Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Top FBI man wants secure, alternate web

The computer networks that control power plants and financial systems will never be secure enough, a top FBI official says.

The computer networks that control power plants and financial systems will never be secure enough, so government and corporate leaders should consider developing a new, highly secure alternative internet, a top FBI official says.

Shawn Henry, the FBI's executive assistant director, said critical systems are under increasing threat from terror groups looking to buy or lease the computer skills and malware needed to launch a cyber attack.

In an AP interview on Thursday, Henry said jihadist militants looking to harm the US can tap organised crime groups who are willing to sell their services and abilities to attack computer systems.

He would not say which terror group or whether any insurgent networks have actually been able to acquire the high-tech capabilities.

But he said one way to protect critical utility and financial systems would be to set up a separate, highly secure internet.

Henry sketched out the internet idea to a crowd at a conference of the International Systems Security Association, saying that cyberthreats will always continue to evolve and outpace efforts to defend networks against them.

"We can't tech our way out of the cyberthreat," Henry said.

"The challenge with the internet is you don't know who's launching the attack."

A key step, he said, would be to develop networks where anonymity is not an option and only known and trusted employees have access.

The vulnerabilities of critical systems such as power plants, the electric grid or Wall Street were a prime topic during the conference, reflecting growing concerns by US officials.

Government security officials say cyber attackers are using the internet to steal money, ferret out classified secrets and technology and disturb or destroy important infrastructure, from the electrical grid and telecommunications networks to nuclear power plants and transportation systems.

And while Henry described a system for the future, the head of the Pentagon's Cyber Command warned that the attacks against critical systems are increasingly carrying destructive viruses or malware.

General Keith Alexander, who also is director of the National Security Agency, said the Pentagon and intelligence agencies must do more to protect their computer systems and coordinate with private companies to safeguard public networks.

And when a computer network is infected, someone should be able to disconnect it, he said.

"Is it the FBI? Is it the NSA? Is it the military or is it the ISPs - the internet service providers? But somebody can turn that device off," Alexander said during a conference of the International Systems Security Association.

Alexander added that the Defence Department is finalising policies that will determine what the military can do in the event of a cyber attack.

The Defence Department has set up a trial program to share cyberthreat data with some large military contractors in order to prevent intrusions.

The Homeland Security Department is looking at that model to protect power plants, financial networks or other key systems.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Defence Department, FBI, National Security Agency, NSA, Wall Street

Comments

1

drake

Wed 26/10/2011 - 16:31

I think it's kind of ironic that FBI is proposing these drastic solutions... oh by the way... was Mr.Henry also the guy who had the bright idea of not going after cybercrooks unless they stole quarter of a million worth of money??

Here is your agent Mr. Henry http://www.ip-address-lookup-v4.com/article/cybercrime.php explaining it rather candidly.. So you won't investigate anything unless the damages are more than 250k.. Really Shawn.. Really?

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: computer networks, fbi, networks
Latest Blog Posts
Whitepapers
  • Blurring boundaries: The disappearing gap between work and home life
    Call it multi-tasking, life-splicing or bleisure but increasingly, fuelled by advances in technology, employees are blurring the boundaries between home and work. ‘Generation Standby’ employees, never truly ‘switched off’ and always ready to be called upon, are now enjoying, and expecting, greater levels of flexibility and mobility than ever before. Read on.
    Learn more »
  • IDC MarketScape: Worldwide Business Process Platforms 2011 Vendor Analysis
    Enterprises adopting business process management (BPM) software have wide-ranging needs, from highly dynamic task management to complex, high-volume processing with a focus on straight-through automation and the ability to rapidly detect exceptions. This IDC MarketScape focuses on what we call business process (BP) platforms, which are optimized to support midrange to more complex use cases. Read on.
    Learn more »
  • Case Study: HJ Heinz
    Heinz has trusted Sophos to protect its desktop users and email systems from malware and spam for many years. As part of its multi-tier approach to IT security, the company needed more robust protection against web-based threats and the use of unauthorised applications.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments