|Editions | myCNN | Video | Audio | Headline News Brief | Feedback||
Main Page | Bracing for Cyberwar | Hacking Primer | Scenes from the 'Hacker Underground' | Hacking: Two Viewpoints | Timeline | Gallery | News Archive | Discussion | Related Sites
Clinton fights hackers, with a hacker
From staff and wire reports
WASHINGTON -- Searching for ways to improve security on the Internet, President Bill Clinton convened a meeting at the White House on Tuesday with technology experts that included a hacker named Mudge.
Saying security on the Internet should be improved without jeopardizing the entrepreneurial potential of e-commerce, the president endorsed a $9 million proposal to create a high-tech security institute.
"We know we have to keep cyberspace open and free," Clinton said. "At the same time, computer networks (must be) more secure and resilient and we have to do more to protect privacy and civil liberties."
The meeting follows a blizzard of assaults last week that disabled some of the nation's most popular Web sites, among them CNN.com, eBay, Yahoo, Amazon.com and E*Trade.
Republican lawmakers have criticized related Clinton proposals in the past, saying they have not done enough to protect federal computer systems.
But U.S. Secretary of Commerce William Daley, who took part in the session, said the U.S. government can "lead by example" to ensure national networks are secure.
"The tools are out there, but not many companies are taking advantage of them. We in government can provide an example by getting our own house in order," he told reporters.
Sun, MCI, IBM and Mudge
The president invited more than a dozen computer executives and academics who specialize in computer technology to the session. Companies represented included America Online, Yahoo!, 3Com, Cisco Systems, Sun Microsystems, MCI Worldcom, IBM, AT&T, Hewlett Packard, Intel and Microsoft, said White House spokesman Joe Lockhart.
Among the participants was Mudge, nickname for a member of a "think tank" of hackers who perform security consulting under the name @Stake. The White House released a list of participants that included an @Stake representative named Peiter Zatko.
Mudge, in a business suit with his long brown hair hanging down on his chest, sat quietly with his fingers interlocked atop his blue briefing books. He is also a member of the celebrated hacker group L0pht Heavy Industries, based in Massachusetts.
Another participant, Whitfield Diffie of Sun Microsystems, set up his laptop on the conference table, an agenda on the screen.
No 'electronic Pearl Harbor'
The initial idea of the meeting was to address the problem of terrorists using cyberspace. But Clinton said the attacks last week underscore a need for the government to focus on protecting the Internet itself.
"These denial-of-service attacks are obviously very disturbing and I think there is a way that we can clearly promote security," Clinton told CNN.com Monday in an online interview.
But Tuesday he cautioned that the attacks were not an "electronic Pearl Harbor."
"I don't think we should leave here with this vast sense of insecurity," Clinton said at the Tuesday meeting. "We ought to leave here with a sense of confidence that this is a challenge that was entirely predictable. It's part of the price of the success of the Internet."
Summit also tackles cyberterrorism
Lockhart said beforehand that the participants mainly would review Clinton's $2 billion proposal for protecting the nation's computer infrastructure from sabotage; about $91 million of that would go toward addressing cyberterrorism.
"The meeting is not to come out with new budget numbers or detailed policy initiatives. It's to make sure we are on the right track," Lockhart said. "One of the goals the president has is to make sure that each of these important companies is talking within their industry about what they can do."
One challenge for vulnerable companies is how to share warnings on attacks without causing undue panic or releasing corporate secrets.
Managers of a recently formed private security network for banks said computer experts at some of the nation's largest financial institutions received detailed warnings of impending threats days before last week's attacks began on major sites.
Hacking warnings not passed to FBI
But banking officials never passed those warnings to the FBI or other law enforcement agencies, because they weren't allowed to do so under rules of the unusual security arrangement, formed with the government's encouragement.
To encourage open participation by banks and other financial firms, the Treasury Department decided that information disclosed within such a network would not be turned over to federal regulators or law enforcement agencies. It worked well for the banks that were forewarned about the attacks last week but the system also ensured the same warnings were not widely distributed.
The banking network issued the first alert in the latest attacks on February 4, "when we started seeing certain machines being compromised," said William Marlow of Global Integrity Corp., which runs the network. Yahoo! was attacked four days later.
America Online is awaiting approval of a merger with Time-Warner, the parent company of CNN.
Correspondents Steve Young, Major Garrett and The Associated Press contributed to this report.
Hacker hunters follow lead to Germany
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.