Cyberspace Defense Plan Proposed by Reno

P> U.S. Attorney General Janet Reno has asked several cabinet members to create a national cyberspace defense "entity" and establish a cyberwar defense policy task force.

The memo represents the latest government effort to counter what intelligence and defense officials say is a new national security threat -- the threat of destructive hacker attacks against the nation's electronic infrastructure. Government officials say the nation's phone system, power grid and other critical information-based networks could be wrecked by hacker attacks sponsored by foreign countries.

Officials fear that such attacks could be launched through the Internet from foreign countries, and could cause more disruption to U.S. forces and the U.S. economy than the Scud missiles launched by Iraq during the 1991 Gulf War.

The cyberspace defense "entity" suggested by Reno would be headed by the FBI, and is intended to provide advice and technical help to agencies seeking to protect their critical information networks.

Reno's memo was sent to the secretaries of Commerce, Energy, Treasury and Transportation. The memo was also sent to John Deutch, director of Central Intelligence, John White, deputy secretary of defense, Louis Freeh, director of the FBI, and six other senior officials. The memo is marked "For Official Use Only."

FBI spokeswoman Jennifer Spencer declined to comment April 15. The memo was created after a long internal White House battle lasting at least one year, during which Deutch, White and others tried to win President Clinton's approval for a formal presidential review directive. If it had been approved, the directive would have created a governmentwide board to study the development of a national cyberspace defense policy.

The proposed task force would be overseen by the U.S. Deputy Attorney General, the U.S. Deputy Secretary of Defense and "a representative of one of the agencies reflecting civil concerns." The members of the task force would be government officials, who would work full time on development of the defense policy.

The proposed name for the task force is unclear. The subject of Reno's memo is "Critical Infrastructure Security," but the task force's purpose would be to "study infrastructure assurance issues." Government officials frequently link these terms with others such as cyberwar, information warfare and information assurance. One reason for their linkage is that government officials are trying to graft cyberwar defenses onto traditional security measures. These traditional measures include the FBI's Key Asset program, and the Pentagon's Key Asset Protection program, both of which are focused on physical protection, such as guards, barriers and fences, of critical people and sites, such as telephone exchanges.

During the drafting of the memo, senior officials rejected two of three alternatives suggested by a top-level Critical Infrastructure Working Group. These two options would have placed the cyberwar task force under a "Private Sector Presidential Commission... along the lines of the Commission on the Roles and Capabilities of the U.S. Intelligence Community," also dubbed the Aspin Commission, according to the working group's report.

The other option would have placed the task force under the Security Policy Board, a panel made up of officials from the Pentagon and the intelligence agencies. However, "the SPB is viewed negatively by some in the government [and] is also seen by many privacy advocates and industry representatives as being dominated by the defense and intelligence establishments and unsympathetic to privacy and market concerns," said the working group's report.

One reason for the government's caution is the memory of the Clipper chip controversy, during which industry executives and privacy advocates have largely scuttled a government plan to restrain the distribution of hard-to-crack commercial encryption technology. Industry officials say the government's plan would hurt foreign sales of U.S. software and computers, while privacy advocates say the plan is a government effort to suppress free speech. Unless commercial encryption technology is restrained, say government and FBI officials, law-enforcement authorities will lose their ability to eavesdrop upon criminals, organized crime and terrorists.

Related Washington Technology stories:

"New Info-War Doctrine Poses Risks, Gains" p. 1, Dec. 22, 1994.

"Infowar Disputes Stall Defense Policy," p. 1, May 25, 1995.

"Pentagon Developing Cyberspace Weapons" p. 1, June 22, 1995.

"Agencies Plot Cyberspace Defense" p. 1, Feb. 22, 1996.

"White House Edges Closer to Cyberwar" p. 12, March 21, 1996.