Richard Clarke, head of the White House's Office of Cyberspace Security, took a moment on Tuesday to remove his VR goggles and spend some time lobbying for new toys. His office is now exactly a year old, having been created shortly after the Office of Homeland Security.
Clarke is best known for establishing the first .GOV Internet domains to feature the word "cyber," including securecyberspace.gov and cybercrime.gov. The 29-year veteran of the Executive Branch is now setting his sights higher, envisioning a government-run "Internet operations center."
Clarke's concept of a "cyber war room" first surfaced in the beginning of this year, when Federal Computer Week reported that it could become a reality by March. At a corporate conference Tuesday, the former Reagan nuclear dealmaker lamented, "Nowhere can you go to get a real-time look at... whether there is a virus spreading or a huge denial-of-service attack."
On the virus front, Clarke offers no specific method by which viruses or other application-level nasties lacking a network-level "fingerprint" could be tracked on such a grand scale. And although the operations centers established by major Internet backbone providers are perfectly capable of analyzing network-level attacks, Clarke obviously wants some jumbo projection screens of his own.
"We really need a flexible, physical location where when there is a problem, we have a place to put people from across government," he was quoted as saying in February. This does seem to be his main priority, and one wonders exactly what kinds of cocktails would be served there. Clarke is modeling his Cybersecurity Information Coordination Center (pronounced "kick" like "in the pants") after the Year 2000 Information Coordination Center (pronounced "yick" like "in the pants") where panicked officials gathered to sweat out January 1st, 2000.
Despite the emphasis on "government people," Clarke claims that he has been approached by private corporations who would like to see the centralized monitoring facility become a reality, and goes on to say the center should not be part of the government.
He also acknowledges that the Internet Engineering Task Force (IETF) is already working on protocols to share attack information between Internet providers, but believes the work is progressing too slowly. Happily, he proposes funding new testbeds for the IETF task forces to develop and refine their work.
Clarke is obviously not all bad, but like his cyber-predecessors, he lacks a basic understanding of how the Internet works, and his ideas about it suffer. One of Clarke's better-sounding ideas was GovNet, which would have established a separate network for government entities, isolated from the Internet. Yet critics of that plan said that enough networks of this sort are already in existence, and money would be better spent improving them. The former State Department official seems to be an outsider in more ways than one. Richard Clarke would do better to leverage his Critical Infrastructure Protection Board (CIPB) as an advocate for real security experts in government and industry.
The CIPB's draft of "A Federal Strategy to Secure Cyberspace" is available here. Comments from the public regarding this strategy will be released on November 18th. To contribute your own, send them to email@example.com.