Study: US Not Prepared for Net Attacks
If the United States were to suffer from a catastrophic Internet disruption, it is likely that there would be a significant impact to both homeland and economic security. A report issued by the Business Roundtable Friday claims that the country is ill prepared for such an event.
The Business Roundtable is made of 160 CEOs from America's largest companies. The group says that there is too much ambiguity in what the response would be from both the public and private sectors.
"If there's a cyber disaster, there is no emergency number to call - and no one in place to respond because our nation simply doesn't have the kind of coordinated plan in place that we need to restart and restore the Internet," State Farm chairman and CEO Edward Rust said.
Rust also chairs the Roundtable's cyber security working group. He argued it was essential that a plan be devised to deal with such an event. Many of the problems that were uncovered looked similar those found with the disaster response to Hurricane Katrina.
First, there is no early warning system to monitor cyber attacks and whether or not they are spreading rapidly. Additionally, public and private sectors that would oversee any recovery have either unclear or overlapping responsibilities, which could slow down the effort considerably.
Finally, there are insufficient resources and support to make a recovery possibly. The Roundtable found that the National Cyber Security Division, a government entity, has little funding that is earmarked for recovery from cyber attacks.
With these problems, a large part of the Internet could be disrupted, whether it be a major attack, software problem, or even a natural disaster, the group concluded.
"If our nation is hit by a cyber Katrina that wipes out large parts of the Internet, there is no coordinated plan in place to restart and restore the Internet," said John J. Castellani, President of the Roundtable. Castellani noted that copies of the report have been sent to both Congress and the Department of Homeland Security.
Recommendations to improve on planning include leadership from the technology industry itself in rebuilding damaged infrastructure as soon as possible. Federal government must also take a clearer role in assigning responsibilities, as well as providing the necessary funding.
In the private sector, the group recommended companies appoint a person to serve as the head of the recovery efforts, and make plans for how a disruption would be handled.
In the end, the group said the best thing would be for the private and public sectors to work together on plans as much as possible. "We need a national response to this challenge, not separate business and government responses - and that means better collaboration," Castellani said.
"Because of the widespread consequences of a massive cyber disruption, our nation cannot wait until an incident occurs to start planning the response," he warned.