CIA official says hackers move too fast for agency

WASHINGTON (AP) _ The CIA cannot predict computer attacks on U.S. systems before they happen, as the agency is expected to do with political and military events, a top CIA official told Congress on Thursday.

Thursday, June 21st 2001, 12:00 am

By: News On 6


WASHINGTON (AP) _ The CIA cannot predict computer attacks on U.S. systems before they happen, as the agency is expected to do with political and military events, a top CIA official told Congress on Thursday.

Despite a major increase in intelligence efforts dedicated to computer security, attackers still develop new tools and techniques faster than the CIA can keep up, Lawrence K. Gershwin said.

Often, ``we end up detecting it after it's happened,'' said Gershwin, the CIA's top adviser on science and technology issues. ``I don't feel very good about our ability to anticipate.''

Gershwin told the Joint Economic Committee that foreign governments are the most potent threat to U.S. computers for the next five to 10 years, rather than terrorists or lone troublemakers.

So far, he said, individual hackers don't have the skills or the motive to make a major attack against U.S. infrastructure like the telephone system or financial networks. And since terrorists want immediate and predictable results, they will stick with their current attacks for the foreseeable future.

``Terrorists really like to make sure that what they do works,'' Gershwin said. ``They do very nicely with explosions, so we think largely they're working on that.''

Still, Gershwin warned that a terrorist organization could surprise intelligence officers and mount a cyber attack within the next six months.

The committee focused on the vulnerabilities faced because of the separation of the public and private sector. Even though the government uses commercial networks, and vice versa, there still is little information shared and attackers could exploit that split.

``When a commander at the Pentagon tries to call a commander in the field,'' Sen. Robert Bennett, R-Utah, said, ``he's connecting with Verizon.''

Gershwin said that this reliance on private networks can mean that a foreign power could install a backdoor into government systems.

``While we may be working with American companies on issues at some point, there are contracts and subcontracts,'' Gershwin said. ``It gets hard to tell who's doing the work for you.''

Gershwin and other legislators said they would like to see more cooperation between businesses and government, similar to the programs designed to beat the Y2K bug.

There are some public-private collaborations, such as the FBI's InfraGard program to get closer to tech companies and the federal Information Sharing Analysis Centers. But there is still much distrust, as companies don't want to share their vulnerabilities with other firms or see them reported publicly, and the government holds back its secrets.

``I'd like to think we can work on that collaboration now,'' said Rep. Adam Putnam, R-Fla., ``rather than when there's a crisis.''
logo

Get The Daily Update!

Be among the first to get breaking news, weather, and general news updates from News on 6 delivered right to your inbox!

More Like This

June 21st, 2001

September 29th, 2024

September 17th, 2024

July 4th, 2024

Top Headlines

December 11th, 2024

December 11th, 2024

December 11th, 2024

December 11th, 2024