Former Presidential Security Advisor On Playing It Safe

By Jennifer Zaino, CRN
March 04, 2003 11:34 AM ET

Richard Clarke, former special adviser to the president for cyberspace security has some words of wisdom for IT professionals: Beef up your security, encourage government funding of anti-terrorist technology and be vigilant about suspicious activity.

In his first public speech since leaving his advisory, Clarke told attendees at InformationWeek's Spring Conference that now is the time to work hard to get the government to fund anti-terrorism research, pay for awareness training, and provide information--even classified data--to the private sector about threats in an effort to secure cyberspace.

Terrorism, the potential war in Iraq, and the country's cyber-vulnerability all came under Clarke's scrutiny. Referring to the arrest this weekend of al-Qaida's Khalid Shaikh Mohammed, said to be the mastermind of the Sept. 11, 2001, attacks, he said that the terrorist group might use cyberspace to attack the country's infrastructure. He notes that it was clear from confiscated computers that the group was using the Internet to do "virtual reconnaissance" on our infrastructure--not only on companies but also on dams and power plants and the software that runs them--and downloading hacker tools from Web sites

According to Clarke, some of the recent attacks, such as the DNS (denial-of-service) attacks of a few months ago and the recent Slammer worm, seem to be evidence of "some funny things happening in cyberspace" that stopped short of being seriously destructive. "It looked to me like people were seeing what you could do to be really destructive but not being really destructive--yet."

Even companies that have managed to avoid cyberinjury so far need to care about vulnerabilities in the DNS as well as in the border gateway portals because "the chances of being hit in the next 24 months are high" no matter how good a job a company is doing with security. More importantly, he says, such attacks hurt the economy. The $17 billion lost in 2001 as a result of cyberattacks may be a drop in the bucket in a $17 trillion economy, but Clarke says that's just the tip of the iceberg: "We'll see more destructive attacks."

Clarke offers suggestions including:

Ask software companies to come up with best practices for code drafting so things such as buffer overflows can be avoided;
Have the federal government offer tax credits to get companies to get rid of old edge routers that aren't equipped to secure border gateway portals;
Have broadband providers make sure to include firewalls as part of the broadband-access packages they sell to consumers so their PCs can't be overtaken for use in denial-of-service attacks;
Have Internet service providers follow FCC voluntary rules, posted a few months ago, to ensure security and interoperability;
Improve wireless phone security.

To keep on top of what's happening in the government sector, sign up for our weekly newsletter VARBusiness Government Insider

Related: Videos | Slide Shows | ChannelCasts | Comments

Comments by Vanilla

Recent Articles

	Public Display: Hot Scenes From XChange Public Sector Hundreds of VARs, integrators, vendors and analysts descended on the Sawgrass Marriott in Jacksonville, Fla., last week for XChange Public Sector. Here's a look at what you missed if you weren't there, from heated health-care and government discussion to just plain heat.
	CRN 2010 Public Sector Awards: Meet The Big Winners CRN saluted four vendors and five VARs and integrators at XChange Public Sector in Jacksonville. Have a look at who took home the hardware this year, including Public Sector Integrator of the Year.
	10 Burning Questions For The Public Sector Channel As XChange Public Sector kicks off in Jacksonville June 12, here's a look at some of the most pressing issues for public sector VARs and integrators, from cybersecurity and firm-fixed-price contracts to green technology and small business priorities.
	More Slide Shows