ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Security management Toolkit

Ex-cybersecurity czar warns that complacency could lead to disaster

David Berlind ZDNet.com

Published: 24 Oct 2003 12:30 BST

Clarke used specific events to demonstrate what he called a "sea-state change" in the cybersecurity situation.

"For the last three years, I've been saying that there will be attacks on critical infrastructure such as transportation, banking, and power," Clarke said. "Let's look at what happened this year."

Clarke recounted how cyberattacks knocked out The Bank of America's ATM network, stopped or slowed CSX Railroad's trains, cancelled some of Continental Airline's flights, and forced offline a nuclear power plant in Ohio.

Regarding the Ohio blackout, Clarke noted the irony in a White House report refuting his assertion on ABC News that it could have been the result of a cyberattack. "I had no idea what it was," said Clarke, "But it might have been a cyberattack. The White House was saying it wasn't a cyberattack but, then again, couldn't say what it was. Then, the White House went on to ask former FBI National Infrastructure Protection Center director Ron Dick to investigate the cyberattack angle." The NIPC, which is now a part of the US Department of Homeland Security, focuses almost exclusively on cybersecurity issues. "Make of that what you want," said Clarke.

According to Clarke, the US power grid hasn't been the only grid to experience trouble recently. "The recent collapse of the Italian and British power grids has so far gone unexplained," said Clarke. "Oslo recently reported that cyberattackers attempted to bring down Norway's power grid, and Israel's intelligence agency Shin Bet recently reported that Israel's power grid has been the target of several cyberattacks. All of our infrastructure, including power and the Internet, are vulnerable."

Perhaps the worst news contained in Clarke's presentation is that nobody has been caught. "Look at all of the cyberattacks," said Clarke, "The FBI only has one high school kid who had neon signs in his windows saying 'I did it' and all he did was capture an existing virus (MSBlast) and modify it. The originator was never caught."

Clarke cautioned Gartner Symposium/ITxpo attendees against complacency. "When you hear everyone talking about IT security and you see it in the publications and from vendors, it becomes noise and you tend to turn it off. This is a mistake. What does this say about the future? It's not a pretty picture."

1 2 3

Did you find this article useful?
220 out of 408 people found this useful

More In Security management

Company/Topic Alerts

Create a new alert from the list below:

Featured Talkback

It seems to me this is a burden being placed on the wrong shoulders. There is not an It system in the world that can stop an individual taking information in their heads and spewing out at the nearest undesirable third party.