Experts divided over cyber-terrorist threat

Summary:Senior US government and military figures claim the security threat to critical national infrastructures is high, but experts disagree over the success of cryptography in countering this threat

Security experts are divided over the best way to address cyber threats to critical national infrastructures — the computer systems that control essential services such as gas, water, and electricity.

At the RSA Conference in San Francisco on Tuesday, US homeland security secretary Michael Chertoff said it was a certainty that such infrastructures faced increased threats from hackers. Some security experts have responded by claiming cryptography is sufficient in securing the networks in question, but others have suggested the networks are not impenetrable.

"Cyber attacks are not a theoretical possibility or even a remote probability — it's a no-brainer that there is [increased threat]", said Chertoff. His words echoed those of the president of the Institute for Defense Analysis, retired general Larry D Welch, who told ZDNet.co.uk at the Cyber Warfare Conference 2008 in London last week that the threat to military and critical national infrastructure networks from terrorist or government incursions was "very serious".

"We've seen probing of aircraft control systems, probing of electrical grids," said Welch. "You can't say when or what will happen, but the potential consequences make it a very serious threat. Shutting down the infrastructure at the right time can be devastating — shutting down the natural gas infrastructure in the northern states in winter, or shutting down the traffic-light system in a city in rush hour, [for example]. Threats to banking and finance could cause substantial losses."

Also at the Cyber Warfare Conference last week, a senior figure in the US Air Force told ZDNet.co.uk that the US needed to create great cyberattack capabilities of its own, rather than relying on network defence. However, at this week's RSA Conference, Sun's chief security officer Whitfield Diffie questioned that idea, arguing that cryptographic network defence was working.

"We have had remarkable success in cryptography," said Diffie at a forum session at the conference in San Francisco. "The security of cryptographic systems seems, as a practical matter, to have been resolved. On the other hand, internet security is a complete mess.

Bruce Schneier, chief security technology officer for BT, agreed that securing the internet was a more major problem than...

Topics: Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.