I spent the early part of the week surrounded by FBI agents. Partnering with Fordham University, the FBI held the second International Conference on Cyber Security (ICCS), diving into some of the critical issues that affect Americans in terms of cyber security, cyber crime, cyber war, and cyber terrorism. In other words, anything hackers can do to us online, wreaking havoc and making us miserable. The result? Not what I expected. We're making some progress, but not enough.
As someone who previously worked in cyber security for the government and now serves on technology policy committees and as a national security fellow, it's my job to understand where we stand. As a mom, I sought information on how safe we really are. As a journalist, I just wanted the real scoop so I could get the information out there to others so you can prepare yourselves and understand how real this threat is. I also wanted to be able to tell my friends that their chance of having their identity stolen is decreasing, that the likelihood of hackers turning off our power is low, that we'll never have to go to war over a computer, and that cyber terrorists can't do real damage yet. Sadly, I can't.
On the plane from California to New York, I read most of Richard Clarke's book, Cyber War. Upon landing, I was given a stark reminder of the stakes, staring at the hole in the skyline created by the missing Twin Towers. That set the stage for the week.
Once Howard Schmidt, the new Cyber Security Coordinator, took the microphone the morning of the first day, I expected an inspirational speech about how America is going to turn around and lead in cyber security. Instead, the speech focused much more on the effects on the private sector. But as Clarke noted, the government only owns 30% of the Internet. Private companies own the fiber optic cables delivering the data as well as much of where that data is stored. So if you think the government can just up and decide to secure our critical infrastructure with a simple policy change, think again. This probably comes as no surprise, but it's complicated.
The economy is pretty grim, the planet's in peril, and oh yeah, foreign hackers have logic bombs already in the computers running our power grid and they could turn off the lights any time. Put that together with scrambling our bank databases, disabling our air traffic control systems, and leaving us open for brutal "kinetic" aka physical attacks, we're screwed. That's our new reality. Because of both the way the Internet was designed and due to the inaction of previous national decision makers, we're left with a virtual minefield ready to blow up whenever the enemy -- who could be anyone anywhere -- decides.
What do we do about it? First, we can make a conscious decision as citizens, advocates, parents, technologists and influencers that this is an enormously important issue requiring immediate attention. The day after ICCS, the BlogHer '10 conference commenced, and we were lucky to have the U.S. Senator from New York, Kirsten Gillibrand, as a special guest at BlogHer. She sat down with several political bloggers and one of the questions that came up was what to do about cyber security. Her answer was the first time all week I had felt safer, because she directly addressed all aspects of the problem and as a member of Congress, she has the power to make the necessary changes. But she needs our help. In fact, she asked for it. She appealed to the BlogHer community in our meeting to do this for our community and for our children. We must act now to keep them safe.
Legislation has been proposed in the Senate and the House that will take major steps forward in terms of cyber security on all levels. Combined with the work the White House is doing to elevate the issue, along with the Department of Defense's creation of the Cyber Command, we're beginning to get somewhere. The new legislation will empower the government to train new workers in cyber security techniques and get a talented work force in place before we're attacked. It will make criminals pay stricter penalties for hacking into networks. It will give foreign governments incentives to aid us in hunting down the perpetrators, who could be in Russia, China, or any number of countries where arrests will not be enforced, even assuming the criminals are found, which in itself is a problem.
We can support these bills moving through Congress and we should criticize the parts we don't like. And we should offer assistance to legislators working hard on getting these bills passed. We should also get ourselves educated on the subject. Clarke's book is a good place to start. Another great (shorter) source is the recent feature in The Economist. For those working in government and private sector or who want to volunteer in general to assist with protecting critical infrastructure, you can join an organization called Infragard. We must continue to be vigilant about securing our own computers and networks, and that doesn't mean just choosing strong passwords. We need to be careful what networks we connect to and we need to apply cryptography and solid firewalls whenever possible. And we need disaster recovery plans. It's not a matter of if we'll be attacked. It's more a question of by whom and when.
This is not just an issue for technical people to solve. We are all connected to the Internet. We are all influencers to some level. And as parents, sisters, children and friends, we all want to protect our loved ones. Senator Gillibrand believes cyber terrorists will have the ability to take down part of the U.S. critical infrastructure in the next two or three years and I agree with her. We can't put this issue on the back burner or we'll be the ones burned.
Sarah Granger is a BlogHer Contributing Editor for Politics and News. She is also a Truman National Security Project Fellow and a member of the U.S. Association for Computing Machinery Public Policy Council.
Photo of Senator Gillibrand from Glennia
Photo of Senator Gillibrand from Glennia
More from entertainment