Senators Quiz Witnesses On Computer Monitoring Plan

Welcome Guest. | Log In| Register | Membership Benefits

July 29, 1999 (1:38 PM EDT)

Senators Quiz Witnesses On Computer Monitoring Plan

By Mary Mosquera,

WASHINGTON, D.C. -- A Clinton administration official told lawmakers Thursday that a proposed White House plan to monitor computer and communications networks will not violate consumers' privacy.

The Federal Intrusion Detection Network, or FidNet, is a work in progress and must be reviewed by the Justice Department and President Clinton's chief privacy counsel Peter Swire, said John Tritak, director of the Clinton administration's Critical Infrastructure Assurance Office.

"Its implementation will be shaped by the determinations of those reviews," said Tritak at a hearing of the Senate Special Year 2000 committee, in trying to quell privacy concerns raised by the revelation of the cybermonitoring plan Wednesday.

Contrary to what privacy groups have said, FidNet will not monitor private computers, only illegal intrusions in federal government systems, said Michael Vatis, director of the FBI's National Infrastructure Protection Center. Federal systems administrators will be tied together so all can get an early warning in case of an intrusion, he said.

The Senate Y2K committee was reviewing the creation of the Information Coordination Center (ICC), which will coordinate emergency responses among federal agencies to threats to the nation's infrastructure related to the millennium date rollover. The council will monitor and gather domestic and foreign information, which will come from industry and government groups such as the National Infrastructure Protection Center.

Groups within the federal government aimed at protecting the nation's computer and communications networks were formed as a result of a presidential directive in May 1998 to respond to the World Trade Center and Oklahoma City bombings in 1995 and 1996. The year 2000 gives these groups their first real test at information gathering, monitoring, and emergency response.

The ICC will begin functioning by Sept. 9, because the "9-9-99" date could send a message to some computers to shut down. The center will go 24 hours daily beginning Dec. 30 through the first two weeks of January, said John Koskinen, chairman of the President's Council on Y2K Conversion.

Lawmakers said the $40 million center should extend beyond the March 2000 expiration because of the increasing number of attacks on computer networks.

Vatis said his group hunts down malicious attacks on the nation's critical infrastructure. He said he expects even more threats as the millennium approaches. During the year changeover, however, it may be hard to determine if a system failure is because of the Y2K computer problem or deliberate intrusions and viruses, he said.

The FBI is also concerned that some foreign programmers who have been fixing the nation's computer systems may have installed trap doors that will allow them to attack systems, obtain root access, or map systems to sell to economic competitors or foreign intelligence agencies.

"It is a problem, yes," Vatis said. Most Y2K fixes have been corrected by contractors with no security clearances, but are given the authority of trusted insiders to information systems, he said.