In a keynote address at the RSA Conference in San Francisco, Homeland Security Secretary Michael Chertoff warned that the damage caused by a large-scale cyberattack might result in consequences comparable to the Sept. 11, 2001, attack on the World Trade Center buildings in New York.
"We have to look not only at threats that have materialized in the past," said Chertoff. "We have to consider the threats that may materialize in the future. ... We know that a successful large-scale cyberattack against our country would have very wide-reaching consequences."
Through the Internet, terrorists and criminals can do the kind of damage they could never do on their own, Chertoff said. As an example, he cited the massive denial-of-service attack launched against Estonian government computers last year.
"This attack went beyond simple mischief, it represented an actual threat to the ability of the Estonian government to govern the country," said Chertoff.
"Imagine what would happen if it were possible for hackers to enter the air travel system," he said.
Chertoff characterized cybersecurity as a very serious challenge, one that is likely to grow more serious over time. A network response, he said, is necessary to deal with network attacks.
"It takes a network to beat a network," said Chertoff.
Though US-CERT, the U.S. Computer Emergency Readiness Team, which provides information necessary to defend the nation's networks, Chertoff hopes to bring additional resources to bear to defend the country's computers.
Chertoff likened the government's attempt to improve its cybersecurity to the intensive effort of the Manhattan Project that brought the atomic bomb to fruition. In January, President Bush signed an order that gave DHS and the National Security Agency greater power to oversee government computer security. Details about what the agencies are doing remain classified.
Presently, Chertoff said it's not possible to monitor access to federal networks in real time, not all federal agencies have 24/7 network monitoring capabilities, and US-CERT's Einstein system is too backward looking in that it identifies threats that have already had an impact.
Chertoff said the government simply doesn't respond fast enough across the board. "The time delay is time that we cannot afford to lose in a world where attacks come literally in microseconds and from all corners of the globe," he said.
In keeping with the President's National Strategy to Secure Cyberspace, Chertoff aims to reduce the number of network access points into federal agencies from about 1,000 presently to about 50. He called for beefing up the cyberdefenses of federal agencies and making sure that all of them can respond to threats around the clock.
"The best way to deal with an attack is to prevent it before it happens rather than after it has occurred," Chertoff said.
Chertoff also emphasized the need for the federal government to engage with the private sector, given that so much of the nation's critical infrastructure is secured by private organizations.
And at some point when the government's network security systems are more responsive, Chertoff said he expected that the government would share some network security data to help the private sector keep its systems secure.