NCJ Number
189471
Date Published
April 2001
Length
108 pages
Annotation
The report examines the status of the abilities of the National Infrastructure Protection Center (NIPC) to fulfill its mission to protect the Nation's infrastructure from computer-based attacks.
Abstract
Terrorists clearly could launch computer-based attacks to damage the national defense or public operations or steal sensitive data. A presidential directive in May 1998 assigned the NIPC the responsibility of providing comprehensive analyses on threats, vulnerabilities, and attacks; issuing timely warnings; coordinating the government's response to cyber incidents; and other tasks. However, the analytical and information-sharing capabilities that are needed to protect infrastructure have not been achieved. One reason is because there is no generally accepted methodology for analyzing strategic cyber-based threats. The NIPC also is not able to provide timely information on changes in threat conditions or warning of imminent attacks. A major underlying problem is that the NIPC's responsibilities have not been clearly defined nor have they been consistently interpreted by other government entities. The NIPC has had greater success in providing technical support and coordination for the FBI's investigations into computer crimes. Progress in establishing information-sharing partnerships between the NIPC and private sector and government entities has been mixed. The GAO recommends that the National Security Advisor: establish a capability for strategic analysis of computer-based threats, including developing related methodology, acquiring staff expertise, and obtaining infrastructure data; require development of a comprehensive data collection and analysis framework to ensure that national watch and warning operations for computer-based attacks are supported by sufficient staff and resources; clearly define the role of the NIPC in relation to other government and private-sector entities; direct Federal agencies and encourage the private sector to better define the types of information necessary to exchange in order to combat computer-based attacks and to develop procedures for performing such exchanges; initiate development of a strategy for identifying assets of national significance; and resolve discrepancies in requirements regarding computer incident reporting by Federal agencies. Appendices.