Cybercenter Will Trace Net Intrusions
- By Heather Harreld, Torsten Busse
- Mar 08, 1998
U.S. Attorney General Janet Reno announced an interagency effort to track and analyze electronic threats to the nation's critical infrastructures, such as private computer systems used to manage the financial, electrical and transportation industries.
The new National Infrastructure Protection Center (NIPC), headed by associate deputy attorney general Michael Vatis, will include the FBI's Computer Investigations and Infrastructure Threat Assessment Center and will add real-time intrusion-detection "watch-and-warning" capabilities so that officials can identify who is attacking the infrastructure's systems and trace the attacks back to a source.
"Our telecommunications systems are more vulnerable than ever before as we rely on technology more than ever before," Reno said. The NIPC will coordinate the efforts of a number of government agencies in setting up and operating defenses against cyberspace intrusions from inside and outside the borders of the United States. Effective defense will depend on that cooperation, she said.
Reno will ask Congress to commit $64 million for the NIPC in fiscal 1999 — a sum that would allow the establishment of six additional computer investigation centers in cities across the nation. In addition, the NIPC will develop training programs for state and local agencies, which Reno said are on the front line against cyberattacks. "Criminals today have guns," she said. "Soon they will have computers and other weapons of mass destruction."
The private sector will also have a vital role to play in the electronic defense, Reno said. She called for direct electronic links between the private sector and law enforcement agencies in what she termed a "significant departure" from habits of behavior. Those closer links, however, must be set up within the confines of the U.S. Constitution and cannot infringe upon individual rights and confidentiality.
The dimensions of the threat also will require international collaboration, given the possibility that someone "can sit in the kitchen in St. Petersburg, Russia, and can steal money from a bank in New York," she said. "Cyberspace crosses borders." Reno said steps toward international cooperation are under way among the G7 nations. In December, those nations met to draw up an action plan.
One of the biggest challenges for law enforcement agencies currently, she said, is to understand the origin of a cyberattack. This can involve determining whether an attack is domestic or international and whether it is the work of a terrorist, a foreign state, a juvenile trying to crack the latest firewall or a disgruntled worker getting back at a supervisor.
For that reason, the NIPC will strive to set up procedures that will best allow government agencies to analyze the nature and origin of the attacks and to assign responsibility to the appropriate agency in a speedy manner. It also will be in charge of developing the means and methods of sharing information and equipment among agencies.
Reno made the announcement at the Lawrence Livermore National Laboratory during a workshop on assuring the security of critical national infrastructures. At the workshop, several speakers from the private sector asked the government to abandon its restrictions on the exportation of encryption technology. A former secretary of Defense, William Perry, who was chairman of the workshop, said that although the government has good arguments for the necessity of such restrictions, he no longer agrees with that policy. "On balance, we would be better off" without the restrictions, he said.
Initially the NIPC, which will be housed at FBI headquarters, will employ 85 FBI agents and 40 employees from the Secret Service and the departments of Defense, Transportation and Energy, said Kenneth Geide, the deputy chief of the NIPC. Eventually, the center will add employees from other federal agencies and the private sector, he said. Funding mechanisms have not been made final.