1998 Congressional HearingsIntelligence and Security
1998 Congressional HearingsMr. Chairman, distinguished members of this Committee, it is a pleasure for me to come here today to discuss with you a very serious threat to our national security - the vulnerability of our critical information infrastructure to a potentially devastating high tech attack.
就像武器的扩散大规模Destruction, international terrorism, and drug trafficking, information warfare has the potential to deal a crippling blow to our national security if we do not take strong measures to counter it.
例如,考虑到今年早些时候的《华盛顿邮报》的报告说,有11个美国军事系统受到“电子攻击”。犯罪者最初并不知道,因为它们通过通过阿拉伯联合酋长国计算机系统来掩盖攻击来掩盖轨道。尽管没有渗透分类系统,也没有访问分类记录,但访问了物流,管理和会计系统。这些系统是管理我们的军队并将其部署到现场所需的数据的核心核心。最后,我们发现来自加利福尼亚州的两个年轻黑客在以色列的一名少年黑客的指导下通过阿拉伯联合酋长国进行了袭击。
This should not surprise us. A recent DoD study said that DoD systems were attacked a quarter of a million times in 1995. As a test, a Defense Department organization that same year conducted 38,000 attacks of their own. They were successful 65 percent of the time. And 63 percent of the attacks went completely undetected.
We have spent years making systems interoperable, easy to access, and easy to use. Yet we still rely on the same methods of security that we did when data systems consisted of large mainframe computers, housed in closed rooms with limited physical access. By doing so, we are building an information infrastructure -- the most complex the world has ever known -- on an insecure foundation. We have ignored the need to build trust into our systems. However, simply hoping that someday we can add the needed security before it's too late is not a strategy.
In this hearing today, Mr. Chairman, I hope to leave you with three key points. First, I want you to take away an appreciation for the growing seriousness and significance of the emerging threat to our information systems. Secondly, I want to emphasize the need to evaluate the threat from the perspective of both state and non - state actors - proliferation of malicious capabilities exists at every level. And finally, I want to provide you with an appreciation for what the Intelligence Community is doing to combat the problem. On this last point, let me assure you that our engagement in infrastructure protection extends not just to efforts within the intelligence community but to participation with all the other stakeholders in our nation's infrastructure systems -- across government agencies, in academia and in the private sector.
As this Committee well understands, we have staked our way of life on the use of information. We rely more and more on computer networks for the flow of essential information. Like electricity, we now take information infrastructures for granted. Reliability breeds dependence - and dependence produces vulnerabilities. Today, as a result of the dramatic growth of and dependency on new information technologies, our infrastructures have become increasingly automated and inter - linked. Disruptions in information - based technologies can range from being a serious nuisance - as we saw just weeks ago when the loss of a single satellite caused a nation - wide halt in electronic pager systems---to potentially disastrous. Consider what such a disruption would have caused in Operation Desert Storm, where our information systems had to accommodate a communications volume of 100,000 electronic messages and 700,000 telephone calls a day. Seven years later, those figures would be far greater and our reliance on computers is much greater as well.
It is in this context that we must appreciate that future enemies, whether nations, groups, or individuals, may seek to harm us in non - traditional ways. Non - traditional attacks against our information infrastructures could significantly harm both our military power and our economy.
谁会考虑攻击我们国家的计算机系统?昨天,您收到了一份分类的简报,详细回答了这个问题。我可以在这个论坛上告诉您,潜在的攻击者范围从国家情报和军事组织,恐怖分子,罪犯,工业竞争者,黑客以及不幸或不忠的内部人士。这些对手中的每一个都是由不同的目标激励,并受到不同资源,技术专长,目标访问和风险承受能力的限制。
为什么我们会受到攻击?有很多激励措施:
The stakes are enormous. Protecting our critical information infrastructure is an issue that I am deeply concerned about and requires attention from us all.
As I recently testified before the SSCI in January, we have identified several countries that have government - sponsored information warfare programs. Foreign nations have begun to include information warfare in their military doctrine as well as their war college curricula with respect to both offensive and defensive applications. It is clear that nations developing these programs recognize the value of attacking a country's computer systems - both on the battlefield and in the civilian arena.
The magnitude of the threat from various forms of intrusion, tampering, and delivery of malicious code is extraordinary. We know with specificity of several nations that are working on developing an information warfare capability. In light of the sophistication of many other countries in programming and Internet usage, the threat has to be viewed as a factor requiring considerable attention by every agency of government. Many of the countries whose information warfare efforts we follow realize that in a conventional military confrontation against the US, they cannot prevail. These countries recognize that cyber attacks - possibly launched from outside the US - against civilian computer systems in the US - represent the kind of asymmetric option they will need to "level the playing field" during an armed crisis against the United States.
Just as foreign governments and their military services have long emphasized the need to disrupt the flow of information in combat situations, they now stress the power of "Information Warfare (IW)" when targeted against civilian information infrastructures. The three following statements, all from high-level foreign defense or military officials, illustrate the power and the import of information warfare in the decades ahead.
For example, in an interview late last year, a senior Russian official commented that an attack against a national target such as transportation or electrical power distribution would - and I quote - ". . . by virtue of its catastrophic consequences, completely overlap with the use of [weapons] of mass destruction."
一篇文章在中国“人民解放日报”stated that--and I quote--"an adversary wishing to destroy the United States only has to mess up the computer systems of its banks by hi-tech means. This would disrupt and destroy the US economy. If we overlook this point and simply rely on the building of a costly standing army . . . it is just as good as building a contemporary Maginot Line."
第三国的国防出版物说:“信息战将是未来战争和纠纷中最重要的组成部分。”作者预测,自从我引用“仅信息战可能会决定结果”以来,就会预测“无血”冲突。”
As these anecdotes clearly demonstrate, the battle - space of the information age will surely extend to our domestic infra-structure. Our electric power grids and our telecommunications networks will be targets of the first order. An adversary capable of implanting the right virus or accessing the right terminal can cause massive damage.
信息战不仅涉及进攻能力,而且还与防守准备一样。这个事实并未在其他人身上丢失。许多国家(其中几个都是潜在的对手)正在审查自己对军事和民事活动的信息系统的日益增长的依赖。他们正在寻找自己的脆弱性和开发保护自己的方法。我们必须这样做。如果没有,我们很快就会发现自己在解决未来十年的主要安全挑战方面处于重大劣势。
接下来 - 我想研究这种威胁超出传统国家以外的程度,以成为结构较低的对手的潜在选择武器。
恐怖分子和其他非国家行为者开始认识到,信息战为他们提供了新的,低成本,易于隐藏的工具来支持其事业。他们也将把美国视为潜在的有利可图的目标。这些人对于美国很难追踪网络 - 空间
Terrorists, while unlikely to mount an attack on the same scale as a nation, can still do considerable harm. What's worse, the technology of hacking has advanced to the point that many tools which required in - depth knowledge a few years ago have become automated and more "user - friendly." It may even be possible for terrorists to use amateur hackers as their unwitting accomplices in a cyber attack.
Cyber attacks offer terrorists the possibility of greater security and operational flexibility. Theoretically, they can launch a computer assault from almost anywhere in the world, without directly exposing the attacker to physical harm. Terrorists are not bound by traditional norms of political behavior between states. While a foreign state may hesitate to launch a cyber attack against the US due to fear of retaliation or negative political effects, terrorists often seek the attention - and the increase in fear - that would be generated by such a cyber attack.
Established terrorist groups are likely to view attacks against information systems as a means of striking at government, commercial, and industrial targets with little risk of being caught. Global proliferation of computer technology and the open availability of computer tools that can be used to attack other computers make it possible for terrorist groups to develop this capability without great difficulty.
Terrorists and extremists already are using the Internet and even their own web pages to communicate, raise funds, recruit and gather intelligence. They also will use it to launch attacks against their adversaries. They may even launch attacks remotely from countries where their actions are not illegal or with whom we have no extradition agreements.
Let me give you a few examples of what I am talking about. A group calling themselves the Internet Black Tigers took responsibility for attacks last August on the e-mail systems of Sri Lankan diplomatic posts around the world, including those in the United States. Italian sympathizers of the Mexican Zapatista rebels crashed web pages belonging to Mexican financial institutions. While such attacks did not result in damage to the targets, they were portrayed as successful by the terrorists and used to generate propaganda and rally supporters.
Mr. Chairman, as terrorists and other adversaries well know, our society is based on the free flow of information. That concept is clearly embodied in the Constitution. It forms the foundation of our freedoms and of our productivity. Consequently, our systems are built to facilitate access and openness and they must remain so within the reasonable bounds of security. It is just that openness, however, that makes our systems so vulnerable.
那么,我们将如何在这个巨大的相互联系的世界中发现攻击呢?没那么简单。首先,那些通常会攻击我们的人是艰难的情报目标。其次,他们将使用便宜的,易于使用的技术和技术。模式将很难发现。此外,入侵检测技术仍处于起步阶段,我们需要观察到的系统非常多样化。当检测到攻击时,攻击的根源将被掩饰。更重要的是,在检测到麻烦后,分析师需要花费时间来确定问题是偶然还是通过设计解决。除非我们有智力迹象符合某人的攻击意图(例如通过人类来源),否则战术警告将很难获得。
但是,通过结合政府和工业的努力,我们将能够汇集自己的优势并分享必要的信息以允许合理的辩护。此外,通过分享公共部门和私营部门之间的研发负担,我们每个人都将更好地利用对方的专业知识。这是连通性的优势之一。
Protecting our systems will require an unprecedented level of cooperation across government agencies and with the private sector. That cooperation already has begun. I view the report of the President's Commission on Critical Infrastructure Protection as a defining moment in identifying vulnerabilities in our information infrastructure, in assessing the potential threat to our national security, and in establishing the requirement as well as the momentum for a coordinated effort on information operations. The intelligence community engaged actively in the preparation of that report as well as in publishing the National Intelligence Estimate on Foreign Threats that served as the companion piece to the Commission's report. In producing the NIE, the intelligence community enjoyed extensive interaction with representatives from law enforcement and DoD information security agencies to assess the threat to our computer networks.
These two documents -- the NIE and the Commission report - have provided the impetus for significant activity in both the public and private sector to combat the threat to our computer systems. The attention directed to the threat to our information security systems also resulted in the stand - up of dedicated activities within CIA, DIA, and NSA. CIA also appointed an Information Warfare Issue Manager, whose responsibility is to focus collection and all - source analysis on the IW threat and to provide an IW center of excellence within the Agency.
As a community, we have also been active participants, together with other information operations stakeholders, in the NSC - Chaired Interagency Working Group that produced the Presidential Directive titled "Critical Infrastructure Protection" and we are now active in the NSC Critical Infrastructure Coordinating Group tasked to implement that directive. Each of these efforts has had a cumulative effect in building the critical mass that will be required to deal with the threat to our information infrastructure. The Commission report, the NIE, and the recent Presidential Directive will provide the public and private sector with a clear blueprint as to the direction we are taking.
Our very considerable efforts with the Department of Defense have produced organizational, policy and capability improvements and efficiencies for use in information operations. We recently established a senior - level forum to address Information Operations policy and process issues, responding to long - standing congressional interest in the development of just such a policy body. We also created, one year ago, the Information Operations Technology Center at Fort Meade, MD. The IOTC is another of our joint DoD and Intelligence Community activities, providing advice and developing techniques that can protect US infrastructure and systems.
We have also actively participated in DoD War Games like the EVIDENT SURPRISE series established by US Atlantic Command and incorporated the threats posed by information warfare into an increased number of other exercises. After my testimony, you will hear from General Minihan, Director, National Security Agency, about the US government's cyberwar exercise, "Eligible Receiver". Eligible Receiver was an information war wake - up call of the highest order. It highlighted in very clear terms the importance of today's hearing and the work that still lies ahead.
最后,我们必须认识到,执法的d the private sector are essential parts of our response to this emerging threat. Our Intelligence Community's information warfare efforts include support to the Department of Justice's National Infra-structure Protection Center which was commissioned in response to recommendations of the President's Commission and the joint efforts of the NSC Interagency Working Group on Critical Infrastructure. We are very much engaged in providing technical, analytic and management personnel to the Center as well as needed intelligence support. The NIPC will provide the very critical bridge between government and the private sector. As you know, the private sector is being "hit" every day by hackers. We need to do more to inspire the confidence to work together and to share information with industry to learn more about these attacks, to discover whether they emanate from foreign sources and to become partners in developing the technology required to deflect future attacks.
主席先生,我们今天提出的担忧 - 尽管在许多美国人的脑海中还没有在前燃烧器上 - 实际上是紧迫的。我们现在必须关注这种威胁。
实际上,2000年的方法使我们的工作变得更加重要。人们普遍可以理解,“ 2000年问题”对我们的系统构成了固有的风险,但是鲜为人知的是,2000年还为我们的对手提供了特殊的机会。例如,我们对外国软件开发的依赖是引起人们关注的原因。具有敌意意图的外国参与者可能会试图将2000年的问题开发为自己的目的。随着我们的到来,我们必须做更多的事情,而不仅仅是确保我们的系统在2000年1月1日运行,但是它们的功能并且它们是安全的。
These are enormous challenges. As we all recognize, Information Warfare defies conventional and even many unconventional intelligence methods. Intelligence disciplines traditionally have focused on physical indicators of activity and on mechanized, industrially - based systems. With the advent of Information Operations, we are faced with the need to function in the medium of 'cyberspace' where we will conduct our business in new and challenging ways.
At the end of the day, the Intelligence Community must be positioned to provide warning of cyber - threats. This warning must go to national leaders and the military of course. But we also must develop ways and means to warn the private sector and the leaders of our economy.
However, our efforts must extend beyond warning. As a nation, we will need to detect attack, withstand assault if launched successfully against us, and then aggressively prosecute action against the attackers. The Intelligence Community cannot do all this alone, nor can the Department of Defense, nor can the Department of Justice or private industry. In this new world of cyber - threats, we will need to work together in partnerships unlike any in our history.
Mr. Chairman, we have made a solid beginning, but we have a long way to go. I appreciate your efforts to bring this vital issue before the public and for your interest in our work in the Intelligence Community. Protecting our infrastructure is a topic which will only grow in importance as we enter the twenty - first century. It concerns all of us. I look forward to working with you in the future as we build on the foundations we are laying today.