IDG News Service - Imagine a scenario in which a downloadable application turns smartphones into network-clogging bots, causing U.S. mobile-phone networks to fail, and eventually spreads to the wired Internet.
Then imagine, as U.S. White House officials debated how to handle that situation, the energy grid in the eastern U.S. begins to fail. A group of national security and cybersecurity experts wrestled with those scenarios Tuesday, during the Cyber ShockWave exercise hosted by the Bipartisan Policy Center, a Washington, D.C., policy think tank.
The scenario started small, with a downloadable application infecting smartphones. But the number of infected phones grew, and the malware started attacking the wired Internet as smartphone users synched their phones with their computers. The malware began sending huge video files across the Internet, crippling both mobile networks and the wired Internet.
A group of security experts, acting as U.S. cabinet members and presidential advisers, debated for hours about how to handle the situation, with some participants arguing the U.S. president should declare the attack an act of war and mobilize the U.S. military. Former U.S. Secretary of Homeland Security Michael Chertoff, playing the role of U.S. national security adviser in the scenario, asked whether the president has the authority to order mobile-phone networks be shut down or to turn off service to infected phones.
"We don't have the authority in this country to quarantine cell phones," answered former U.S. Deputy Attorney General Jamie Gorelick, playing the role of attorney general. "We're in uncharted territory right now."
Stewart Baker, a former assistant secretary for cybersecurity policy at the U.S. Department of Homeland Security, wondered why the president doesn't have that authority. If a person with a deadly and communicable disease were at a major sporting event, U.S. authorities would have the ability to remove the person, said Baker, playing the part of U.S. cybersecurity coordinator.
"I think we can find legal justification for what we want to do," said Baker, now a visiting fellow at the Center for Strategic and International Studies. "[Telecom] is a regulated industry. We can take those legal authorities and tell them what they need to do to get this worm out of the system. We've got to find the authority."
Acting as the DHS secretary, Frances Townsend, former chairwoman of the U.S. Homeland Security Council, suggested the president ask people not to use their mobile phones as a way to prevent the malware from spreading.
But former presidential spokesman Joe Lockhart questioned if that would work. People would continue to use their mobile phones, even after the president asked them not to.
During the discussion, participants learned that the hypothetical malware originated from a group of servers in Russia. Retired Air Force General Chuck Wald, acting as the secretary of defense, assured the other members of the national security team that the U.S. had the offensive capability to shut down those servers, but other participants questioned whether Russia would see that as an act of war.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
