Howard Schmidt Dismisses Cyberwar Fears

Cybersecurity Coordinator: Defense of Critical IT Improved

By , March 6, 2010.
Howard Schmidt Dismisses Cyberwar Fears

W

See Also: Fighting Financial Fraud: Mitigation for Malware, Phishing & DDoS Attacks

hite House Cybersecurity Coordinator Howard Schmidt isn't buying into the grim forecasts that the United States is ill prepared to defend the government's and nation's critical information assets from an immense virtual attack by political adversaries or cyber criminals.

Schmidt, in a face-to-face interview with GovInfoSecurity.com, said the federal government and the private businesses that control 85 percent of the nation's critical IT infrastructure are better positioned than ever to fend off massive digital assaults.

The Obama administration's top cybersecurity official was responding to questions about recent comments made by former National Intelligence Director Michael McConnell that the United States would lose a cyberwar and a simulated cyber attack known as Cyber ShockWave, aired last month on CNN, that disrupts smart phone service to 20 million customers, shutters an electronic energy trading platform and cripples the power grid along the Eastern seaboard.

"How would we fare in some sort of a massive cyber intrusion and attack like that? I think we're much better prepared now than we were in the past," Schmidt said in the interview held during the RSA 2010 IT security conference in San Francisco.

IT security professionals protecting key systems know of the existence of the vulnerabilities and are taking steps to mitigate them to lessen their impact, he said.

Schmidt questioned whether such an event as a cyberwar can exist. "A cyberwar is just something that we can't define," he said. "I don't even know (how a) cyberwar would benefit anybody. Everybody would lose. There's no win-lose in the cyber realm today. It affects everybody; it affects businesses, it affects government, so number one, there's no value in having one.

"When you start looking at the actors involved, it's even more difficult to determine, because often times, we see things that take place that one person may say, 'Well, this is attributed to a particular government or an agent state,' and in reality could be a group of hackers somewhere. We've seen reports in the past, where people talk about the most sophisticated attack they've ever seen, and reality, when you talk to the experts, it's basically exploiting an unknown vulnerability that just hasn't been fixed. So, there's a lot of dynamics there that are totally different than the kinetic world."

Programs such as Cyber ShockWave, sponsored by the Bipartisan Policy Center, have raised the alarm about the damage a major cyber attack could cause. Schmidt was specific in saying he wasn't addressing Cyber ShockWave, but characterized similar programming as entertainment that may not be based in reality. "There's a lot of hype out there that's created all kinds of environments that are just inaccurate," Schmidt said. "People do TV shows that act like doom and gloom and things are going to fall apart, but that's not true. That's just flat not true."

Schmidt said he enjoys such entertainment. "I appreciate good entertainment, but after some news story breaks that's got tremendous coverage, I get 50 e-mails from real experts in the industry - Bruce Schneier, Vint Cerf, Whit Diffie and these guys - who ask, 'What is it with these people? Don't they understand that this is not the way things really work?' So, as a consequence, we have to really balance that and say, 'Here's what the real world looks like, and entertainment is entertainment.' ... It's got to be accurate, which is why in the things we're doing it is very important to make sure that we're speaking as accurately and frankly as possible."

Schmidt's optimism about defending cyber assets raised the question whether his remarks are aimed at not scaring the public about the threats facing the nation's IT. He's said he's sincere in his observations. "I don't view the world with rose-colored glasses; that's for sure," he said.

"I've been in this business long enough, that I've gone from being the doom-and-gloom to understanding we've come a long way," Schmidt said. "I am tremendously optimistic about the talent we have, the leadership we have in this area now across the board, both in government and private sector, the international attention being paid to this. I can't help but be optimistic, because we've come a long way."

* * *

Also see: Yes, Howard Schmidt Has the President's Ear

Follow Eric Chabrow on Twitter: @GovInfoSecurity

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Report: 'Wiper' Malware Hit Casino Firm

A report claiming that Las Vegas Sands Corp. was hit with a "wiper" malware attack back in...

Latest Tweets and Mentions

ARTICLE Report: 'Wiper' Malware Hit Casino Firm

A report claiming that Las Vegas Sands Corp. was hit with a "wiper" malware attack back in...

The ISMG Network