http://dailynews.yahoo.com/h/nf/20010622/tc/11478_1.html

Friday June 22 01:25 PM EDT

CIA to Congress: We're Vulnerable to Cyber-Warfare

By Tim McDonald, www.NewsFactor.com

The U.S. is losing ground in the battle to protect its critical computer infrastructures from potential cyber attacks, the CIA (news - web sites)'s top advisor on technology matters testified on Thursday.

Though the U.S. has invested heavily in "information warfare" (IW), it does not yet have the ability to deal with Net incursions as it does with political and military events, because the technology is changing so rapidly.

"I don't feel very good about our ability to anticipate," the CIA's Lawrence Gershwin said in congressional testimony before the Joint Economic Committee.

Both Gershwin and Senator Robert Bennett (R-Utah) pointed out that terrorists could exploit the separation of government and private computer systems and called on more interaction and cooperation between the two sectors on issues of national cyber-security.

"When a commander at the Pentagon (news - web sites) tries to call a commander in the field, he's connecting with Verizon," Bennett told the committee.

Threats Abound

Gershwin said foreign governments will continue to be the biggest threats to U.S. computers over the next five to 10 years because individual hackers or small terrorist groups don't yet have the skills to mount effective attacks against U.S. online institutional infrastructures, like communications networks or power grids.

He said a "fair amount" of foreign countries have active IW programs, but named only two, Russia and China. Both countries, Gershwin said, "appear" to be developing computer-based tools capable of doing significant and long-term damage to the U.S. economy.

Military analysts say China in particular has an aggressive IW program, launched in earnest after it concluded it could not defeat the U.S. in conventional warfare. China came to that conclusion, experts say, after witnessing the devastating American victory in the Persian Gulf War (news - web sites) of 1991.

From Bombs to Viruses

Gershwin said terrorists still prefer bombs, but that priority could change: "We anticipate more substantial cyber-threats in the future as a more technically competent generation enters the terrorist ranks."

The cyber-weapon of choice will probably be computer viruses, which are becoming more controllable and precise, Gershwin said. In addition, their anonymity makes retaliation difficult.

Most military analysts agree that the next major, international conflict between two technologically advanced countries will involve computer network attacks. Cyber-warfare is attractive to commanders and politicians because it is comparatively cheap and minimizes human casualties.

Watching 'Intensely'

It is known that North Korea (news - web sites), Iraq, Libya, Cuba, Britain, France and Israel are among the countries that have IW programs. Analysts believe there are as many as 20 countries with cyber-warfare capabilities. "We watch them very intensely," Gershwin said. "Some of them are aimed at the United States and some of the others are probably aimed at others."

The U.S. military, with 2.5 million computers, has been training technicians to guard against computer attacks by other countries. The Pentagon confirmed last year it is building offensive computer weapons which could be used against enemies, and it has already done so in a limited way.

American warplanes used electronic jamming signals that disrupted Iraqi air-defense computers in the Persian Gulf War. Also, in Kosovo in 1999, U.S. officials considered withdrawing funds electronically from Slobodan Milosevic (news - web sites)'s bank accounts, but eventually backed off for legal reasons.

At a press conference last week, a senior Defense Department official and a senior military official agreed that information warfare will be a major factor in the nation's long-term defense strategy.

-- (news@of.note), June 22, 2001