|
|
|
|
|
Government/Military Officials |
|
|
|
|
|
Arquilla is associate professor of defense analysis at the Naval Postgraduate School. An expert on unconventional warfare, he tells FRONTLINE that the world is now experiencing an "information arms race." In this interview, Arquilla discusses some of the offensive cyber tactics the U.S. has used in the first Gulf War, Kosovo and Afghanistan. He also warns that hackers have the ability to do much more damage than they have yet done. "What we are really talking about is a social gulf between those who have the skills to do costly disruption and those who are radical enough to do it," he says. This interview was conducted on March 4, 2003.
|
|
|
|
|
|
Clarke was White House cyber security adviser from October 2001 to March 2003, heading up the President's Critical Infrastructure Advisory Board. In this interview, he discusses the many vulnerabilities of cyberspace, the evidence that points to Al Qaeda's cyber capabilities, his views on liability laws and federal regulation for cyber security, and why he believes the new U.S. National Strategy to Secure Cyberspace is "a great success story." This interview was conducted on March 18, 2003.
|
|
|
|
|
|
Hamre was deputy secretary of defense from 1997-1999. He is now president and CEO of the Center for Strategic and International Studies. In this interview, he discusses a Pentagon exercise code-named "Eligible Receiver," which proved the Pentagon's computers were vulnerable to cyber attack, as well as a series of intrusions into Pentagon systems in an incident known as "Moonlight Maze." However, he tells FRONTLINE that although he believes cyber terrorism is a "serious problem," compared to physical, biological, and chemical attacks, he would rank cyber terrorism towards the bottom of the scale of threats the government needs to worry about. "Cyberspace is changing all the time," he says. "It's not like the physical world, where routines are fairly stable." This interview was conducted on Feb. 18, 2003.
|
|
|
|
|
|
James Lewis is a senior fellow and director of technology policy at the Center for Strategic and International Studies. Prior to joining CSIS, he spent 16 years at the Departments of State and Commerce. He calls cyber tactics a "weapon of mass annoyance" rather than a weapon of mass destruction. Lewis also argues that the debate over the threat of cyber war is being dominated by computer experts and that the expertise of national security and defense personnel is needed for a serious evaluation of the threat. This interview was conducted on Feb. 18, 2003.
|
|
Security Experts |
|
|
|
|
|
He is chief security strategist of the Microsoft Corporation. In this interview he discusses the nature of the threat of cyber war, the measures Microsoft has taken to improve security, the issues of regulation and liability laws to enforce security, and the newly defined partnership between government and the private sector to secure cyberspace. This interview was conducted on March 20, 2003.
|
|
|
|
|
|
He is director of Information Assurance Strategic Initiatives for Computer Sciences Corporation's Homeland Security program and the former director of the FBI's National Infrastructure Protection Center. In his interview he talks about some of the events which defined for the government the national security threat of cyberspace, and the scenario which keeps him awake at night. He also discusses key issues the U.S. must address to secure cyberspace and the importance of new government provisions allowing more information sharing between the private sector and government. This interview was conducted on March 18, 2003.
|
|
|
|
|
|
He runs a company which is listed by the U.S. government as a professional military company. He has 20 years experience in defense, intelligence, information operations, corporate finance and technology development, and consults on critical infrastructure protection, information security and assurance, intelligence, finance, and technology for multinationals and governments. For this interview he asked FRONTLINE to disguise his appearance and voice. He tells FRONTLINE about the nature of information warfare, the U.S.'s vulnerabilities, Al Qaeda's capabilities, and the prospects for solving cyberspace's security problems. This interview was conducted on March 6, 2003.
|
|
|
|
|
|
He is chief executive officer, Cyber Defense Agency and Chairman of the Professionals for Cyber Defense. In February 2002, he was one of more than 50 scientists and national leaders who sent a letter to President Bush calling for a Cyber Manhattan Project. In this interview, he discusses why it's realistic that the U.S. might be hit by a destructive cyber attack and describes what might happen in the first few days. He also talks about why the power grid would be a prime target, the vulnerabiltieis of SCADA systems and software, and the flaws he sees in the recently released National Strategy to Secure Cyberspace. This interview was conducted on Feb. 13, 2003.
|
|
|
|
|
|
Skroch manages the Information Operations Red Team and Assessments (IORTA) group at Sandia National Laboratories. When hired by corporations or governmental agencies, the red team plays an adversarial role, hacking into computer systems to assess and improve information security. In this interview Skroch describes how U.S. critical infrastructure, including SCADA systems, has become more reliant on computers and information technology and how that has created new vulnerabilities. He tells FRONTLINE, "There's no reason that U.S. infrastructures could not be secured from cyber attack," but warns that implementation of information security technology must move at a faster pace, before the U.S. experiences the equivalent of a "cyber Pearl Harbor." This interview was conducted on March 13, 2003.
|
|
|
|
|
|
He is a control systems engineer with KEMA Consulting and a leading expert in control system security. He was technical manager for 15 years at the Electric Power Research Institute (EPRI) and its Enterprise Infrastructure Security Initiative (EIS). In this interview he explains the critical connection between digital control systems, such as SCADA, and America's infrastructure and how these systems' vulnerabilities could be exploited to launch a destructive attack on the infrastructure. He also talks about the "abysmal lack of knowledge" about the cyber security of control systems, and why experts on these systems need to be brought into the debate over security issues. This interview was conducted on March 5, 2003.
|
|
|
|
|
|
He is vice president of Managed Security Services Operations for Symantec and was director of the Vulnerability Assessment and Assistance Program (VAAP) for the U.S. Department of Defense Computer Emergency Response Team (DoD/CERT). He discusses how his Security Operations Center observed in real time the Slammer worm and its propagation around the world and he outlines its significance. He also talks about the overall level of sophisticated attacks they're observing, what the monitoring reveals about the threat level, and how the U.S. can create better security for its infrastructure. He says the country needs to create a culture where security is a requirement to do business. "If we create the culture and the environment where security weaknesses will not be tolerated, and it's top-down driven, and it's supported, it will be supported from the bottom up." This interview was conducted on March 19, 2003.
|
|
|