Obama's strategy for countering cyber attacks
He will appoint a 'cyber czar' and bring government and industry together to work on the problem. But is cooperation possible?
President Obama will appoint a "cyber czar" to lead his administration in combating the worrisome number of cyber attacks against US government and private networks.Skip to next paragraph
Subscribe Today to the Monitor
The problem posed by cyber attacks permeates American society. Mr. Obama, in announcing the new administration position Friday, referred to one incident last year in which cyber thieves used stolen credit-card information to take millions of dollars from 130 ATMs. "And they did it in just 30 minutes," he said.
Obama also said that during the presidential campaign last fall, hackers broke into his campaign's computer system to obtain sensitive information about campaign travel plans and policy positions.
"It was a powerful reminder, in this information age, one of your greatest strengths – in our case, our ability to communicate to a wide range of supporters through the Internet – could also be one of your greatest vulnerabilities," he told a group of government and industry officials in the East Room of the White House.
The president noted, to laughter, that no information about campaign contributors was stolen.
There were some 37,000 cyber attacks in the United States in 2007 – up 800 percent from 2005, according to a recently published estimate that cited data from the Department of Homeland Security. And the Pentagon is routinely fielding cyber attacks – some with success. Last year, hackers thought to be with the Chinese military broke into an unclassified e-mail system in Defense Secretary Robert Gates's office, which forced thousands of military officials to stop using so-called thumb drives or memory cards in their government-issued computers.
Obama, the first US president to insist on access to his own e-mail system, did not say who he would pick as cyber czar. But he sketched his approach to the problem in broad-brush strokes, bringing government and industry together to develop a strategy that would aim to "deter, prevent, detect, and defend" against attacks and prevent "weapons of mass disruption" from bringing the US digital infrastructure to its knees.
But in doing so, he will be arranging a marriage between government and private industry when each might be happier staying single. Industry efforts to counter cyber attacks tend to be more effective than public efforts. And companies are wary of sharing their information with one another, let alone the government.
"We've developed an environment in which there is cooperation, but I think there is still a lack of trust," says Neill Sciarrone, who was special assistant to President Bush for cyber security and information sharing.