U.S. could close Gates on hackers, terrorists

[InfoSec News <isn () c4i org>]

http://www.businesstoday.com/business/technology/cap10152001.htm

Capital Focus
by Ted Bunker 
Monday, October 15, 2001

Here's a chance for Bill Gates to redeem himself politically.

Our nation is under attack, and our computer systems are undeniably
vulnerable - a House Science Committee hearing made that all too clear
last week. But there's no major government funding source for computer
security research, and with so little money out there, few academics
focus on the subject.

There's no question the problem is immense. But it's one that Gates
could help solve. And solve it soon we must.

Cyber terrorists could find it relatively easy to subvert critical
control systems, experts warn. To a large degree, our nation's
businesses and government agencies rely on such ``Maginot line'' forms
of defense as firewalls that are notoriously porous.

``It's a notion that there's bad stuff out there and good stuff in
here and we want to protect what's in here against the bad guys out
there. That model doesn't work,'' said William A. Wulf, president of
the National Academy of Engineering.

All too often, Wulf said, hackers penetrate computer security screens
because of underlying design flaws. Such flaws can be quickly
exploited by hackers - and they are working hard out there.

Robert Weaver, the Secret Service agent who runs the New York
Electronic Crimes Task Force, told the panel that since his operation
began in 1995, more than 800 people have been charged involving cyber
crimes that have resulted in $525 million in losses. The experts say
U.S. computer systems run amid a constant background of cyber attacks.
The wonder is why the bad guys aren't more successful.

Even our military could be vulnerable. Four years ago, Wulf said, a
small hacker group brought a joint-services exercise to a halt largely
by using simple denial-of-service attacks.

Despite the great need for better cyber security, there are relatively
few students choosing that specialty. Eugene Spafford, a Purdue
University professor speaking for the industry's Association for
Computing Machinery, said only 23 computer security Ph.D.s were
granted in the last three years by 24 top universities.

A big reason, Spafford said, was the lack of long-term dedicated
research funding. Gates could make a big difference here. And by doing
so, the principal character behind Microsoft's antitrust case could go
a long way toward remaking his public image.

Gates, worth about $50 billion, could flip $1 billion into a nonprofit
institute set up to fund and encourage computer security research.
Resources of that magnitude could ensure a steady stream of new
research talent and interest. And by keeping the government at arm's
length, lingering public fears of intrusions on computer privacy could
be eased.

But that's not all that's needed.

Experts say the Digital Millennium Copyright Act makes some needed
research illegal. And pending bills would make matters even worse,
they warn. Congress can and should do something about both, and fast.

Meanwhile, Bill Gates should seize the opportunity to step up and make
a lasting difference.


Talk back to Ted Bunker at bostonherald.com and listen to him on
Business 1060-AM's ``Bulldog Edition'' weekdays at noon.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.