The U.S., amid an unprecedented foreign cyber attack threat level, has been exposed as not having a cohesive plan for cyber defense.  Recent studies warned that massive and expensive overhaul was needed, and a recent war game showed key government and industry players to be lost when it came to a major cyber attack.

Department of Homeland Security Secretary Michael Chertoff, a member of the Bush administration, at the war games warned participants of dire consequences if the U.S. cyber efforts did not improve.  However, he was on hand this week to praise President George W. Bush's track record with cyber security.

Secretary Chertoff said that the Bush administration was endowing incoming President-elect Barack Obama with "some momentum" on the cyber security front.  At the end of last week's war games, Secretary Chertoff commented, "I think we've done an awful lot in a relatively short period of time, as, you know, government work goes and while there's much more to be done, I think we've teed up, so the next administration has some momentum and I will encourage them in any way I can to continue to move it forward."

A critical advance, he stated, was President Bush's confidential orders in January pushing for the DHS and the National Security Agency to expand cyber security efforts.  He added, "Obviously, this is a work in progress, but it is one which builds upon a shared relationship of trust and experience, which we have seen work in the physical realm and one of the reasons we have to work across the entire domain of our relationships with the private sector is because the needs of each sector differ in terms of what their concerns are from a cyber-security standpoint."

He called for an increase in intelligence agency monitoring of civilian networks.  He argued, "The cyber-security threat isn't only one that occurs at the level of traditional nation states and traditional conflicts.  It occurs with respect to terrorism, where we know that a cyber-terrorist attack could have a potentially very, very serious impact on the safety and well-being of our citizens.  And even common criminals have done an enormous amount of damage using the cyber-system to exploit our vulnerabilities in order to make money."

Supply chains and inside job attacks are two critical areas for improvement, he believes.  He breaks down cyber attacks into three categories:  hackers who steal information, threats that would degrade or destroy the ability to actually engage in activities over the Internet, and inside corruption of the process.

He describes, "Not an attack that necessarily destroys a system, but that simply corrupts it or changes it in a way that makes it unusable and undermines confidence and trust.  And here, although it hasn't happened to my knowledge, imagine a circumstance where a terrorist attacked our financial system and simply altered the data in a way that left people with a lack of confidence that they could get accurate information or access to their assets."

The Secretary says that the newly created Cyber Security Working Group, which draws government representatives from 18 critical infrastructure and key resource sectors, has been critical to coordinating and improving defenses.

According to Secretary Chertoff, the top areas of focus are chemical, IT, and banking and finance sectors, as these represent critical U.S. industries that could have a disruptive effect on defense and the U.S. economy if compromised.