CyberCrime interviews new anti-hacker agency chiefs POSTED 03/10/98 By Luke Reiter, CyberCrime, ZDTV March 6, 1998 6:39 AM PST CyberCrime interviews new anti-hacker agency chiefs Michael Vatis and Ken Geide are top cops -- assigned to preserve and protect the nation's information infrastructure. They're the two FBI agents who will run the National Infrastructure Protection Center (NIPC), which was announced by Attorney General Janet Reno last week. Vatis will serve as deputy assistant director, Geide as section chief. In an interview with CyberCrime, they talked about the new agency, the threat posed by computer intrusions, and the recent hack attack on the Pentagon. CyberCrime: Does the NIPC have a different mission than the FBI's former CITAC (Computer Investigations and Infrastructure Threat Assessment Center)? Vatis: Yes. The NIPC has a broader focus, of which computer investigation is just one part. That basic function will now be done by the Computer Investigation and Operations Section, which Ken (Geide) will head up. We also have three new sections. First, an Analysis and Warning section, to gather information from other relevant sources such as private industry and foreign intelligence. Second, a Watch and Warning unit, to receive and respond to reports of unauthorized intrusions. And third, a Training, Administration and Outreach unit to continue our educational efforts. CyberCrime: Why is it necessary to include the private sector in the NIPC's efforts? Vatis: It's a critical part of our mission. We're an interagency effort. We expect contributions from the Department of Defense, the intelligence community, and state and local law enforcement. But the private sector is on the forefront of these intrusions. They're in the best position to implement the security measures that will prevent these crimes. CyberCrime: Do you have any indication that private companies will voluntarily share information with the FBI? Vatis: We've done extensive outreach, both through CITAC over the past 2 years, and also through the president's commission on the infrastructure, which included members of the private sector. We haven't nailed anything down yet, but I think we've gotten pretty positive feedback. We have come to see that private industry is less reluctant to share information with us when they have experience dealing with us. Government and private industry are starting to learn that they can't solve this problem on their own. CyberCrime: What kinds of threats will the NIPC be protecting against? Vatis: The spectrum ranges from the 13-year-old hacker to an organized crime group that wants to steal and sell proprietary data. It includes terrorist groups here or overseas that want to bring down an infrastructure to advance their cause or bring down the U.S. economy. And it even includes foreign intelligence services and hostile nation states that want to use information warfare against the U.S. Our potential adversaries would probably launch an asymmetrical attack to get at our soft underbelly, which is our infrastructure. CyberCrime: It's been said the FBI spends vast resources combating computer intrusions, often with nothing more than a 15-year-old kid to prosecute at the end. Geide: That perception fails to consider the nature of the cyber world. There's an expectation in this country that our infrastructures will be there when we need them. If there's an older person who needs to call 911, they need to do it with the confidence that we'll be there to respond. When there's an attack on the phone system, or the energy or water supply, it has consequences regardless of who launched the attack. When we first hear of an intrusion, it's often impossible to know if the attack came from a teenager or a hostile nation state. If our investigation takes us to a 15-year-old, so be it. If there's more to it, we'll deal with that as well. These are crimes we're talking about. The fact that you're 15 doesn't diminish the consequences or relieve you of responsibility. Vatis: I think there's a perception out there that hacking isn't a real crime -- because it's perceived as a victimless test of skill for people to see how far they can get. There's no recognition that it can cause serious damage. CyberCrime: Let's talk about the Pentagon hack. Some say the real story isn't about a teenage hacker -- it's about Pentagon employees using their girlfriends' names as their passwords. What do you think of that comment? Vatis: The problem is that it continues to romanticize the hacker as completely innocent. That's like blaming a person for being robbed because they didn't put an extra bolt on the door or left the window open. It is absolutely true that the government needs to do a better job of practicing and teaching security. But it is really seriously mistake to perpetuate the notion that the person who breaks into a system is doing us a service by proving our vulnerability. CyberCrime: How great is the threat? The classified files that are most important are generally kept offline. Geide: The classified systems are more secure than the unclassified ones. But the government's ability to function is dependent on unclassified files as well. So, the most sensitive classified data about battle plans, intelligence gathering or technical data about weaponry, might not be accessible. But you can't deploy a military force without relying on the unclassified systems. Even if we have a secure classified system, we're still incredibly reliant on the unclassified ones. CyberCrime: What advice would you give to those people who worry about hackers breaking into their systems? Vatis: People need to be cognizant of the risks and also try to educate themselves on basic security practices. There is no reason that people should stay off-line out of fear of being hacked, but they should be careful before they make sensitive data accessible to hackers. You can't take the attitude that you're going to stay off-line. Society has moved online. To remain part of society, you almost have to move online yourself. But our mission is more focused than individual protection. We're a lean, mean organization that is dedicated to serious cyberthreats. We have a lot of work to do. CyberCrime: Some critics have speculated that Pentagon hack was conveniently timed to coincide with the attorney general's $64 million funding request for the NIPC. Any comment? Vatis: Any notions that these events are tied together as part of a public relations mission are absolutely false. If you look at the NIPC and how it came into existence, and our request for funding, all of this is really months in the planning. We sent our budget request to Congress months ago, and that's a publicly available document. - Copyright (c) 1998 ZDNet. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of ZDNet is prohibited. ZDNet and the ZDNet logo are trademarks of Ziff-Davis Inc. Infowar.Com & Interpact, Inc. WebWarrior@Infowar.Com Submit articles to: infowar@infowar.com Voice: 813.393.6600 Fax: 813.393.6361