Statement of US Senator Charles E. Schumer
Brookings Institution Symposium on Technological Change and American
Security
June 15, 2000
The 21st Century has dawned with America in the midst
of an unprecedented economic boom, driven in large part by what
has come to be known as the "new economy" - an economy
increasingly dependent and fueled by the stunning advances in high-technology
goods and services that have come to seem so commonplace.
The foundation of this "new economy" is, of course,
the Internet, and other rapidly advancing digital technologies that
comprise the "information revolution."
But while our high-tech advances are emerging at lightening speed,
providing all the benefits to our society of rapid economic growth
and prosperity, and helping make the US economy the envy of the
world, technological change is happening so fast it is creating
real and potentially catastrophic vulnerabilities to America's homeland
security.
And although emerging technologies are creating new opportunities
for our military's warfighting capabilities, they are also creating
new opportunities for those who mean to do us harm. Coming to grips
with this dilemma is one of the primary challenges for American
security in the 21st Century.
The new technologies having the biggest impact on our security
right now are information technologies. The key problem is that
while this amorphous entity known as "cyberspace" has
become the back-bone of our highly integrated, modern "E-Commerce"
economy, its is also the underpinning of our defense and intelligence
systems, as well as our nation's most critical infrastructures,
such as telecommunications, transportation, energy, and financial
services.
And the fact is, although the United States is far and away the
most technologically advanced nation on earth, we are also far and
away the most technologically vulnerable.
Not only are several countries, most notably China and Russia,
spending billions to enhance their so-called "netwar"
capabilities, which could conceivably threaten the entire US defense
infrastructure, but terrorist cells around the world - state-sponsored
and otherwise - are turning their attention to adopting cyber-terror
capabilities that could cripple the US economy and bring US cities
to their knees.
For example, experts say that several well-placed cyber-bullets,
known as "electronic sniffers," can potentially sabotage
a large portion of the American financial system, vaporizing billions
of dollars in the blink of an eye, and causing mass panic on Wall
Street. The boomerang effect of such an attack would be severe:
it could take months, if not years, for the financial sector to
recover, if at all.
And computer networks which comprise the backbone of other US
critical infrastructures, such as power grids, and telecommunications
and transportation systems, remain vulnerable to serious disruption,
if not outright shut-down. The consequences of a successful attack
on any of these systems - such as crippling the Northeast's air
traffic control network while hundreds of planes are in the air
- would, of course, be devastating.
While the recent well-publicized hacking and virus incidents -
such as the "Love Bug" attack - cost billions in lost
productivity and data, they have mostly been launched by mischievous
teenagers just out to cause trouble.
But these attacks have shown the underlying vulnerabilities of
our computer-dependent critical infrastructures to not just lone
hackers, but to coordinated attacks by sophisticated cyber- terrorists
who truly mean to do us harm.
And instead of a virus that disrupts e-mail service and forces
the temporary shut-down of systems, next time we may see the "real
thing."
So what is the United States doing to combat this new, and very
real threat to America's homeland security? Recklessly less than
we should be.
While the US is spending as much on defense as the next 7 nations
combined, we are not channeling nearly enough attention and resources
toward the problem of new technologies, and their effect on our
nation's security. Instead, we are still mired in a Cold-War era
defense spending mentality.
So as Congress forges ahead with the Air Force's $70 billion F-22
program - which will ensure US air dominance in a fight against
a Soviet Union which no longer exists - planning to defend against
the real threats of the 21st Century remains on the far
back burner.
For example, this year the Federal Government is spending $290
billion on our defense. Yet only $1.4 billion is being spent on
cyber-security and critical infrastructure protection; and 80 percent
of those funds are for the Department of Defense and the intelligence
agencies. What about the security of our other critical infrastructures?
This glaring mismatch between vulnerability and threat on the
one hand, and resource allocation on the other, has created an absurd
situation in which the US has become virtually invulnerable at the
conventional military level, but dangerously vulnerable against
"asymmetric threats" - threats against which we currently
have no viable protection.
So instead of the F-22 and the next multi-billion dollar amphibious
landing craft, maybe our military procurement needs to begin fully
taking advantage of what has come to be known as the "revolution
in military affairs" - the use of computers, electronics, sensors,
and even robotics and genetic technologies to maintain America's
edge in warfighting into the future.
That means more money for DARPA, and more guts in Congress to
begin moving away from anachronistic procurement policies.
The point I want to emphasize as we begin this important panel
discussion is that we simply can't neglect the emerging threat from
what can be called "weapons of mass disruption"
- information warfare, which has the potential to wreak major havoc
on our way of life.
And the bottom line is this: despite the new vulnerabilities created
by the information revolution, the problem of cyber-security and
critical infrastructure protection is not really on anyone's radar
screen. The Y2K scare came and went, and we now have a new, and
false, sense that the problem of cyber-security is relatively under
control.
But we should not have to wait for an electronic Pearl Harbor
in order for the US, as a nation, to wake up to this threat.
Now don't get me wrong - it will be an enormous, and ongoing,
challenge to successfully confront the problem of emerging technologies
and their effects on our homeland security and military readiness,
and we will require novel and sophisticated solutions. For example,
we cannot simply count on the federal government to protect our
critical infrastructures from cyber- terrorism, because the government
doesn't own or operate the networks that underpin most of our critical
sectors. So it's largely up to the private sector - the banks, the
brokerage houses, the telecommunications companies, etc. - to find
ways to protect their industries from the threats of this brave
new high-tech world.
And, just as importantly, our military war planning needs to move
further away from a cold-war mentality and further into the world
of 21st Century technologies.
|