AnalysisHow far should government go to make the Web secure?
If hackers take over a nuclear plant’s control system, should the president order the computer networks shut down? If there is a terrorist attack, should the government knock users off other computer networks to ensure that critical systems stay online? Should the government be able to dictate who companies can hire and what they must do to secure the networks that affect Americans’ daily life?
There is no kill switch for the Internet, no secret on-off button in an Oval Office drawer. Yet, when a Senate committee was exploring ways to secure computer networks, a provision to give the president the power to shut down Internet traffic to compromised Web sites in an emergency set off alarms (see 31 August 2009 HSNW). Corporate leaders and privacy advocates quickly objected, saying the government must not seize control of the Internet.
AP reports that lawmakers dropped it, but the debate rages on. How much control should federal authorities have over the Web in a crisis? How much should be left to the private sector? It does own and operate at least 80 percent of the Internet and argues it can do a better job.
“We need to prepare for that digital disaster,” said Melissa Hathaway, the former White House cybersecurity adviser. “We need a system to identify, isolate and respond to cyberattacks at the speed of light.”
So far at least eighteen bills have been introduced as Congress works carefully to give federal authorities the power to protect the country in the event of a massive cyberattack. Lawmakers do not want to violate personal and corporate privacy or squelching innovation. All involved acknowledge it isn’t going to be easy.
For most people, the Internet is a public haven for free thought and enterprise. Over time it has become the electronic control panel for much of the world’s critical infrastructure. Computer networks today hold government secrets, military weapons specifications, sensitive corporate data, and vast amounts of personal information.
Millions of times a day, hackers, cybercriminals, and mercenaries working for governments and private entities are scanning those networks, looking to defraud, disrupt or even destroy.
Just eight years ago, the government ordered planes from the sky in the hours after the 9/11 terrorist attacks. Could or should the president have the same power over the Internet in a digital disaster?
If hackers take over a nuclear plant’s control system, should the president order the computer networks shut down? If there is a terrorist attack, should the government knock users off other computer networks to ensure that critical systems stay online? Should the government be able to dictate who companies can hire and what they must do to secure the networks that affect Americans’ daily life?
Government officials say the United States must improve efforts to share information about cyberthreats with private industry. They also want companies to ensure
