials have been following the work at Sandia, but a warning-and-detection method has not yet been selected.

Sandia, whose work has been partially funded by the Defense Information Systems Agency, is exploring ways to embed sensors in the computer systems of the nation's critical infrastructure, said Sam Varnado, Sandia's director of the energy and critical infrastructure technology center. The sensors would send intrusion or attack information back to a central command center, where officials could determine the nature of the incident and then trace the intrusion back to the perpetrator.

Sandia officials soon will begin using a powerful supercomputer to model the consequences of an attack on a specific critical system. "We're really concerned about the interdependence of the infrastructures," Varnado said. "If the telecommunications network would go down, then banking and finance would go down. Then you can look at systems and say what would cause that consequence. Now you can start to get at a cost-benefit approach. We need to get industry involved. They don't see a business case because no one can tell them exactly what the threat is."

Busse is a reporter with IDG News Service.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group