Protecting America's Infrastructure from Cyber Attacks
AEI Newsletter

According to U.S. officials, several foreign nations have illegally gained access to our government’s computers and searched for vulnerabilities in our electronically based infrastructure. Those nations may also have planted electronic mines, which when activated could disrupt our systems. During a conflict, such enemies could launch covert attacks on our critical infrastructure, taking down the computer networks that run our power grids, telecommunications switches, banks and financial services, water supply, and air traffic control. At an AEI seminar on June 19, a panel representing the business, government, and legal communities addressed this threat to national security.

Richard A. Clarke
Richard A. Clarke, the U.S. national coordinator for security, infrastructure protection, and counter-terrorism, discussed the federal government’s role in preventing cyber attacks. In 1996, the president formed a commission on critical infrastructure protection. Its goal is to form a comprehensive national strategy for protecting critical infrastructure systems from outside threats. It is able to help protect government computers, but since the private sector provides many of the nation’s vital services, the government’s role in protecting infrastructure is limited. The commission can coordinate research within the private sector and encourage businesses to protect their systems from outside attacks, but the private sector must take it upon itself to help ensure national security.

A group of financial service providers has already taken the initiative by joining the Financial Services Information Sharing and Analysis Center (FS-ISAC), a watchdog group that provides a database allowing members to anonymously report cyber-attack incidents and search for other incidents, vulnerabilities, threats, and solutions. Panelist Stanley R. Jarocki, chief information security officer for the Depository Trust and Clearing Corporation, established the FS-ISAC, which is open only to paying member companies. (Companies in other industries, such as transportation and telecommunications, plan to form their own ISACs.) Jarocki warned that e-commerce has evolved into a highly open system and that, due to the increasing use of cable modems at home, our susceptibility to hackers has never been greater. The private sector needs to address vulnerabilities in its systems and might consider doing so through mutual protection groups similar to the FS-ISAC.

Elizabeth Rindskopf Parker, general counsel for the University of Wisconsin system, offered a legal perspective on the issue of cyber threats. Since perpetrators of cyber attacks can range from individuals within the United States to hostile foreign nations, and since the repercussions of attacks can vary from minor annoyances (such as viruses) to national hazards, attacks may fall under the domain of domestic law enforcement or national security operations, and legal standards are not the same for the two areas. Therefore, we must proceed thoughtfully in reconciling those standards and realms of protection. If we react too rashly to cyber threats and ignore the legal conflicts involved, people and companies, especially those concerned with civil liberties and privacy, may overreact in the future if they feel their rights were violated. Nevertheless, those same people concerned with personal privacy will probably lead the fight against attacks on their computer systems, thus spurring private action against cyber security threats.

Richard N. Perle closed by offering solutions to the problem of cyber attacks. He predicted that we are bound to see a growing number of domestic hackers breaking into computer systems. To effectively discourage such attacks, which can cause millions of dollars in damage, we should impose tougher penalties, such as ten to twenty years in jail. In addition, law enforcement should offer generous rewards for information leading to the arrest of such hackers.

Perle also suggested increases in protection against foreign attacks. Currently, governmental agencies stage cyber attacks in order to practice defending against them. But the mock attacks tend to test areas already fortified against cyber threats. We need to develop more tests of our vulnerable systems. The Securities and Exchange Commission can motivate the private sector to protect its own infrastructure by requiring companies to report to their board members on what they are doing to prevent attacks (similar to SEC requirements for Y2K preparation), so that investors become more attuned to security issues. In dealing with foreign nations, we should not hold or attend international conventions involving many other countries. By doing so, we risk spreading to other nations knowledge of technology that can be used against us. When we do detect foreign cyber attacks, we should hold the offending country, not the individual hacker, responsible.

Also Visit
AEIdeas Blog The American Magazine

What's new on AEI

AEI Election Watch 2014: What will happen and why it matters
image A nation divided by marriage
image Teaching reform
image Socialist party pushing $20 minimum wage defends $13-an-hour job listing
AEI on Facebook
Events Calendar
  • 20
  • 21
  • 22
  • 23
  • 24
Monday, October 20, 2014 | 2:00 p.m. – 3:30 p.m.
Warfare beneath the waves: The undersea domain in Asia

We welcome you to join us for a panel discussion of the undersea military competition occurring in Asia and what it means for the United States and its allies.

Tuesday, October 21, 2014 | 8:30 a.m. – 10:00 a.m.
AEI Election Watch 2014: What will happen and why it matters

AEI’s Election Watch is back! Please join us for two sessions of the longest-running election program in Washington, DC. 

Wednesday, October 22, 2014 | 1:00 p.m. – 2:30 p.m.
What now for the Common Core?

We welcome you to join us at AEI for a discussion of what’s next for the Common Core.

Event Registration is Closed
Thursday, October 23, 2014 | 10:00 a.m. – 11:00 a.m.
Brazil’s presidential election: Real challenges, real choices

Please join AEI for a discussion examining each candidate’s platform and prospects for victory and the impact that a possible shift toward free-market policies in Brazil might have on South America as a whole.

Event Registration is Closed
No events scheduled this day.
No events scheduled this day.
No events scheduled this day.
No events scheduled this day.