Experts Find Faltering In Safeguards For Computers
MODERN thieves can steal more with a computer than with a gun, and America's ``luck'' in avoiding a major computer disaster way soon run out unless security is tightened, an expert panel warned Wednesday. A National Research Council committee concluded the United States has grown to rely on computers for everything from banking to health care without ensuring that such information is secure from accident or deliberate attack.
Furthermore, failures of computer system security, safety and reliability appear to be increasing in number and severity, the panel said.
Among the examples cited were the much-publicized 1988 incident in which a reproducing computer program, called a worm, snarled as many as 6,000 computer systems.
Poor quality control also can make computer systems untrustworthy, the panel said. It cited an error in computer software controlling a radiation therapy machine that resulted in at least three patient deaths, and the scrambling of patient records at one hospital by a rogue program, or virus, that was accidentally introduced into its computer system.
``To date, we have been remarkably lucky ... As far as we can tell, there has been no successful systematic attempt to subvert any of our critical computing systems. Unfortunately, there is reason to believe that our luck will soon run out,'' the 16-member panel said.
``The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb.''
Neither of the two agencies traditionally assigned with overseeing technology - the National Institute of Standards and Technology and the National Security Agency - appears prepared to tackle the task of computer security, the panel said in its 303-page report entitled ``Computers at Risk.''
The experts called for creation of an Information Security Foundation funded by member subscriptions and fees for security evaluation and other services.
The panel noted that European nations have made unified strides towards computer security, and cautioned that if the US fails to take similar action it will be increasingly difficult to sell American hardware and software on the global market.
The National Research Council is the research arm of the National Academy of Sciences, which was chartered by Congress to examine questions of science and technology.