04 March 2005
Cyber Czar
The President made a special trip to Langley to reassure the work force yesterday. I don't think it was the concern about Martha Stewart's release from federal custody. She will be under house arrest for a while longer anyway.
I have the oddest feeling of d'eja vu as I write that. Isn't this something that has happened before? I must have been dreaming it in the night. The footage of the visit was on the television last night while I talked to a friend on his radio show in another state.
The President made the trip to reassure Director Porter Goss and his restive workforce that the new structure will not undermine their position as America's preeminent intelligence organization. The fact that it has, and it will, made the visit that much more important.
Ambassador John D. Negroponte is not in town to defend his position. He is still in the Green Zone in Baghdad, and will not even face confirmation until April. That is not a good position to be in as deals are cut here. His position is being ''re-defined'' while he is out of town.
The President stood in the middle of the CIA seal on the floor of the eerie white marble formal entrance. That is where the statue of founder Wild Bill Donovan stands, and the stars inscribed on the wall that mark the employees who have died in the line of duty. The President said he stopped by to explain that the reforms will ''actually help the CIA do its job better."
Porter Goss has been making heavy going of it out at the Headquarters. He said he was working five hours a day just on the morning session he has with the President. That seems a little excessive to me, particularly in light of the fact that running the compound could take his full attention.
He used to have an assistant to do that, Mr. A. B. ''Buzzy'' Krongard, but Buzzy was fired in the first few minutes Mr. Goss was on the job.
His predecessor, George Tenet, used to close out his day with a meeting of the Small Group, composed of his most trusted leadership. So when he left the compound at night he had a pretty good idea of what was going to be coming at him in the morning. George knew his material, and he was able to brief the President after he got an update in the back of his armored sedan in the morning.
The media mostly concentrated on the fact that Mr. Bush actually talked about Osama bin Laden yesterday. It was unusual, and probably linked to the word that he had been in touch with his proxy in Iraq, Abu Musab al-Zarqawi.
I don't know quite what to make of it all, nor do I think it will get any clearer until Ambassador Negroponte gets back in town and starts to dig his own bunker. Mike Hayden is his designated Deputy, and he is watching from Fort Meade where he is still the Director of the National Security Agency. There is another restive intelligence workforce in Maryland, and no announcement on the succession to that job, either.
I was across town when Secretary Chertoff was sworn in by Justice Sandra Day O'Connor. He has been anxious to get on the job, and start filling the dozens of vacancies in his top administration.
I was at the Caucus Club, surrounded by the warm paneled wood of the Eisenhower Room, around the time the ceremony was held, lunching with the Cyber Czar.
He is actually the acting Cyber Czar. I have been an ''acting'' official before and it is an uneasy sort of thing. One generally takes the position with hope or resignation. The acting Czar seemed to be filled with both.
He was talking a mile a minute in front of the small group of industry players. We all have interests in his portfolio. He was talking so fast that I struggled to take notes and finally gave up. He was too quick for me, and the portfolio was too big and there was too little power to do much about it, except talk as fast as possible.
His job was once held by the famous Dick Clark, advisor to Presidents and Master of Y2K. The position has come down several notches in the world since then. It is now an Assistant Secretary position within the Office of Infrastructure Analysis and Infrastructure Protection in the Department of Homeland Security.
The job is as unwieldy as its organizational title.
The Czar is a sleek man who looks like a lawyer, not a technocrat. He believes his office has the responsibility to provide the nation with the capability to detect evidence of cyber attack, to defend against it, to mitigate its effects, and to reconstitute the system after the attack has concluded.
The question of attribution- that is, the ability to respond decisively against the entity that conducted the attack- is essential to the mitigation and reconstitution phases. I think that is what he said.
He ordered the medallions of beef. I longed to do the same, but resolved to try the seared salmon. He was talking about the cyber annex to the National Response Plan when it came, and I was pleasantly surprised by the firm texture and pleasing presentation.
Of the salmon, that is.
The Czar's problem is that the majority of the critical cyber infrastructure is in public hands and cannot be dictated to. Dick Clark, operating from the White House and with the prospect of the Y2K melt-down on his shoulder got away with a lot. But after nothing happened, Clark's mandate to dictate evaporated.
He drafted some ambitious Presidential Directives intended to protect us after that, but industry and the rest of the government was suspicious of him. I am convinced that his failure to bulldoze his way contributed to the bitterness with which he left the government.
There was some jocular back-and-forth about who exactly was left to do the work in Infrastructure Protection, since everyone else had quit at the end of the first administration. The Czar said they could do what they wanted, but they would pry him away from the office by his cold dead fingers. He thinks it is the most important mission in the government.
He skirted a variety of disclosed and undisclosed threats that had been addressed since he took over his position last October. He talked about the new National Response Plan, which is a good thing to have, and how he was going to make the Cyber Security Annex to the plan workable.
There was a lot of talk about wiring diagrams and coordinating committees, but I had stopped taking notes. My ears pricked up when he began to talk about Supervisory Control and Data Acquisition Systems.
I have been concerned about SCADA for a couple years, as I'm sure you have too. While not computers, per se, these systems regulate the functions of the physical infrastructures of the nation, the interface of the digital and the real.
SCADA controls critical infrastructure like pipelines and dams and the electrical grid. Once they stood alone as inviolate independent networks. Increasingly though, these systems are linked together and are now available for intrusion from the internet for the first time.
The Czar wants to know more about them, and who has the capability to hack into them. He spoke disparagingly about the intelligence community's ability to meet his requirements, and when I asked him if the new intelligence structure was going to help him, he snorted. He said bluntly that John Negroponte would have no effect whatsoever on meeting his requirements for intelligence collection on the threat.
Poor John isn't even in town and they are snorting over the medalions of beef at him already. The Czar relaxed a little as the coffee came.
He began a little soliloquy about the current phenomenon of Bot Nets.
"Bot" is the technical term for a computer that has been made a zombie by the surreptitious insertion of malicious software. He grimly said that hundreds of thousands of personal computers have been infected by malicious operating code which permits an outside entity to use them for a variety of purposes unknown to their legal owners.
The first of these is purely criminal, collecting keystrokes data from the computer keyboards. The point is to collect passwords, bank account numbers and credit card information for fraud and identity theft.
He then said there was something more curious. The British Security Services has identified a network of tens of thousands of networked Bots, the purpose of which was unknown. The clandestine network was doing nothing, but appeared to be a capability established for some time in the future. The network could have been created by a hostile nation state, creating a reserve capability to launch a massive cyber strike on command.
Such networks exist in the United States and in other developed nations, as well. While some have been created by teen-aged "script kiddies" and other cyber thugs for the propagation of SPAM, there are others that appear to be tools prepared for a massive strike against the nation's infrastructure. Waiting for the moment.
With this sobering observation, he concluded his remarks, swilled the last of his coffee, and swept from the room. He is a busy man, and a bully pulpit is a terrible thing to waste. I did not have a chance to get close to him and give him my business card.
I finished my coffee and wondered what my computer was doing back at the office.
Copyright 2005 Vic Socotra |