December 8, 2008

Panel Calls On Obama To Create Hacker Response Team

Government and industry experts have suggested that President-elect Barack Obama should create a new White House office whose primary goal is to eliminate hackers and other cyber criminals from the Web.

In a recent 44-page report made public on Monday, the U.S. Commission on Cybersecurity added that the new office should also be responsible for coordinating security efforts concerning United States military, intelligence and civilian agencies.

The panel, which includes executives, high-ranking military officers and intelligence officials, leading specialists in computer security and two members of Congress, called for President Elect Obama to create a Center for Cybersecurity Operations.

At least five members of the panel that produced the report are also working for his presidential transition team. They include former White House official Paul Kurtz, advising Obama on national security matters, and Obama technology advisers Dan Chenok and Bruce McConnell.

"Responding to a cyber attack is a tough issue," said James Lewis of the Center for Strategic and International Studies, a Washington-based think-tank that organized the commission. "Do operators respond with law enforcement, espionage or military actions? The guidelines are really unclear. The rules designed in the 1980s are slow, and the Internet is fast."

The development of such an office would allow for new laws for quicker investigations, and regulation of the public and private sector to ensure against embarrassing break-ins at the Pentagon, White House, State Department, Commerce Department and elsewhere that have been traced in recent years across foreign borders, notably to Russia and China.

The commission's report catalogues incidents afflicting financial institutions, large corporations, and government agencies.

"We're playing a giant game of chess now and we're losing badly," says commission member Tom Kellermann, a former World Bank security official who now is vice-president of Security Awareness at Core Security.

U.S. options of response could include trade or financial sanctions or military attacks, the report said.

"We have to have a solid cyber doctrine," said Jerry Dixon, former deputy director for the U.S. National Cyber Security Division at the Homeland Security Department. "When does a cyber attack rise to the occasion of requiring military action? Or maybe it's something that law enforcement or the intelligence community can deal with?"


On the Net: