NCJ Number
190569
Date Published
2000
Length
46 pages
Annotation
This report examines the vulnerability of national communications and information infrastructure in the United States to external attacks and other disruptions.
Abstract
Findings are that even though the country is not in imminent danger of major cyberspace attacks, there should not be complacency about the possibility. Intentional infrastructure cyber-attacks are technically feasible; it is the probability of their happening that is uncertain. There has been no comprehensive survey of the infrastructure vulnerabilities to cyber-attacks or of the resilience of the country to accommodate them. Physical attack is one of high probability throughout the infrastructure. The government and the private sector must give it attention. Intelligence, early warning, and data sharing are collectively an early order of business. Energy supplies, telecommunications, and computer-based systems share an inescapable position and are collectively of first priority for attention and remedial actions. Without an ongoing supply of energy, an infrastructure will wind down to a state of inaction over a few days or a few weeks. The national telephone system is a singular point of concern because it provides the bulk of connectivity among computer systems, people, organizations, and functional entities. The Federal information infrastructure is considered to be unprepared on computer and network security issues. There are specific research and development (R & D) “cyber-issues” relevant to protecting critical infrastructures, particularly with respect to the computer system/telecommunication/information infrastructure. Immediate actions include improving the information security posture in both government and private sector; implementing studies to establish source of resilience and characterization of normalcy, and to specify R & D requirements; and establishing a warning mechanism and a supporting coordination center. Footnotes