Protecting America's Infrastructure from Cyber Attacks
AEI Newsletter

According to U.S. officials, several foreign nations have illegally gained access to our government’s computers and searched for vulnerabilities in our electronically based infrastructure. Those nations may also have planted electronic mines, which when activated could disrupt our systems. During a conflict, such enemies could launch covert attacks on our critical infrastructure, taking down the computer networks that run our power grids, telecommunications switches, banks and financial services, water supply, and air traffic control. At an AEI seminar on June 19, a panel representing the business, government, and legal communities addressed this threat to national security.

Richard A. Clarke
Richard A. Clarke, the U.S. national coordinator for security, infrastructure protection, and counter-terrorism, discussed the federal government’s role in preventing cyber attacks. In 1996, the president formed a commission on critical infrastructure protection. Its goal is to form a comprehensive national strategy for protecting critical infrastructure systems from outside threats. It is able to help protect government computers, but since the private sector provides many of the nation’s vital services, the government’s role in protecting infrastructure is limited. The commission can coordinate research within the private sector and encourage businesses to protect their systems from outside attacks, but the private sector must take it upon itself to help ensure national security.

A group of financial service providers has already taken the initiative by joining the Financial Services Information Sharing and Analysis Center (FS-ISAC), a watchdog group that provides a database allowing members to anonymously report cyber-attack incidents and search for other incidents, vulnerabilities, threats, and solutions. Panelist Stanley R. Jarocki, chief information security officer for the Depository Trust and Clearing Corporation, established the FS-ISAC, which is open only to paying member companies. (Companies in other industries, such as transportation and telecommunications, plan to form their own ISACs.) Jarocki warned that e-commerce has evolved into a highly open system and that, due to the increasing use of cable modems at home, our susceptibility to hackers has never been greater. The private sector needs to address vulnerabilities in its systems and might consider doing so through mutual protection groups similar to the FS-ISAC.

Elizabeth Rindskopf Parker, general counsel for the University of Wisconsin system, offered a legal perspective on the issue of cyber threats. Since perpetrators of cyber attacks can range from individuals within the United States to hostile foreign nations, and since the repercussions of attacks can vary from minor annoyances (such as viruses) to national hazards, attacks may fall under the domain of domestic law enforcement or national security operations, and legal standards are not the same for the two areas. Therefore, we must proceed thoughtfully in reconciling those standards and realms of protection. If we react too rashly to cyber threats and ignore the legal conflicts involved, people and companies, especially those concerned with civil liberties and privacy, may overreact in the future if they feel their rights were violated. Nevertheless, those same people concerned with personal privacy will probably lead the fight against attacks on their computer systems, thus spurring private action against cyber security threats.

Richard N. Perle closed by offering solutions to the problem of cyber attacks. He predicted that we are bound to see a growing number of domestic hackers breaking into computer systems. To effectively discourage such attacks, which can cause millions of dollars in damage, we should impose tougher penalties, such as ten to twenty years in jail. In addition, law enforcement should offer generous rewards for information leading to the arrest of such hackers.

Perle also suggested increases in protection against foreign attacks. Currently, governmental agencies stage cyber attacks in order to practice defending against them. But the mock attacks tend to test areas already fortified against cyber threats. We need to develop more tests of our vulnerable systems. The Securities and Exchange Commission can motivate the private sector to protect its own infrastructure by requiring companies to report to their board members on what they are doing to prevent attacks (similar to SEC requirements for Y2K preparation), so that investors become more attuned to security issues. In dealing with foreign nations, we should not hold or attend international conventions involving many other countries. By doing so, we risk spreading to other nations knowledge of technology that can be used against us. When we do detect foreign cyber attacks, we should hold the offending country, not the individual hacker, responsible.

Also Visit
AEIdeas Blog The American Magazine

What's new on AEI

AEI Election Watch 2014: What will happen and why it matters
image A nation divided by marriage
image Teaching reform
image Socialist party pushing $20 minimum wage defends $13-an-hour job listing
AEI on Facebook
Events Calendar
  • 27
  • 28
  • 29
  • 30
  • 31
Monday, October 27, 2014 | 10:00 a.m. – 11:30 a.m.
State income taxes and the Supreme Court: Maryland Comptroller v. Wynne

Please join AEI for a panel discussion exploring these and other questions about this crucial case.

Tuesday, October 28, 2014 | 9:30 a.m. – 12:15 p.m.
For richer, for poorer: How family structures economic success in America

Join Lerman, Wilcox, and a group of distinguished scholars and commentators for the release of Lerman and Wilcox’s report, which examines the relationships among and policy implications of marriage, family structure, and economic success in America.

Tuesday, October 28, 2014 | 5:30 p.m. – 7:00 p.m.
The 7 deadly virtues: 18 conservative writers on why the virtuous life is funny as hell

Please join AEI for a book forum moderated by Last and featuring five of these leading conservative voices. By the time the forum is over, attendees may be on their way to discovering an entirely different — and better — moral universe.

Thursday, October 30, 2014 | 2:00 p.m. – 3:00 p.m.
A nuclear deal with Iran? Weighing the possibilities

Join us, as experts discuss their predictions for whether the United States will strike a nuclear deal with Iran ahead of the November 24 deadline, and the repercussions of the possible outcomes.

Thursday, October 30, 2014 | 5:00 p.m. – 6:15 p.m.
The forgotten depression — 1921: The crash that cured itself

Please join Author James Grant and AEI senior economists for a discussion about Grant's book, "The Forgotten Depression: 1921: The Crash That Cured Itself" (Simon & Schuster, 2014).

No events scheduled this day.
No events scheduled this day.
No events scheduled this day.
No events scheduled today.
No events scheduled this day.