In electronic warfare, every communication is vulnerable to some form of enemy attack, Ken Silva, director of technical services and network security with Verisign Corporation, said at a Cato Institute forum on cyber-security.
"By and large I think they've done a better job of keeping their network to themselves, and keeping other people out of it," Silva said.
"But everybody's vulnerable to something," and it might turn out that the Pentagon is more susceptible to the jamming of its satellite communications than it is to interception or to hacking, he said.
While it is difficult to assess the potential threat to the U.S. public by cyber-terrorists, an enemy could target the country's energy infrastructure and financial systems, which are vulnerable to disruption, experts said.
Warren Axelrod, director of Global Information Security, said cyber-security incorporates a series of threats, not cyber-terrorism alone.
"Cyber-terrorism is a subset of the overall threat environment," he said.
Security analysts have seen a proliferation of a variety of damaging creations and activities, including viruses, worms, and network breaches, Axelrod said. With such accelerating use of the Internet, the impact on commerce of unintentional network breakdowns and deliberate acts of destruction is greater every day, he said.
"So when you're talking about cyber-security, you're talking about securing against any kind of attack, even unintentional attack," Axelrod said.
Donald A. Purdy, a member of the recently-established President's Critical Infrastructure Protection Board - which is seeking to develop a national strategy to secure cyberspace - said it was not clear how likely the United States is to suffer an attack on its critical infrastructure that had cascading effects.
An answer to that question would require an analysis of the capabilities of those that might attack the United States and America's abilities to resist attack, he said.
The United States did not know the full extent of the Soviet Union's capability to attack with chemical and biological weapons until after the Cold War, when a senior Soviet official defected, Purdy noted.
Evidence that the Soviets had 22 hidden sites and over 100,000 employees devoted to their chemical and biological project only came out after the defection, he said. Similarly, there is no firm proof today of a cyber threat, he said.
"Certainly there will be attacks, there will be costly attacks. We don't know how devastating those attacks will be on the United States, but we don't want to find out," Purdy said.
To improve cyber-security, the President's Critical Infrastructure Protection Board has prepared a draft document in collaboration with sectors of the economy that rely on cyberspace, including state and local government, colleges and universities.
The board is still soliciting the views of groups and individuals on what they see as vulnerabilities in cyber-security, Purdy said.
"Part of the issue related to information sharing is that those who have the information have to perceive that there's a value to themselves, to the country, by sharing. And part of the value comes when government does their part in sharing important information as well," he said.
"We're encouraging both in the private sector and within the government to share information, but also create the capability for analysis of the information," Purdy added.
He also said the U.S. military for the most part had done "an exemplary job" of trying to be at the forefront of securing information systems and communications.
"I think the civilian government could take a lesson in many respects from the lessons they've learned and the practices they've followed," he said.
E-mail a news tip to Lawrence Morahan.
Send a Letter to the Editor about this article.
