Summit: Ban the Internet bad guys!
Such dire feelings ran high at Tuesday's Defense Summit here, where government officials, law enforcement officers and corporate managers met to find ways to improve Internet security in light of this year's denial-of-service attacks and the recent (and ongoing) outbreak of the "ILOVEYOU" worm.
"The biggest threats to our government today are cybersecurity (issues) and the proliferation of nuclear weapons," said Sen. Fred Thompson, R-Tenn., who spoke at the closed-door conference taking place at the offices of technology think tank SRI International.
Thompson, who chairs the Senate Committee on Governmental Affairs, stressed that the government needs to push industry to secure its own networks.
"Clearly, the government has a legitimate interest in protecting commerce," said Thompson, who shied away from any recommendations for security legislation "We don't even know how to run our own ship."
Thompson and Sen. Joseph Lieberman, D-Conn., proposed a bill in March (S. 1993) to make government agencies responsible for the Internet and information security.
"Vastly many more people are now relying on the Internet, and most of them are oblivious to the risks," he said in prepared notes that he will deliver to the U.S. House Science Subcommittee on Technology on Wednesday.
For the past three years Neumann has given Congress updates on the problems with security on the Net. Despite well-publicized attacks, such as the Melissa virus and February's DoS attacks, corporations have done little to gird themselves in the war against security threats.
"Overall, the situation is grave," he said. "The commercial marketplace is not leading. The government is not exerting enough driving force. This is really a ridiculous predicament and would be funny if it wasn't so serious."
The problem extends to home users as well, said Roberto Medrano, general manager for Internet security solutions at Hewlett-Packard Co. (hwp)
A few years ago companies used Pentium-level processors in their servers. Today, home users have all of that power without the network administrators.
"Now, everyone has a big server in their home," he said. "The most security that any of them will deploy is most likely anti-virus software."
Underscoring the point, Medrano said that because of the quick work by its system administrators, his division at HP had no problems with the ILOVEYOU worm.
Neither did Congress, said Thompson, who joked that the social engineering -- which convinced others to open the Visual Basic attachment -- didn't work on the government.
"We in the government knew when we got an e-mail titled 'ILOVEYOU' that something was wrong," he said.