Wednesday, July 28, 1999 Published at 21:25 GMT 22:25 UK
US cyber-security plan under attack
The US government wants better protection from cyber-attacks
By BBC News Online's Kevin Anderson in Washington
White House officials confirmed that the Clinton administration is drafting a plan for the Federal Bureau of Investigations (FBI) to oversee an extensive computer monitoring system to protect the nation's critical computer networks from attack.
The draft proposal immediately raised concerns with civil liberties groups.
Growing threat of cyber-attack
The government defended the proposal in light of the growing threat of computer attacks on critical computer systems.
"Our concern about an organised cyberattack has escalated dramatically," Jeffrey Hunker, the National Security Council's director of information protection, told the New York Times on Tuesday.
"We do know of a number of hostile foreign governments that are developing sophisticated and well-organised offensive cyber attack capabilities, and we have good reason to believe that terrorists may be developing similar capabilities," he said.
The proposal calls for the establishment of the Federal Intrusion Detection Network, or FIDNET.
Modelled after a system already in place at the Department of Defence, software installed on both individual computers and networks would monitor for signs of intrusion, according to Jim Dempsey, with the civil liberties group, the Centre for Democracy and Technology.
The plan calls for the establishment of a National Infrastructure Protection Centre (NIPC) at the FBI to oversee the project.
Fear of cyber-terrorism
The administration began drafting the plan in response to a presidential directive issued more than a year ago "asking us to look at the vulnerability of the critical infrastructures of this country to _ terrorism", National Security Council chief Samuel L Berger said.
The draft proposal, leaked to the New York Times by a civil liberties group, calls for monitoring not only of governmental systems but also of computer systems in the banking, telecommunications and transportation industries.
However, Mr Berger said the government "can't, obviously, impose any kind of systems on other industries." Instead, the government will work to educate these corporations about cybersecurity, he said.
Civil liberties groups such as the Centre for Democracy and Technology are concerned the draft proposal does not have sufficient privacy protections.
"The report clearly recognises the civil liberties implications of FIDNET. But it brushes them away," Mr Dempsey of the CDT said.
Mr Berger said the administration is sensitive to privacy concerns. President Clinton appointed a privacy advocate to aid in the development of the intrusion detection system, he said.
He argued that privacy is not a black-or-white issue. The government has a responsibility not to invade people's privacy, but it also has a responsibility to protect people's personal information that it has on file, he said.
"I think if somebody attacks the IRS (Internal Revenue Service) and gets into my tax file, that's a violation of my privacy. And I think that if we had a system that makes that less likely, that's a protection of my privacy," Mr Berger said.