In high-tech America, cybersecurity specialists trained for high-
stakes fights with hackers are in short supply.
America's next generation of cyberdefenders did battle recently
at the National Collegiate Cyber Defense Competition finals in San
Antonio, the Super Bowl of college computer-security tournaments.
The collegians' assignment: to defend a business computer network
with digital defenses as porous as Swiss cheese from a "red team" of
professional hackers from the military and federal agencies.
After 17 grueling hours, computer science graduate student Alexei
Czeskis and his "cyber swat team" buddies from the University of
Washington emerged victorious, slamming their digital doors on the
red team's top guns.
The truth is, America could use several thousand more
cyberwarriors just like Mr. Czeskis and his teammates to address an
embarrassing national computer glitch: The tech-savvy nation that
invented the single-chip microprocessor is weak on cyberdefenses and
lacks the "human capital" to protect itself.
What is at risk from the cyberattackers? Anything from corporate
crown jewels - critical proprietary data - that can give the owner a
competitive advantage to classified data such as weapons designs or
national security procedures. In 2008, a foreign intelligence
service infiltrated thousands of military computers belonging to the
US Central Command - the "worst breach of US military computers in
history," William Lynn, deputy secretary of defense, admitted
recently. Just last year, hackers seeking trade secrets hit Google
and the networks of dozens of other US companies.
Those attacks are just part of a continuing drumbeat of
successful cyberattacks on US government and industry. Even though
the United States is believed to lead the world in developing
offensive cyberweaponry and espionage capabilities, experts say it
lags badly on defense.
"We realized a few years ago that we keep getting whacked and
that we just can't have this anymore," says James Lewis, a senior
fellow at the Center for Strategic and International Studies in
Washington and author of a 2010 CSIS report on the nation's "human
capital crisis" in cybersecurity expertise. "People have reassessed
the balance of skills needed for national security, for economic
security.... There's a major shortfall."
"There are about 1,000 security people in the US who have the
specialized security skills to operate at world-class levels in
cyberspace - we need 10,000 to 30,000," Jim Gosler, director of the
CIA's Clandestine Information Technol-ogy Office, told CSIS in its
report last year.
The FBI is no exception. In a report on April 27, the Department
of Justice inspector general found that more than one-third of 36
elite cyberinvestigators in 10 of its 56 bureaus "reported that they
lacked the networking and counterintelligence expertise to
investigate national security [computer] intrusion cases. …