Thank you Mr. Chairman and Senator Lieberman for providing the opportunity to discuss cybersecurity. In this new age of information warfare, no issue is of more vital importance to our security.

A cyber attack against our national information infrastructure would affect the integrity of our telecommunications, energy, banking and finances, transportation, water systems, and emergency services. As the Ranking Member of the Subcommittee on International Security, Proliferation, and Federal Services, I applaud all efforts to call attention to this issue. It is one in which the subcommittee has also been involved . The Chairman and Ranking Member deserve great credit for the effort that they have made to heighten awareness of the threat while proposing methods to counter the threat.

Computer hacking can no longer be labeled benign mischief. Once, those who gained unauthorized access to government and private sector computer networks were heralded as technical icons, whose exploits were lionized by the popular media. That is not the reality any more. Now hacking is a federal crime at the very least - at the worst, an international act of aggression. As Deputy Secretary of Defense John Hambre has stated, "We are at war - right now. We are in a cyber war."

Total losses from cyber fraud, including loss of service, recovery, and restoration costs, are estimated to be in the hundreds of millions of dollars. We now know that hostile countries have, or are developing, the capability to engage in overt and covert information warfare.

Last year alone there were more than 20,000 cyber attacks on Department of Defense networks alone. Astonishingly, we do not know who was behind the majority of those attacks.

In 1998, during a period of increased tensions with Iraq over United Nations weapons inspections, over 500 U.S. military, civilian government, and private sector computer systems were attacked. What was first thought to be a sophisticated Iraqi cyber attack proved to be a rather unsophisticated, yet highly effective attack by two juveniles from California with the cooperation of several individuals in Israel.

Last month, cyber-based denial of service attacks had a dramatic and immediate impact on many Americans and resulted in the loss of millions of dollars when several large e-commerce sites were shut down for several hours.

Just recently a student at a major university was arrested and charged with hacking into federal government computers at the National Aeronautics and Space Administration (NASA) and the Department of Defense where he was able to read, delete, and alter protected files and intercept and save log-in names.

Clearly, cybercrime has become a pervasive problem. And it is getting worse. According to FBI Director Louis Freeh, cybercrime is one of the fastest evolving areas of criminal behavior and a significant threat to our national and economic security. The escalation of cybercrime is rapidly overwhelming our current capability to respond.

Current technology has thus far failed to provide adequate safeguards for critical infrastructure networks. The Internet is international, knowing no boundaries and no ownership. Any attempt to stifle its growth and development would be counter productive to the economic interests of America. A variety of easy to use sophisticated hacker tools are freely available on the Internet, available for use by anyone in the world with an inclination to mount a cyber attack.

Today, the United States has little ability to detect or recognize a cyber attack against either government or private sector infrastructures and even less capability to react. Nevertheless, we must, through cooperative public and private sector efforts, develop adequate defensive technologies to neutralize threats. Without new defenses, it is likely that attacks will occur with greater frequency, do more damage, and be more difficult to detect and counter.

In January 2000, President Clinton unveiled his "National Plan for Information Systems Protection," which proposes critically needed infrastructure improvements with milestones for implementation. This multifaceted plan promotes an unprecedented level of public/private cooperation, and proposes 10 programs to assess vulnerabilities, and significantly enhance capabilities to deter, detect, and effectively respond to hacking incidents. It also calls for vital research and educational enhancements to train adequate numbers of desperately needed information security specialists and sustain their perishable skills.

Our continued leadership and prosperity in the global economy may well hinge on our national commitment to act as leaders in bringing information assurance to the global information environment we have helped to create. I commend the Chairman and Ranking Member for their leadership in calling attention to this particularly insidious problem by their introduction of S.1993, the Government Information Security Act. I welcome our witnesses, and look forward to hearing their testimony today.