May 19, 1998

Weak Computer Security in the Government: Is the Public at Risk?

The May 19, 1998 Full Committee hearing on the Government Computer Security, "Weak Computer Security in the Government: Is the Public at Risk?," addressed systemic problems which make government computer and communication systems vulnerable to both deliberate and inadvertent attacks. Dr. Peter Neumann testified that our Nation's underlying information infrastructure is riddled with vulnerabilities. As such, our nation's critical infrastructures (for example, power generation, transmission and distribution; air traffic control; and telecommunication) are at risk. Even though the risk is widely known, Dr. Neumann stated that "until high-visibility disasters occur, few people are willing to admit that something drastic needs to be done. It may take a Chernobyl-scale event to raise awareness levels adequately." Highlighting this vulnerability were the seven members of L0pht, a "hacker think tank." L0pht said that, in a matter of 30 minutes, they could make the entire Internet unusable for a couple of days. While they have shared this finding with appropriate authorities, nothing has been done to remedy the problem. Further, both Dr. Neumann and L0pht testified that the security features in many commercial problems are abysmal. They blame this on that fact that software manufacturers are not held liable for their products, and therefore, often make erroneous claims.


Return to the Main Page


Committee Members] [Subcommittees][Special Investigation]
Jurisdiction] [Hearings] Press Releases] [Sites of Interest

This home page was created and is maintained by the Senate Governmental Affairs Committee.
Questions or comments can be sent to: