ENCYCLOPEDIA OF Espionage, Intelligence, and Security Volume ...

Cyber Security Warning Networksystem, and can often add more layers to the operation ofthe computers. Until an attack, the value of the cybersecurity will be invisible. Thus, users and administratorscan resist the implementation of cyber security measures.Without dedicated scrutiny, the cyber security measuresthat are in place can lapse over time, creating opportunitiesfor breaching of the system.❚ FURTHER READING:BOOKS:Bosworth, Seymour (ed.) and Michel E. Kabay. ComputerSecurity Handbook. New York: John Wiley & Sons,2002.National Research Council, Computer Science and TelecommunicationsBoard. Cyber Security Today andTomorrow: Pay Now or Pay Later. Washington, DC: TheNational Academies Press, 2002.Northcutt, Stephen, Lenny Zeltser, Scott Winters, et al.Inside Network Perimeter Security: The Definitive Guideto Firewalls, Virtual Private Networks (VPNs) Routers,and Intrusion Detection Systems. Indianapolis: NewRiders Publishing, 2002.ELECTRONIC:How Stuff Works. ”How Firewalls Work.“ Jeff Tyson. (15December 2002).SEE ALSOCodes and CiphersElectromagnetic PulseInternet SpiderCyber SecurityWarning Network❚ JOSEPH PATTERSON HYDERCommunication is critical during a time of national crisis.Emergency personnel need the ability to communicatequickly and effective with their colleagues in other parts ofthe country. In wartime, generals must remain in closecontact with commanders and troops in the field. In thecomputer age, all communications systems—telephones,cellular phones, email, and others–are intertwined. Acyberattack that takes down the Internet by attacking rootservers would also have a profound effect on all forms ofcommunications, which rely on switches and routers torelay signals. Therefore, a cyberattack coordinated withother terrorist attacks or occurring during wartime couldEncyclopedia of Espionage, Intelligence, and Securityhave catastrophic effects on national security and theeconomy.In 2001, the George W. Bush administration and emergencyresponse officials began studying what would havehappened if an attack on America’s communicationinfrastructure had coincided with the September 11, 2001terrorist attacks. The more important question, however,was how to stop such an attack. The result was the CyberWarning Information Network (CWIN), part of Bush’sNational Strategy to Secure Cyberspace.Although the CWIN is not fully operational as of2003, one proposed function of the CWIN is to preventcyberattacks. The CWIN will accomplish this by creatingseveral industry specific workgroups, or Information Sharingand Analysis Centers (ISACs). Each ISAC will monitorInternet activity and cyberattacks on Web sites and Internetinfrastructure within its sector. The government agencies,companies, and network security firms involved inthat ISAC will then communication with each other oncyberattacks and increase security to prevent future attacks.IF action is taken quickly enough, an ISAC will beable to stop the spread of computer viruses before theystrike important systems.The Clinton administration developed the ISAC concept.Currently, ISACs exist for each of the followingsectors: information technology, banking and finance,telecommunications, chemical, and energy. The Bush administrationworked with government agencies and theprivate sector to develop ISACs for public transportationinfrastructure, water treatment, and agriculture and food.While the idea of sharing information about particularnetwork security vulnerabilities in order to increase securityfor all interested parties was considered favorable,many private sector members have been slow to volunteernetwork and software security problems. The Freedomof Information Act covers the CWIN, so these organizationshave shown hesitancy that any information sharedwith fellow ISAC members might become public. Untilthese companies receive a privacy guarantee from thegovernment, CWIN will not function as effectively asintended.The second major function of the CWIN will be toallow each ISAC to operate as an individual network, evenif the entire Internet is damaged in a cyberattack. This willallow ISAC members to continue to exchange criticalinformation if all other communications systems are down.The CWIN will accomplish this by establishing an independentIP network for each ISAC.Critics have found flaws with the CWIN on both conceptualand organizational grounds. Detractors argue thatin order for the CWIN to be effective, the private sector andnetwork security professionals will have to play a majorrole. So far, the government has offered few incentives forthe private sector to invest the money and labor necessaryto accomplish this objective. The Department of HomelandSecurity has also concerned some of the private301