While the debate on the future of cyber security has been underway for some time, one of the world’s great deliberative bodies, the US Senate (in the form of the Senate’s Homeland Security and Government Affairs Committee) brought an elevated and informed discussion in today’s hearing, “Cyber Security: Developing a National Strategy.”
The entire hearing is worth the time to watch/listen to the archived webcast, but there were a couple of points that stood out for me.
Alan Paller, Director of Research for the SANS Institute described the type of cyber attacks that have been unleashed upon the US (and as recently reported on US Senate and US House of Representatives computers) as part of a new “asymmetric warfare” that we have to learn to expect, adjust and respond to accordingly. He then described that when our computers, power grids and other critical infrastructures are attacked by he Chinese (and others), they don’t just come in to steal something and go away. Instead they look to leave something behind (malicious code, trojan horse, etc.), so as to enable future attacks and disruptions to occur at another point in time.
Sen. Snowe (R-ME), Ranking Member of the Committee then shared a discussion that she and Sen. Lieberman (I-CT), Chair of the Senate’s Homeland Security Committee, had recently had revolving around what constitutes an “act of war.”
She described the scenario that if the Chinese launched their missiles at our power plants here in the US so as to disrupt and/or destroy our power and energy supplies, it would be interpreted appropriately as “an act of war” and we would undoubtedly mobilize our military and security forces to respond accordingly.
When the Chinese launch a cyber attack upon our power grid using malicious code and other methods coming from their keyboards, it is unclear whether that type of assault is comparable to one coming from incoming missile attack. Even the appropriate measure of response to such an attack is unclear, even if the goal of destruction and disruption is the same as it would be from a missile attack.
In responding to her question, James Lewis, Director and Senior Fellow, Technology and Public Policy Program, Center for Strategic and International Studies shared that cyber is the new weapon of choice of the Chinese and others to attack us and our nation’s political, security, military and economic interests. The challenge before the new Administration is how to respond and what means will be the most effective in responding back to these threats whenever and wherever they occur. He stressed that leadership needed to come from the top and the President needed to very clearly state to the world that our cyber networks are an American national resource and would be protected and defended as such.
His closing sentence in his response brought the issue home though, “It’s time to treat cyber like the grown up national security problem that it is.”