Senator criticizes FBI's computer security center

In her first hearing as chairwoman of the Senate Judiciary Technology, Terrorism, and Government Information Subcommittee, California Democrat Dianne Feinstein on Wednesday criticized the FBI's National Infrastructure Protection Center (NIPC).

Citing a General Accounting Office report she had commissioned and that was released at the hearing, Feinstein said, "The GAO report generally confirms problems identified by critics of the NIPC."

The top problems identified in the report included a failure to provide timely warnings about computer viruses, poor cooperation with other government agencies and inadequate sharing of information with private-sector companies.

Because of struggles in hiring qualified staff and other problems, she said, "the result has been confusion about the NIPC's role and responsibilities."

In the report, prepared by Robert Dacey, the GAO director of information security issues, the agency recommended that NIPC more readily share information about computer attacks with industry-run information-sharing and analysis centers, develop a database of the nation's crucial computer networks and develop a better working relationship with the Defense Department.

NIPC Director Ron Dick responded that his agency has beefed up its staff capabilities and has begun to work more with other agencies, including the Defense Department, the Central Intelligence Agency and the National Security Agency.

Feinstein asked how reports that the Bush administration had begun reorganizing the chain of command for dealing with network attacks would affect the center.

"I think it is the administration's intent to raise the level within the public and private sector of information assurance such that [it] is not just a collateral duty," Dick said. "The director of the NIPC would be a participant on the board, and hopefully an active participant," he said, referring to the proposed inter-governmental board of directors that would coordinate the administration's approach to cybercrime.