Net Firms to Attend White House Security Summit

SAN FRANCISCO (02/11/2000) - A few years ago, when the White House tried to meet with technology leaders to discuss the nation's critical telecommunications infrastructure, it was hard to find takers.

But this week, after a series of high-profile cyberattacks on a Who's-Who of Web sites, next Tuesday's White House Internet security summit is a must-attend event for the business community.

The White House has asked about 20 different companies -- including, reportedly, some of the victims of recent attacks, such as eBay Inc. and Yahoo Inc. -- to discuss the overall public-private plan to combat future attacks.

The meeting, which reportedly will also include such technology heavyweights as IBM Corp., Cisco Systems Inc. and Microsoft Corp., will be attended by the President, National Security Adviser Sandy Berger, Attorney General Janet Reno, and Commerce Secretary William Daley, among others. It will be followed by a Feb. 22 retreat on cybersecurity of the National Partnership for Critical Infrastructure Security, with about 200 expected to attend.

A Cisco spokesman confirmed that the company will have a senior executive present at the meeting.

"We look forward to attending," said Cisco spokesman Kent Jenkins. "As an industry leader in providing security solutions, we're anxious not only to share with others in the industry what technical solutions we have to help the technology community devise its own solutions, but to be part of the effort to help provide an Internet community response to any sort of hostile action."

It may have taken the worst cyberattack on e-commerce companies to date to convince the business community that the government is unable to prevent such large-scale attacks alone.

"It is, in the end, the private sector that must take care of itself," said James Adams, CEO of iDefense, a computer security company in Northern Virginia.

"The government has traditionally been in the role of leader and fixer in the national security context. But the private sector is driving the revolution.

The private sector has a mechanism for understanding what is happening, finding out what the bad guy did and making sure it doesn't happen again."

Not everyone believes the private sector will step up to the plate. "Yes, the CEOs will love having their picture taken with President Clinton, but [the summit is] put on for show," said Ira Winkler, president of the Internet Security Advisors Group, a Maryland-based computer security firm. "The government has this head-in-the-sand attitude that companies will do it just because it's the right thing to do. But companies aren't going to spend the money or devote the resources needed to secure their systems unless they're forced to."

What's needed, Winkler says, are new laws akin to building and automobile safety codes to compel the private sector to secure their systems.

The Federal Bureau of Investigation Wednesday launched a probe into attacks this week on Yahoo, Buy.com Inc., eBay, Amazon.com Inc., ZDNet, ExciteAtHome Corp. and the news site CNN.com. Authorities still have little information on who or what has been behind the attacks. They are believed to be caused by distributed denial of attack tools that are so widely available over the Internet an FBI expert said even a 15-year-old could launch them.

But business has been reluctant to work closely with the bureau in the past.

"Private sector distrust of the FBI is very high," said Jim Dempsey, a policy analyst at the Center for Democracy and Technology in Washington. "They're a law enforcement agency; their primary mission is arrest and prosecution.

They're good at investigating crimes, but it's really impossible for them to play a role in Internet security. They didn't build the Internet, they don't run it, and they're not building the next generation."

The administration has been sounding the alarm for some time on the issue of Internet vulnerability. The President has proposed US$2 billion for the 2001 fiscal year for cybersecurity, with most of that targeted for the Pentagon.

Earlier this year, the administration unveiled a long-overdue national plan for guarding the nation's computer systems. The plan included establishing a central intrusion-detection network and create a scholarship program to education and recruit budding information technology experts for the government. A government report, issued last October, concluded the government's computer infrastructure remains dangerously vulnerable to attack from a variety of threats -- terrorists, computer viruses and saboteurs.

More about: Amazon.com, Buy.com, Cisco Systems, CNN, eBay, FBI, Federal Bureau of Investigation, IBM, iDefense, Internet Security Advisors Group, Microsoft, Yahoo

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/171/gadwin-web-snapshot/

Gadwin Web Snapshot

Gadwin Web Snapshot will effectively capture the entire page including all design elements when capturing web pages. It makes an image of the browser’s content ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia