Can be Done to Reduce the Threats Posed by Computer Viruses and Worms
to the Workings of Government"
August 29, 2001
This hearing of the Subcommittee on Government
Efficiency, Financial Management and Intergovernmental Relations will
come to order.
The horrific events of September 11 were a wake-up
call that all too clearly illustrates this nation's vulnerability to attack.
We have known for a long time that airport security was lax, and we did
nothing to fix the problem. Intruders took advantage of that vulnerability
in ways that, for all of us, were unimaginable.
We must learn from this experience, but will we?
We have known for several years that our government's critical computer
systems are as vulnerable to attack as airport security. In 1997, the
General Accounting Office placed the security of government computers
on its government-wide high-risk list. In 1998, the Federal Bureau of
Investigation formed its National Infrastructure Protection Center to
gather information on computer threats and issue timely warnings about
those threats. It is now 2001, and the government has made little progress
in addressing computer security issues. Are we going to wait until these
vital systems are compromised -- or worse?
During the crises in New York and Washington, we
found that the nation's communication systems were not as strong as they
needed to be. Cellular telephones stopped working. City leaders were unable
to communicate with other officials in the immediate aftermath. In New
York, broadcast television services were interrupted. But imagine the
repercussions if attacks on the federal government's critical computers
were equally successful. national defense, communications, transportation,
public health and emergency response services across the nation could
be crippled instantly.
In addition to the threat of physical assault,
the nation's information technology systems are already under cyber-assault.
Following the terrorist attacks on New York and Washington, the "Nimda"
worm attacked computer systems around the world. "Nimda" shut
down banks in Japan, multinational corporations, and some government systems
in the United States, such as Fairfax County. On Monday, a new worm was
unleashed on computer systems. This worm is capable of wiping out a computer's
basic system files. These attacks are increasing in intensity, sophistication
and potential damage. Is the nation ready for this type of terrorism?
Will its basic communications and computer infrastructure withstand a
Today, we want to examine these critical issues.
We welcome our witnesses who will discuss these computer threats and the
measures that must be taken to protect this nation -- its economy, its
states, cities and institutions of higher learning.