Could US repel a cyberattack?
The nation's defense relies on a small group that operates on a tiny budget and with little clout, experts say.
By Ben Arnoldy and Gordon Lubold | Staff writers of The Christian Science Monitorfrom the June 7, 2007 edition
Page 1 of 3
Oakland, Calif. and Washington - Evidence is mounting that cyberwarfare tactics are part of the 21st-century arsenals of powers like Russia and China, yet the United States has not made Internet defenses a major priority.
A two-week cyberattack on Estonia – which overloaded government websites, knocked a bank's overseas customers offline, and caused Internet service to slow to a crawl – has brought the issue to the fore for US defense officials. While the tiny Baltic nation reacted well, experts say, the US may be at greater risk for mass disruptions of banking, telecommunications, and government services. The reasons: a lack of coordination, funding, and centralized authority.
"Estonia didn't collapse, and we wouldn't collapse under this type of attack either," says James Lewis, a senior fellow and cybersecurity analyst at the Center for Strategic and International Studies, a think tank in Washington. "But it would be very disruptive."
Repelling major attacks on critical national networks requires enormous coordination inside and outside government, as well as expensive research and preparation. However, primary responsibility for this falls on a small group within the Department of Homeland Security that experts say operates on a tiny budget and with little clout.
"The part of the US government that has responsibility for this doesn't have the authority to command attention from within other parts of the government, and it doesn't have the money to get the work done that is on its plate," says Bill Woodcock, a cybersecurity expert with the nonprofit Packet Clearing House who also traveled to Estonia to lend his help.
Estonia, a highly wired society, came under weeks of attack starting on April 27 after local officials moved a statue important to ethnic Russians. In what is known as a distributed denial-of-service attack, the servers for government agencies, media outlets, and banks were pounded by hundreds of thousands of computers in an effort to overwhelm their capacity.
While Estonian officials linked the attack in part to a computer in the Russian government, analysts say that nation's involvement is very difficult to prove – and may be the work of hacker-activists who only were encouraged by the Russians.
The country suffered a blow, but successfully prevented major damage. Estonia benefited from strong coordination of efforts by the government's computer emergency response team, or CERT. Law enforcement made a key local arrest, passing along critical information. System administrators shut out suspicious traffic, and foreign experts helped the CERT communicate with Internet service providers – many located in other countries – to cut off the sources of the attacks.
RSS feed
