Deutch favors center to avoid 'electronic Pearl Harbor'

Predicting that the United States would face "very, very large and uncomfortable incidents" at the hands of cyber-terrorists, CIA Director John Deutch last week pledged to boost U.S. intelligence gathering of foreign information warfare threats.

In testimony before the Senate Governmental Affairs Committee's Subcommittee on Permanent Investigations, Deutch admitted that the U.S. government is currently "not well-organized to address" the threat of foreign attacks on public switched networks and government systems. However, he claimed that U.S. intelligence is "fully alerted" to that potential threat.

Deutch said the problem is not one of money and added that the CIA has "the resources necessary to do the job."

A report issued earlier this month by the subcommittee criticized the U.S. intelligence community for allocating meager attention and resources to information warfare threat assessment.

Adequate information warfare data collection "is not presently a priority of our nation's intelligence and enforcement communities," the report said, noting that the CIA's Information Warfare Center staffed "barely a handful of persons" dedicated to threat analysis.

According to the report, "A senior member of the intelligence community responsible for collection of such data compared it to 'a toddler soccer game, where everyone just runs around trying to kick the ball somewhere.' "

Deutch said that by Dec. 1 the intelligence community would release a new, "highly classified national intelligence estimate" that would focus "on foreign attacks on the public switched telephone network system of this country" as well as other data systems operating "critical parts of our infrastructure." That report is expected to bring together analysis by the CIA, the Justice Department, the Defense Information Systems Agency, the military services and the FBI, he said.

Deutch also said he and Deputy Secretary of Defense John White are working to create a "communitywide" Information Warfare Technology Center staffed with 1,000 people and located at the National Security Agency, Fort Meade, Md. Deutch did not elaborate except to say that the center would produce tools - such as analysis and threat-assessment tools - for civilian, military and intelligence agencies "to deal with the emerging threat."

The center would result from a reorganization of the National Security Agency and would not require hiring new personnel, he said.

While sounding optimistic about future success in gathering data on foreign information warfare threats, Deutch nevertheless suggested that large-scale attacks on U.S. infrastructures are all but unavoidable.

"I don't know whether we will face an electronic Pearl Harbor, but we will have, I'm sure, some very unpleasant circumstances in this area," he said.

The intelligence community has traditionally had a hard time gathering data on information warfare, according to former NSA director Ed Hart, now a corporate vice president at Science Applications International Corp.

"Over the past two or three years, at least one National Intelligence Estimate was drafted on the threat of information warfare," he said.

But the estimate "had rather 'bland' conclusions," Hart added.

"Such estimates are based on factual findings," he said, "and in this case, they were unable to identify any 'smoking guns.' I don't think this should surprise anyone because if [you are a hacker who is] good at this sort of business, you work pretty hard to ensure you are never detected, much less caught."