Cybersecurity chief pushes early-warning system

The top priorities for the White House Office of Cyberspace Security include the creation of both an early-warning network for cyberattacks and an analysis center that would help the government target the most vulnerable points in the nation's critical infrastructure, the office's chief said last week in an interview with National Journal's Technology Daily.

Richard Clarke, special adviser on cyberspace security to President Bush, said the early-warning network, called the Cyber Warning and Information Network (CWIN), would at first be a voice system that would link major computer-network operation centers and the information-sharing and assurance centers (ISACs) that represent critical infrastructure sectors, such as financial services, telecommunications and transportation.

CWIN would be modeled after the existing National Operations and Intelligence Watch Offices Network, which connects senior officials at the Pentagon, the National Security Agency, the White House, the State Department and the CIA by phone within 15 seconds.

"Let's say someone [in the private sector] sees 'Nimda' [a computer virus] spiking," Clarke said in describing how CWIN would work. "They can pick up the phone and get most of the people that need to know right away.

"This is a case where the government doesn't know best or first," he added. "So you need a public-private partnership to reach out to these nodes in the private sector ...that see viruses first, that see the tsunamis of denial-of-service attacks first."

Clarke also is working on building the National Infrastructure Simulation and Analysis Center authorized under the section 1016 of the anti-terrorism law that Bush signed into law last month. The center was authorized to receive $20 million through the Defense Department and would create a simulated model of the Internet, the nation's telecom system and its physical infrastructure. The goal is to enhance understanding of how the systems interact and to mitigate vulnerabilities.

"There really is no place today where there is a live model of the Internet, and we want to model the interactions and interdependencies between the Internet, the telephone networks, the electric power grid," Clarke said. "The way I describe it is [that] we need an 'acupuncture map' of the U.S. You know, where are the pressure points?"

Developing a model also may help Clarke to articulate his message that private-sector companies need to analyze their computer-security vulnerabilities.

"The lesson I'm trying to get out to people ... is that we need to understand what the worst-case scenario is and then do prudent risk management so that you mitigate those possibilities," he said.

In addition, Clarke said Bush supports legislation by Sen. Robert Bennett, R-Utah, that would exempt businesses from the Freedom of Information Act (FOIA) when they share computer-security information with the government. Clarke said he has talked to lawmakers on the issue.

On encryption, Clarke said he has no plans to change current U.S. policy, though some people on the Hill wanted to reopen the issue after the Sept. 11 terrorist attacks.