Cyber-Preparedness

May 13, 2002

One area of vulnerability that received attention after last fall's terrorist attacks was computer networks, especially those that run major public and private services, such as water supplies.

While terrorists have launched no cyber-assaults in the months since 9/11, experts caution that the danger remains high. Is enough being done to prevent or fend off such attacks?

Reassuringly, various levels of government, as well as industry, are taking protective action. Harris County, Texas, for instance, has done a number of tests of its ability to bring its systems back up if they were ever knocked out by an attack. Using unaffected computers at a remote location, the county's technology officers regularly practice their revival techniques.

Many states were on computer-security alerts long before the attacks, since attempted intrusions by hackers can be a regular occurrence. At least 10 states have pending legislation to fight cyberterrorism. California, Georgia, and Pennsylvania have passed laws to more clearly define such terrorism and strengthen penalties for attacks on computer networks.

A challenge for governments, as well as businesses, is to stay on top of the software fixes issued by companies such as Microsoft and others to patch vulnerable spots in networks.

Software developers are at work, meanwhile, crafting programs that can anticipate attacks, or even give would-be intruders misleading data that thwart their efforts.

There can't be too much vigilance on this front. Recent computer-security problems of the US Interior Department – with government sleuths demonstrating how easy it was to break into sensitive areas like the Indian trust fund – illustrate how far even big government units have to go. The move toward greater preparedness must be sustained.