February 19, 2011

NSA Chief Warns Of Destructive, More Advanced Attacks

The head of the US National Security Agency (NSA) on Thursday advised computer security specialists to tighten the nation's critical infrastructure against cyber crime that will most likely become more advanced and destructive.

Cyber Command director General Keith Alexander said at the RSA Conference in San Francisco that the NSA's "active defenses" designed to defend military networks should be extended to include civilian government agencies and key private-sector networks.

"I believe we have the talent to build a cyber-secure capability that protects our civil liberties and our privacy," said Alexander.

"Most of the destructive tools being developed haven't been used; we need to use this window of opportunity to develop defenses," he noted.

A similar warning came just two days earlier from Deputy Secretary of Defense William Lynn, saying the capability clearly exists for malicious software to cause real-world damage at the country's power plants, water supplies and other vital networks.

"Few weapons in the history of warfare, once created, have gone unused," Lynn said during a speech at the RSA conference. "It is possible to imagine attacks on military networks or critical infrastructure-like our transportation system and energy sector-that cause severe economic damage, physical destruction, or even loss of life."

Last month, Russia asked NATO to hunt down the perpetrators behind a Stuxnet computer worm that attacked a Russian-built Iranian nuclear power plant, saying the incident could have triggered a meltdown similar to Chernobyl.

Secure military networks will matter little if power grids and government systems are disabled by cyber attacks, said Lynn.

He called for extending military computer defenses to private infrastructures key to maintaining a functioning nation.

"During a natural disaster, like a hurricane, military troops and helicopters are often used by FEMA to help deliver relief," said Lynn. "In a similar vein, the military's cyber capabilities will be available to civilian leaders to help protect the networks that support government operations and critical infrastructure."

Alexander argued that the military network's "secure zone" needed to be extended to all critical resources in partnerships with the private sector. He maintained that national security agents and the computer pros running company networks could work together without infringing on anyone's rights.

"I believe we have the talent to build cyber security that protects our civil liberties and privacy," he said. "We can and must do both."

He added that the nation's security depended on the education of coming generations as well as today's software and hardware innovations.

"Our nation needs to push science, technology, engineering and mathematics," Alexander said. "It is absolutely vital to our future," Alexander said at the conference.


On the Net: