By Calvin Biesecker
The official revelation by a senior Pentagon official this week that its military computer network was breached in a cyber attack two years ago is old news but what is more worrisome is that the nation’s critical computer systems are also vulnerable to attack, Sen. Tom Carper (D-Del.) said yesterday.
“More disturbing is what the Department of Defense and the National Security Agency have not told the American Public; that nearly every critical system and network that runs the nation’s financial systems, air traffic control, electric grid, and other vital networks are just as vulnerable,” Carper said in a statement. “Some have argued that the threat of a cyber attack isn’t real, or is being over-hyped, but if the International Space Station orbiting around the Earth can be compromised by software intended to steal NASA’s scientific information, as acknowledged in 2008, what makes people think a similar type of attack can’t also be used to take down other critical networks?”
Carper’s warning comes on the heels of the public disclosure on Wednesday by Deputy Defense Secretary William Lynn, a flash drive infected with malicious code was inserted into a United States military computer in the Middle East, allowing the code to spread into a network operated by Central Command and ultimately onto classified and unclassified networks. From this “digital beachhead…data could be transferred to servers under foreign control,” Lynn says in an article published in Foreign Affairs.
Carper says that the lack of computer defense education is a problem for the United States, and that “bad guys” are already operating on our networks.
“Unfortunately, Americans often don’t have the knowledge and skills necessary to defend against these sophisticated 21st Century attacks,” Carper said. “For years, agencies like the National Security Agency have needlessly obscured the frequency and significance of attacks like those recently publicly revealed by the Department of Defense out of fear that this attention would entice even more bad guys to attack our vulnerable networks. The problem with keeping the public in the dark about this threat is that the bad guys have already set up shop inside our networks.”
In June Carper, along with two of his colleagues on the Senate Homeland Security and Governmental Affairs Committee, Chairman Joseph Lieberman (I/D-Conn.), and ranking member Susan Collins (R-Me.), introduced a bill would give the president emergency powers to shut down critical private sector networks during attacks for a limited time and also create a public-private partnership to encourage the private sector to disclose information about cyber threats and vulnerabilities (Defense Daily, June 15 and 25).