Cyberspace a key battleground in homeland security effort
In his new role, Richard Clarke, the President's cybersecurity advisor, is working to protect the public and private sector services that Americans depend on. In an interview with Government Executive, Clarke described one of his first projects--GovNet, a super-secure voice and data network for federal civilian agencies. "Some federal functions really can't suffer from a network outage," he said, citing the air traffic control system, manned space flight and the operations of the Federal Emergency Management Agency during hurricane relief efforts as examples. While Clarke doesn't expect GovNet to the "silver bullet" that keeps federal computers safe, he is confident the proposed network would effectively address at least one issue: the federal government's vulnerability to 'distributed denial of service' attacks. Hackers use such attacks to crash networks by flooding them with bogus information sent by hundreds, if not thousands, of infected computers, also known as "slaves" or "zombies." "Even if you manage to secure the computers and networks of an enterprise," he said, "that enterprise can still be taken down by a distributed denial of service attack." But a dedicated network is impervious to all manner of denial of service attacks, Clarke said. However, such networks are not 100 percent protected from viruses. But, when viruses do appear, they appear long after the initial outbreak. This gives systems administrators a leg up on handling problems, Clarke said. "The thing you can do on a private network is monitor the hell out of it," he said. GovNet is not intended to replace agencies' Internet access, rather, it is to be used for critical internal functions. Secure intranets already in operation in at federal agencies would be migrated to GovNet, Clarke said. Clarke's efforts to protect federal networks fit into the larger effort of securing the nation's critical infrastructures-the transportation, banking, finance, electric and telecommunications systems. Clarke heads the President's Critical Infrastructure Protection Board, a White House entity created by executive order in October. The Bush administration's critical infrastructure protection effort is 98 percent focused on cyberspace and 2 percent on physical structures that support cyber networks, he said. "If you cut a fiber network with a backhoe, you've done as much damage as a distributed denial of service attack," he said. Clarke also warned of vulnerabilities to "critical nodes," physical locations where numerous services coincide and whose destruction would disrupt national and economic security. "There are physical locations that have to be hardened and protected," he said. A subcommittee of the Critical Infrastructure Protection Board is working on the problem.