Aug 31, 2009 03:50 PM | 5
Could President Obama, in the event of a massive cyber attack against government computers, be given the power to bring Internet traffic to a stop?
That's the big question being asked in cyber security circles today. The answer is no, at least not based on the Cybersecurity Act of 2009 that Sen. Jay Rockefeller first (D–W.V.) proposed in April nor on an excerpt of the revised bill that's been floating around the Web since late last week.
The confusion arises from some of the language in the bill's original version, which proposes to give the president authority to declare a cyber security emergency and "order the limitation or shutdown of Internet traffic to and from any compromised Federal Government or United States critical infrastructure information system or network." By critical infrastructure, we're talking about the computers that run utilities, banks, hospitals and government agencies—the institutions that society relies on to function normally. The first draft of the bill also seeks to give the president the ability to "order the disconnection of any Federal Government or United States critical infrastructure information systems or networks in the interest of national security."
An excerpt of the revised bill, obtained by CNET, would still give the president authority to declare a cyber security emergency, but it makes no mention of tinkering with Internet traffic or disconnecting government computers from networks they might share with critical infrastructure systems.
It's important to note that the proposed legislation (both the original and the revised copies) would give the U.S. federal government the ability to protect its computers from attack by closing off areas of vulnerability—which could include connections to the Internet or any other network—something it presumably already does when under attack.
In reality, the government controls very little of the country's critical infrastructure, more than 85 percent of which is in the hands of private industry. Much effort has gone into getting private companies to voluntarily share information with the government—in particular, the U.S. Department of Homeland Security—but these plans are still being worked out.
Whether the U.S. government even could control the Internet is another issue. As Govinfosecurity.com notes in a blog today, "There is no on-off switch for the Internet." Given that it is a network of networks without any true central control point, "any attempt to redesign that architecture to give the president that on-off switch, though theoretically possible, would be costly and realistically impractical," Govinfosecurity.com says.
Image ©iStockphoto.com/ Sean Locke
More News Blog: Next: Faster, harder, louder: Are primitive grunts and futuristic gear changing the game of tennis? Previous: A tree grows in Vietnam... and another is lost in Burma
Deadline: Jun 29 2013
Reward: $7,000 USD
The Seeker for this Challenge desires proposals for chemical methods that could rapidly degrade a dilute aqueous solution
Deadline: Jul 30 2013
Reward: $100,000 USD
The Seeker desires a method for producing pseudoephedrine products in such a way that it will be extremely difficult for clandestine che
Save 66% off the cover price and get a free gift!
Learn More >>X