Cybersecurity efforts stalled as Obama eyes Afghanistan

Critics say a perfect storm is brewing and a 'Digital Pearl Harbor' grows more likely

In May, President Obama unveiled an ambitious plan to protect the nation's cyber infrastructure that included as its centerpiece a new West Wing-based cybersecurity coordinator. Legitimate criticism abounded over parts of the plan, but there was still cause for optimism. At the very least, it seemed like Obama had a firm grasp of the threat at hand.

Six months on, I'm not so sure anymore.

[ A cybersecurity task force has reported Smart Grid vulnerabilities could cause widespread disruptions. | Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

Also see Cybersecurity Announcement: Obama Moves in the Right Direction

Tonight, the President will unveil his plans for Afghanistan in a speech at West Point after months of intense debate over how many more troops to send in to turn the tide against a resurgent Taliban. It's a matter of critical importance to be sure. The lives of our troops are on the line, and as a country we seem to have lost our way in the war against Al-Qaida.

But as Obama himself noted during the 2008 presidential race -- when John McCain suggested the campaign be suspended so the candidates could return to Washington to focus solely on the then-unfolding economic meltdown -- presidents have to be able to manage multiple crises at a time.

In the case of cybersecurity, Obama is failing to live up to his own words.

See also: 5 Must-Do Cybersecurity Steps for Obama

Six months on, we're still waiting for Obama to name the cybersecurity coordinator. In fact, we haven't heard him say much of anything since his initial speech in late May. In journalism, we call that failing to follow up.

Ira Winkler reminded me of what's at stake in his most recent column on I Was Wrong: There Probably Will Be an Electronic Pearl Harbor.

Winkler, long a critic of the Digital Pearl Harbor concept, said the emerging smart grid is forcing him to reconsider his earlier position:

"The researchers from IOActive demonstrated that smart grid boxes can be hacked and that they can spread worms. Not only that, the boxes themselves will be connected to every home and be available to anyone," Winkler wrote. "Anyone therefore has access to the smart grid. With tens of millions of the boxes planned to be distributed throughout the United States, potential attackers can easily get their hands on the systems to tear apart and find new vulnerabilities and attacks. More important, when there is a vulnerability found, how will it be mitigated?"

He concluded that a perfect storm is brewing where the skills and resources required to launch a significant attack is being drastically lowered. "Depending upon the effects of a possible worm on the smart grid boxes and the vulnerability of the generators," he wrote, "there can be a combined attack that does have strategic impact."

Another wake-up call came in July, when a botnet of about 50,000 infected computers were programmed to wage war on U.S. government websites, which spilled into the private sector and caused headaches for businesses in the U.S. and South Korea.

My colleague, Joan Goodchild, explained the nature of the botnet threat from the perspective of those who find and fight them in her recent article, The Botnet Hunters. The easy availability of hijacked computers as weapons of mass infection has mostly been to the benefit of cyber crooks looking to steal rather than destroy. But terrorists are also using them to spread online chaos.

"To hear about some of the things these security investigators have seen in their line of work is to hear tales of ominously growing infected networks with implications that have yet to be seen. And it is scary stuff," Goodchild wrote.

Botnet hunters Andre DiMino and Steve Santorelli told her, for example, that the rise of the now well-known worm Conficker is one of the most troubling moments in IT security history in recent years. "It is one of the more disturbing peer-2-peer botnets because it is very big, and it became a media sensation," said Santorelli. "But more disturbing than anything else about it is we haven't actually seen what it is going to be used for yet. Conficker has infected, by some estimates, millions of machines around the internet, but it isn't actually doing anything yet. A lot of people are very concerned about what it's for."

"Having been used to enumerating botnet drones in the thousands, tens or hundreds of thousands, seeing a multi-million node botnet rapidly propagate was quite alarming," added DiMino. "We were initially worried at the infection rate and extensive propagation, but then considering how such a botnet could potentially be used, was especially worrisome."

These are just a couple examples of the threat we face. It's a problem the White House has to deal with now, along with the problems of Afghanistan and elsewhere. It can't be set aside for later.

Bill Brenner is a senior editor at CSOonline and CSO Magazine. E-mail him your feedback at

This story, "Cybersecurity efforts stalled as Obama eyes Afghanistan" was originally published by CSO.

Copyright © 2009 IDG Communications, Inc.