Agencies Plot Cyberspace Defense

P> Senior government officials are assembling a new government-industry committee to write a blueprint for a ground-breaking nationwide cyberspace defense plan.

The blueprint is intended to help government, industry and the public debate and design a national defense against information warfare. Government officials say they are growing more concerned about information warfare attacks, such as hacker attacks, that could cripple the nation's computer-based services, the telephone network, power grid, air traffic control systems and banks.

Senior officials, including John Deutch, director of Central Intelligence; Jamie Gorelick, deputy attorney general; and John White, deputy secretary of defense, are expected to assemble the committee that will design the blueprint, said Jacobson. The committee may be publicly announced by early March, he said.

The officials may place the committee under the Justice Department, the White House or the Security Policy Board, he said. Once the committee is designed and selected, and its schedule and charter decided, the go-ahead will depend on winning approval from President Bill Clinton and Vice President Al Gore, he said. "It will be in the president's and vice president's lap," he said. Spokesmen for Deutch and Gorelick declined to comment.

However, many observers are skeptical that anything will come of this latest effort, which follows a failed effort last year to win Clinton's go-ahead for a White House-led review of information warfare defense proposals. Last year's effort foundered when senior officials couldn't solve the numerous privacy and business-related controversies raised by a government cyberspace defense strategy.

With the fast-approaching November presidential election, "the only thing you've got is downside risk.... Whichever way they go, they are in deep, deep trouble," said a Defense Department official.

For example, any effort by the government to get the telephone or computer companies to increase the nation's electronic defenses will be resisted by industry executives who are loath to restrict their business or spend extra money on security measures. Thus, industry officials have largely fended off the government's plan to promote the use of key-escrow encryption technology, which could allow industry to protect its data from electronic eavesdroppers while allowing the government to read criminals' private data.

And government efforts to protect citizens' and companies' information, such as financial, employment and health records, will be opposed by vocal privacy lobbyists, such as the Federation of American Scientists.

"We've heard [these arguments] from both barrels," said Jacobson. Because of these concerns, the committee on defensive information warfare will probably work with industry and privacy proponents, said Jacobson.

A likely avenue for industry involvement is the National Security Telecommunications Advisory Committee. This committee includes the CEO and senior officials from the nation's largest telecommunications companies, and it meets behind closed doors with government officials.

To win industry's approval for any cyberspace defense measures, "the government will probably have to write checks," Jacobson said. The government has already pledged to provide telephone companies with at least $500 million to ensure that FBI officials can eavesdrop upon criminals using the companies' new computerized phone networks.

The emerging plan for a committee was precipitated by a Dec. 19 memo sent by Deutch and White to Gorelick and Attorney General Janet Reno in the Department of Justice. The memo showed "how we believe it would be best to proceed on the problem of providing security for the national infrastructure," wrote Deutch and White.