Rallying troops in a growing cyberwar
People with bad intentions and good computer skills are hacking into other people’s
e-mails and computer networks every minute of every day. They steal personal information, credit card numbers, trade secrets and government intelligence.
“We are losing data, we are losing money, we are losing ideas, and we are losing innovation,” FBI Director Robert Mueller said earlier this year. “Together we must find a way to stop the bleeding.”
Washington Post Live, the division of the media company that organizes forums and debates, convened on Oct. 31 some of the leading minds in America focused on strengthening cybersecurity. Excerpts of remarks by some speakers, including Homeland Security Secretary Janet Napolitano, are published in this special report and video can be viewed at WashingtonPostLive.com/cybersecurity.
The forum focused on strengthening the cyber defenses of institutions critical to the nation: financial firms, electric power grids, transportation and water systems — all run by computer networks that potentially can be hacked.
Defense Secretary Leon Panetta warned last month about how devastating these kinds of attacks can be and said the U.S. faced the threat of a
To illustrate how the growing number of federal agencies involved in monitoring cyber crime might work with a private company whose networks have been breached, The Post designed a cyber attack scenario — a fictitious attack on a U.S. oil company that paralyzed the company. We asked experts including William J. Lynn III, the former U.S. deputy secretary of defense, to explain who in the government takes charge, how the government deals with private company sensitivities about sharing data and how they try to track down and punish the attacker.
The scenario illustrated tensions over data-sharing between private industry and government. CEOs often prefer to handle problems with their own team, worried about the effect of bad publicity on their stock prices and their firm’s liability.
Lynn said a problem he has seen is “the slowness with which a private company recognizes the magnitude of what they’re facing. When they get to the point of asking for help, actually the relationships [with the government] works quite well.”
The Obama administration has made a big push this year to raise the alarm that more needs to be done to protect the networks of vital companies. Legislation has failed, so far, but contractors who do business with the government will have to prove an acceptable level of cyber defenses.
Companies, as they see billions of dollars of intellectual property being stolen, are beefing up their network security. But then cyber thieves get more clever. The online cyber war is escalating.
Out of necessity, private industry and government are going to have to work more closely together. As FBI Director Mueller said, “I am convinced that there are only two types of companies: those that have been hacked and those that will be.”
— Mary Jordan,
editor of Washington Post Live