Globe Editorial

Plan cyberwar defenses now, before any attacks succeed

June 28, 2010

E-mail this article

Invalid E-mail address
Invalid E-mail address

Sending your article

Your article has been sent.

Text size +

IN DECEMBER, Google and 30 other large companies in the finance, technology, media, chemical, and Internet sectors were targets of a cyber attack that most likely originated in China. Fortunately, the attack failed to disrupt our way of life, but it exposed a troubling flaw in America’s counterterrorism strategy: Nearly nine years after 9/11, our vast cyber-communications network is vulnerable to those who wish to breach our personal privacy, steal our secrets, and even physically harm us.

Recognizing this oversight, the Senate is now considering a bill that would strengthen the mechanisms by which government and private industry protect the safety and security of the Internet. The bill, filed by Senator Joseph Lieberman of Connecticut, represents a thoughtful, if imperfect, first attempt to deal with a serious threat.

The measure would consolidate power within the government to oversee and legally monitor the nation’s communications network. This would be carried out through two new offices, one within the White House to direct nationwide cyber-security efforts and another within the Department of Homeland Security to protect the government’s own networks. Because online threats are multi-faceted and lack clearly delineated boundaries, it would be beneficial to have these government officials, who are accountable to the public, tasked with monitoring and responding to cyber threats as they develop.

Thankfully, Congress is considering the bill before a major cyber-terrorism attack has been carried out successfully against the United States. This should allow senators to consider the bill unclouded by the inevitable panic an attack would trigger. While much of the bill would move the nation’s cyber security in the right direction, the Senate should nonetheless reconsider some of the legislation’s vague language and unclear measures.

Opponents have let on that the bill would give the president a “kill switch” to “shut down” the Internet in the case of a national emergency. It doesn’t. In fact, current law provides the president nearly unchecked power to control the nation’s communications network in the case of an emergency. This new law would vastly decrease that power. The “kill switch’’ controversy is only a distraction from the bill’s real flaws: for instance, it doesn’t adequately spell out what the president can and can’t do once an emergency has been declared, nor does it fully define the degree of attack that would require government oversight and action. Since computer networks are attacked every day, it would be wise to set a very high bar for presidential action.

Worse yet, the bill all but ignores the threat these new measures would pose to the First Amendment. If the president ever does interfere with privately owned cyber networks, Americans may be hampered in their ability to speak publicly, communicate privately, and do business. Any response to cyber terrorism should tread lightly on the very rights terrorists hope to dismantle in the first place. A clearer definition of the president’s powers should be added to the legislation now, before that power is exercised.

Congress can’t expect the executive branch to curb its own authority. While the bill improves current law by limiting the president’s emergency powers, it doesn’t go far enough. To better balance national security with the preservation of civil liberties, Congress should narrow the definition of what constitutes an emergency and better define what the president can — and more importantly, can’t — do if America comes under attack.

More opinions

Find the latest columns from: