The White House is looking at boosting the authority of the US military and other agencies to protect the country’s infrastructure from possible cyber attack, a top general said Thursday.
The newly formed US Cyber Command is assigned the job of safeguarding military networks and not commercial power grids or banking computer networks, said General Keith Alexander, who leads the command.
“It is not my mission to defend, today, the entire nation,” Alexander told the House Armed Services Committee. “Our mission in Cyber Command is to defend the Defense Department networks.”
But he added: “I think this is what the White House, congressman, is actually looking at.”
In examining how to fend off potentially disastrous attacks on digital infrastructure, the White House is weighing strategy, legal authorities and the proper role for the military, the Department of Homeland Security, the FBI and other agencies, he said.
The White House is reviewing “what are the authorities, what do we have legally, and then given that, what do we have to come back to Congress and reshape or mold for authorities to operate in cyberspace.”
Alexander described a scenario in which the US electricity grid or other vital networks could be shut down by an “unknown capability” in cyberspace.
His comments will likely fuel a long-running debate about how the government balances civil liberties with the need to protect against possible digital sabotage.
The four-star general also leads the secretive National Security Agency that runs extensive eavesdropping and other electronic spying. Some critics have argued there should be a clearer distinction between government agencies charged with protecting digital networks and those carrying out espionage.
On Wednesday, Alexander told reporters he supported the idea of sealing off critical networks, including the electricity grid, in a “secure” zone separate from the rest of the Internet.
Such an approach “makes a lot of sense,” he said.
Deputy Defense Secretary William Lynn earlier this year called for a “government-sponsored security regime” that could serve “operators of critical infrastructure.”
Lynn warned that “individual users who do not want to enroll could stay in the wild wild west of the unprotected Internet.”
The new Cyber Command, which was created in May, is due to become operational by October 1, with a budget of 120 million dollars.
I think they should also hire or perhaps communicate with antivirus vendors. When they said “individual users” “enrolling”, I think they mean to provide this to the public. Well, while it does make sense to separate the critical areas in a separate network, if they are also going to make one (i don’t think it’s reasonable to place the public in the same sector as the critical ones since they plan on isolating it and if individual users could enroll in it, the danger of cyber attacks are still plausible albeit less probable since when you enroll, you’re probably listed with a unique id and attacks could be traced) for the public, then sooner or later, it’ll all be the same thing. Besides, if they meant to enroll individual users, it translates to users having unique id’s which in turn also means they will be monitored and their activities. Security-conscious people probably wouldn’t want this.