about cyberattacks as well.2003 is referenced by secretary napolitano the legislation talked about cyberattacks as well. you move the enabling legislation that creates the department and the homeland security presidential record number seven. in anticipation of testifying i read what it is all about. is it establishes a national policy for the federal departments and agencies to identify and prioritize united states critical infrastructure and key resources and to protect them from terrorists and it goes on to talk about protection from cyberattacks as well. in 2000 you have the national infrastructure protection plan which encompasses all that had come before and sets a specifically based on hspd seven which created the sector select agencies and the sector coordinating council's under this a mandate. the point being we don't need a piece of legislation that identifies critical infrastructure. we have been working on that for 10 years. you understand that process. what we do need and where we tip the hat compar

there is a cyberattack. we don't legislate, we don't create a system of protection of american cybersecurity. there is an attack we are all going to be rushing around frantically to throw money at the problem and its plan to be after a lot of suffering that occurs as a result so we have an opportunity to work together. nobody's saying the bill is perfect. it is darn good after all it's been through. but you've been very helpful today and thank you very much. we look forward to working with you. senator collins. thank you mr. chairman. i too i want to thank the secretary for her excellent testimony and the technical department for the record i would like to submit what is a very clear statement from the chairman of the joint chiefs of staff at a hearing before the armed services committee earlier this week, and general dempsey said i want to mention for the record that we strongly support the lieberman collins rockefeller legislation dealing with cybersecurity. so the secretary's comment in response to the qu

there is a cyberattack. we don't legislate, we don't create a system of protection of american cybersecurity. there is an attack we are all going to be rushing around frantically to throw money at the problem and its plan to be after a lot of suffering that occurs as a result so we have an opportunity to work together. nobody's saying the bill is perfect. it is darn good after all it's been through. but you've been very helpful today and thank you very much. we look forward to working with you. senator collins. thank you mr. chairman. i too i want to thank the secretary for her excellent testimony and the technical department for the record i would like to submit what is a very clear statement from the chairman of the joint chiefs of staff at a hearing before the armed services committee earlier this week, and general dempsey said i want to mention for the record that we strongly support the lieberman collins rockefeller legislation dealing with cybersecurity. so the secretary's comment in response to the qu

the challenge for the world of business is keeping pace with cyberattacks.heer volume of those attacks, the fast-changing nature, and where they're coming from. >> we received a spam message just outside oxford. the message was actually sent from an infected, compromised machine just outside warsaw in poland. when you click on the web site, it ticket to a location just outside new york. -- it took you to a location discuss and york. then it redirected you to another location just a said beijing and china. it uses the vulnerability of your browser to install a banking program hostedhen you ek account details next time, it collected those in details and send it to the bad guy in brazil. >> some say we need to make it easier for companies hit by cyberattacks to own up and talk about what went wrong so others can learn. at the moment, there is a tendency to close up. >> you cannot go back into your cocoon and say we're not going to deal with the outside world because it brings to many threats. simply impossible. our future prosperity depends on as being an open

. >> a cyberattack is on its way. we will suffer a catastrophic cyberattack. k e clock is ticking. >> reporter: officials say they have no information that any large-scale attack is imminent, but can see critical system, like the nation's power grid, and air traffic control network, are vulnerable. u.s. businesses and government computer networks are already ndder daily assault. state-sponsored spies, largely from russia and china, are stealing corporate secrets in what one official calls the greatest pillaging of wealth in history. kevin mandia is one of the america's top cyber detectives, investigating breaches for majo defense contractors and other major corporations. >> if i'm a fortune 500 company, be auld just assume i'm going to be a target at some point. >> you are a target. t.ere's no question about it. >> reporter: mandia showed us how the most successful attacks begin with simple research. >> you,f i wanted to compromise you, what i might do, bob, is find out your interests. what's your favorite football team, baseball team, your dog's ceme. emonsto

what is the impact of cyberattacks? we have to get the language.cyberattacks are considered like a war and sometimes we call it intrusions come on the fact regular basis that the countries and my concern would be is radical extremist group b. in the $2 million to go in and take on a major banking city. north korea just took on just took them to manufacture a couple days in south korea. so what i would like to hear, what do you use your concerns as far as a catastrophic attack. i know alexander has talked about it as even i have have had discussions. how serious this is and what is catastrophic. we know there's a lot of issues out there. how about for the national security of our systems? >> let me start by pressing remarks by saying that i do believe that the cyberthreat will equal or surpass the threat for counterterrorism in the foreseeable future. the efforts we put on counterterrorism, same intensity, same breaking down mr. pipes has to be undertaken with regard to cyberthreats. quite obviously there are a number of ways of looking. i'm the one

>> i, it has been pointed out, we are seeing increasing attacks, cyberattacks, not only in the public sector, but the private sector as well. and i think this country has a responsibility to develop the defenses that have to be there in order to insure that, that this country is not vulnerable to those kinds much attacks. the money that we dedicate in our budget tries to improve our technologies, our capabilities within the defense department, within nsa. but i would suggest that part of that consideration has to be, what do we need to do to make sure that the equipment, the technology that we're getting all of that has adequate protections against cyberattack. >> let me make a request for the record, if i may, since my time is starting to run out. two requests for the record. one is that if you could break out for me what in your budget is related to supply chain security? to the extent that you can make that specific to cyber attacks, specifically from the chinese, if you can go that far, i'd like to get that. >> i'll do that. >> and the second thing i'd like to do is have a discuss

we cannot wait until our country as a catastrophic cyberattack. it would be irresponsible legislation do -- it would be irresponsible for congress not to pass legislation to deter of -- due to turf battles are claims that we are somehow harming the economy. what we're doing is protecting the economy and our way of life. thank you, mr. chairman. >> thank you, senator collins for that very strong statement. i agree with you, i would correct one part, at least you were that three committee chairs of the jurisdiction. i consider you the co-chair of this committee, so i would say it was four. i appreciate your contribution to this effort. we are grateful to have senator rockefeller and senator feinstein here. i cannot thank you enough for the work we have done together. it is a very poor full statement and we have agreed on a consensus bill. -- very powerful statement and we have agreed on a consensus bill. senator rockefeller, mr. chairman, we welcome your testimony now. >> thank you, chairman lieberman, ranking member collins. you are quite right. se

it kept a frenetic 24 hours of cyberattacks across the globe.n friday, they hit greece taking down their justice department's website. then they hit in the united states hacking into various websites for police departments, in boston, then in syracuse, new york, and then in salt lake city. >> do your own research. >> reporter: they were able to access various databases that had personnel information but also vital data on police informants. >> it's a concern. i mean, if they could hack that, what else can they hack? >> reporter: they released this recording on friday. >> i'm not sure if we're the only two on or not. >> reporter: an audiotape of a conference call they intercepted. >> what's amazing about this was not only did they intercept a confidential e-mail, they were able to leverage the information in the e-mail to listen in on an fbi conference call to scotland yard, and then they published the audio transcript of the call. >> 1024 -- >> reporter: who is behind these attacks? a loosely connected band of attackers known as anonymous. you'v

and in the event of a large scale cyberattack, how resilient are power grids and military bases? obviously our military bases in many ways are dependent on the political infrastructure, our electric grid owned and operated by the private sector. and if they go down, our military bases and their ability to function are vul innerable. what efforts are we doing to make them resilient and have some of their power supply back if necessary? >> i'll talk cybera and then i'l ask mr. hill to talk about submarines, is that right? we're very concerned about cyber. we talk about what's new in the world in terms of threats. for us, it's emerging capabilities. it's special operating forces. it's cyberand it's isr. those same capabilities are also -- have become available to our adversaries. and in the case of cyber in particular, we've been acting to prepare ourselves in terms of our vigilance on our systems and our defensive mechanisms. and we've got, as you know, we've got a cyberstrategy, but we remain vulnerable. and through a series of table top exercises, conversations as well as on the

. >>> the nation's number one terror threat could be a cyberattack.e officials are warning today at a hearing before the house intelligence committee. >> we will suffer a catastrophic cyberattack. the clock is ticking. and winding down. >> this comes one day after several top security and defense officials met with senators to figure out how to better protect the infrastructure and companies from cyberattacks. >>> a rare victory in small claims court for a los angeles woman against a giant automaker, honda. her name is heather peters. she was awarded just under $10,000 yesterday. she claims she was misled by honda's claim that its civic hybrid could get 50 miles per gallon. she said her car never came close to that. >> it's justice in a very small place. but it problems that sometimes the little guy wins. >> peters sued after learning honda's proposed settlement would pay trial lawyers millions while civic owners would get as little as $100 and coupons toward a new honda. honda plans toally. >>> some amazing dashcam video. now of two police officers.

and there are growing concerns about cyberintrusions and cyberattacks. to meet these threats, protect our nation and our people, and at the same time, meet our responsibility to fiscal discipline. this is not an easy task. it's a tough challenge. to build the force we need for the future, what we decided to do is to develop a new strategic guidance that consists of the following five key elements. number one, the military will be smaller and it will be leaner. but it should be agile and it should be flexible, ready to deploy quickly and technologically advanced. second, we have to rebalance our global posture and presence to emphasize asia pacific and the middle east. these are the areas of greatest concern in the future. third, for the rest of the world, we need to build innovative partnerships and strengthen key alliances and key partnerships from europe to latin america to africa. fourth, we'll ensure that we have the capability to quickly confront and defeat aggression from any adversary any time anywhere. and fifth, this can't just be about cuts. it

scale cyberattack, how resilient are power grids and military bases? obviously our military bases in many ways are dependent on the critical infrastructure, our electric grid owned and operated by the private sector. military bases and their ability to function are vulnerable. make them resilient and have some of their power supply back if necessary? >> i'll talk cyber and then i'llines. is that right? we're very concerned about cyber. we talk about what's new in the capabilities. it's special operating forces. it's cyberand it's isr.e available to our adversaries. and in the case of cyber in particular, we've been acting to prepare ourselves in terms of our vigilance on our systems and our defensive mechanisms. and we've got, as you know, we've got cyber com we've got a cyberstrategy, but we remain vu well as on the senate side now notably, we're trying to determine the next steps. and there is a -- there is legislation pending, sponsored rockefeller and then feinstein amendment to that that is a very good providing the kind of information sharing and

we will suffer a catastrophic cyberattack. the clock is ticking and winding down. i have to say we've admired this problem for very long time. we've made it is about this problem for a while now. we have think tanks this problem to death. we've created working groups across the executive branch should try to study the problem more and work on it. i saw some of the blame is on the community and i'll take exception to that. i think you ought given the resources you have in authorities yesterday at done a phenomenal job on what is the hardest problem i think i've ever seen. it is so complicated and so difficult and the target site is large and growing still. i hate to say the united states congress. there is some 30 saver goes out there. again, we have looked, studied and understood the problem. lots of approaches, but at the end of the day we must act. congress must act. i will say this is the only committee has produced a bipartisan product, very narrowly focused. huge coalition support that we believe takes a small step to at least allow the issue to be covered. cu

>> it has been pointed out we are seeing increasing attacks, cyberattack not only in the public sector of the private sector as well, and i think this country has a responsibility to develop the defenses that have to be there in order to ensure that this country is not vulnerable to those kind of attacks. the money that we have in our budget is to improve our to the blaze within the defense department within the nsa but i would suggest that part of that consideration has to be what we need to do to make sure that the equipment and the technology that we are getting all of that has adequate protection against the cyberattack. islamic let me make a request for the record if i may since my time is starting to run out. one is that if you could break out for me what in your budget is related to the security and to the extent that you can make that specific to the cyberattack from the chinese if you go that far i would like to get that putative the second thing i would like to do is have a discussion with whoever in the department of defense is focusing on health care reform for the departme

we will suffer a catastrophic cyberattack. the clock is ticking and winding down. i have to say that we have admired this problem for a very long time. we've made movies about this problem for a while now. we have think tanks across the problem and try to study more and i saw that some of the plane was coming on to the community and i will take exception to that. i think that you'll get in the resources there you have and the authority of today have done a phenomenal job on what is the hardest problem of writing i've ever seen because it's complicated and difficult and the target set is large and growing so i do believe our problem here is, yet to see it, the united states congress. there are some 30 bills, cyber bills out there. we have looked, studied and understood the problem. there are lots of approaches. but at the end of the day, we must act. congress must act. this is the only committee that produced a bipartisan product that is very narrowly focused and has huge collision support that we believe takes a small step toward least allow that sheet to be covere

she's following these hearings over cyberattacks. officials are warning they could be the number one security threat to the nation. so suzanne, what would the worst scenario be? >> well, the worst case scenario is going to be an instant loss of life, something like an attack on a nuclear facility or an attack on the air traffic control system. things like that which have the immediate impact. cyberthreat does go on in the economic world, too. you could definitely feel the effects of that coming. imagine for a second what this is like if you could imagine there's a criminal or terrorist already living in your house with you. but you don't know they're there. that's sort of how lawmakers and how the administration officials are looking at the cyberthreat now. >> okay, so how exactly are we going to fight these threats? >> that's a great question. and i wish if i had the answer, i'd be the most popular person in washington today. lawmakers need to pass some legislation that allows a lot of these government agencies to free up the tools.

cyberattack in the next few years are most likely to be targeted and precise. they probably will not cause mass casualties or catastrophic disruptions if we set the threshold too high, it is simply telling our attackers what they should hit, so many to very carefully limit the scope of this regulation, but i fear that we may have gone a bit too far read the second is to carve out for the commercial and information technology and others have raised this. it makes sense an industry doesn't want the government telling them how to make their product. that is perfectly reasonable. but a blanket exemption on the services and maintenance installation would first undo the eisel work started by the bush administration and second, leave america opened for an attack. so these parts of the bill should really be removed, and in particular i would call your attention to paragraph a and b of section 104. an important legislation there is a delicate balance between protecting the nation and minimizing the low burden on our economy. this bill with some strengthening i think can

two of our greatest strategic cyberchallenges their first native real-time attribution of cyberattacks come in knowing who carried out such attacks and were perpetrators are located. second is managing older abilities within the i.t. supply chain for u.s. networks. in this regard, cybersecurity bill was recently introduced by senators lieberman colin, rockefeller and feinstein and addresses the core homeland security requirement that approves cybersecurity for the american people, nation's critical infrastructure and the federal government's own networks and computers. intelligence committee considers such legislative steps essential to addressing our nation's critical infrastructural vulnerabilities which pose serious national and economic security risk. briefly looking geographically around the world and in afghanistan and general burgess will have more to say about this coming during the past or the taliban and lots of god because mainly mainly a place to the international security forces or isaf were concentrated. the leaders begin to enjoy safe haven in pakistan. the efforts to pa

of media reports that the chinese routinely -- the people liberation army routinely engages in cyberattacks of our business and national security infrastructure. do you believe that is a reality of the 21st century? >> i believe someone in china is hacking into our systems and stealing technology and intellectual policy, which at this time is a crime but i couldn't attribute it directly to the pla. >> let's say they were involved in hacking into the defense infrastructure infrastructure, would you consider that a hostile act by the chinese. >> i would consider it to be a crime. i think there are other measures that could be taken in cyber that would rise the level of a hostile act? what would that be. >> attack iing critical infrastructure. >> a hostile attack, allowing to us respond in okay. i'm having lunch with the vice president of china in about 20 minutes. what do you want me to tell him? >> happy valentine's day. >> all right. >> senator graham, made very clear the cyberespionage from china has to stop and its mighty serious stuff so you can pass along, if you would, that commend as

yet again, i fear we will not be able to connect the dots to prevent a 9/11-type cyberattack on america before it happens. the aim of this bill is to make sure that we don't scramble here in congress after such an attack to do what we can and should do today. intellectual property worth billions of dollars, billions of dollars, has already been stolen, given our international competitors' access in the global marketplace, without ever having to invest a dime in research. and the fact is that even the most sophisticated companies are being penetrated and our adversaries are using information learned in one intrusion to plan the next, more sophisticated one. last year, the computer security firm mcafee conducted a study of 70 specific instances of data and issued a report on those instances, and they included 13 defense contractors, six industrial plants and eight american and canadian government networks. based on that report, the former vice president of mcafee, dmitri alpirovicz issued this warning -- "i am convinced that every company in every conceivable industry with significant siz

of media reports that the chinese routinely -- the people liberation army routinely engages in cyberattacks of our business and national security infrastructure. do you believe that is a reality of the 21st century? >> i believe someone in china is hacking into our systems and stealing technology and intellectual policy, which at this time is a crime but i couldn't attribute it directly to the pla. >> let's say they were involved in hacking into the defense infrastructure infrastructure, would you consider that a hostile act by the chinese. >> i would consider it to be a crime. i think there are other measures that could be taken in cyber that would rise the level of a hostile act? what would that be. >> attack iing critical infrastructure. >> a hostile attack, allowing to us respond in okay. i'm having lunch with the vice president of china in about 20 minutes. what do you want me to tell him? >> happy valentine's day. >> all right. >> senator graham, made very clear the cyberespionage from china has to stop and its mighty serious stuff so you can pass along, if you would, that commend as

cyberattacks and other things to undermine the nuclear weapons program itself. you said you think we are putting more pressure on israel than iran. does that go hand in hand with your tougher sanctions? >> by putting so much public pressure on the israelis not to attack. we are signaling the iranians we'll not attack. we have stated that all options on the table and iran having a nuclear what he coins unacceptable. what we are doing is taking a stick out of our diplomat's hands. bill: do you think that's intentional. at a minimum it's misguide. i can't speak for what's going on in their mind. but i can talk about the effect of it and that's way just described. it signals to the iranians to move forward. bill: what is the end effect of that? is that a nuclear regime? >> i don't think the israelis will tolerate that. they are not going to bet the sovereign state on the motivations and aspirations of the iranians. they will conduct an attack to delay that program and hopefully push that program into some kind of stablization as a result of that after such an attack

cyberattacks of the increasing sophistication using was coming for dinner as the advanced persistenthreat, or the apd. abd attackers are pros. they are highly organized well-funded often state-supported expert attackers to use coordinated sense of attacking methods both technical and personal. perhaps most indicative of these attacks are they target a system they were almost infinitely compromise or breach. unfortunately, conventional information security defenses don't work against abd attackers. this doesn't mean that we have no defense. it means we need to modernize our notion of what constitutes cyber defense. traditional approaches including federal regulation will not solve the public is they're going to be largely reactive and will not stay ahead of the changing threat nature. words, bad resolution could be counterproductive depleting companies on building and house efforts in the regular documents rather than focusing on security. fundamental to stopping defense threat is to understand our biggest problems are not technological. they are economic. independent research has con

private sector to make sure that the private sector is defending itself and our country against cyberattacks? we have spent a lot of time on this and right now, because of the remarkable capacities of the cyberattackers and the extent to which they can attack privately owned and operated cyberinfrastructure for either economic gains or to literally attack our country, that we need to ask the private sector to make investments and to defend themselves and i'm afraid a lot of them are not yet making it. is that gin your general impression? in other words bottom line, we hava vulnerability? does the privately owned and operated cyberinfrastructure of america have a vulnerability to both economic and perhaps strategic attack? >> sir the chairman and the ranking member cited the national intelligence at consecutive report that we issued in october which called out both china and russ as our primary concerns and particularly with respect to the chinese and the theft of intellectual property. of coue which occurs, much of which occurs in private-sector. i know that the bill is quite lengthy, some 2

conduct covert operations using cyberattack, espionage operations. all done at the same time.s into the covert operations. they would be comforted by the fact that you are taking a strong hand. megyn: is there political will insight the united states to do that, given the alternatives, if we don't do that israel is likely to bomb iran and then we'll all be in a lot of trouble. >> we are slowly moving towards not getting tough enough on sanctions which will force the israeli's hands to attack. megyn: what is going to happen to americans inside and outside the united states if israel bombs iran? >> iran has choices. they will attack the israelis for that. then what are they going to do about the united states. they clearly can attack our base in afghanistan and also our consulate and embassy in iraq. they can conduct terrorism inside and outside the united states. i don't believe they will attack our bases because that would be an overt act of war. we would then be at war with the iranians. we are the only country in the world that can regime change in iran. i do think they woul

if there ever was a nation-state that we should be using our cyberattack capability against economics in conjunction with the israelis this is it. and that is certainly would help deter the israelis from having to do an attack. bill: this is dempsey's big point. he is is worried about the backlash for u.s. forces in afghanistan and possibly in iraq. that is a fair concern, would you say? >> well, certainly the iranians would attack israelis if they were attacked, that's for sure. they would probably at a minimum would conduct terrorist operations against the united states and accuse us of supporting the israelis. then they have a big decision. do they conduct direct action against our embassy in baghdad and our consulate in basra and military bases in afghanistan? if they do that they're at war with the united states. that is a major escalation. major dempsey is correct. that would be a concern about that out come. bill: that baghdad embassy is basically imper just. that is one solid structure. dempsey makes the argument the economic sanctions are strange lynn iran and beginning to w

a cyberattack at their nuclear facility.liation. >> iran has denied israel's claim it's behind the plot in thailand, india and georgia but when asked if there's a covert conflict going on, america's top intelligence official said this about the activities of iran's feared revolutionary guard core -- known as the irgc. >> through their proxies with the irgc, particularly, decided and made a conscious judgment to reach out against primarily, israeli and secondarily, against u.s. interest. >> reporter: experts believe the iranians might try to stage an attack on u.s. soil, as much for the psychological as for the tactical effect. but as evidenced by one recent alleged plot, they don't always hit the mark. >> we know from the attempted bombing of the washington, d.c. restaurant, the assassination of the saudi ambassador, that was a fairly sloppy performance. >> reporter: former cia officer says that alleged plot against the saudi ambassador shows that iranian agents might have more difficulty deploying inside the u.s. he says it

capital police and computer and network specialists who spend their days that we're safe from cyberattacks and there are medical and scientific researchers looking for cures for devastating diseases. nurses and doctors who take care of our wounded warriors. there are the men and women who make sure the food supply is safe and that our water is clean enough for our children to drink. and the hardworking support staff. you know, i just lost my office, i was having my trash and recycling taken away from my office. those are all federal employees. and they are among the -- there are 423,000 federal employees who earn less than $50,000 a year. and 48% of them are women but 60% of the employees earning less than $50,000 a year are women. and they are the people who have seen their pay frozen for two years while health care and other costs are going up. mr. ellison: if i may just ask the gentlelady a question. so you mean to tell me and the american people and the speaker tonight that not only is this transportation bill proposing to cut into and basically tax federal employees' retirement benefi

guidance notes there's the capability and intent to conduct cyber espionage and the ain't to conduct cyberattacks on the united states with possibly severe effectings on the economy and our security. the director of national intelligence in recent senate testimony placed the cyber security threat in the top tier alongside of terrorism and nuclear and proliferation of weapons of mass destruction. a recent report from the national intelligence executive stated operations within china and russia are responsible for the massive thet of u.s., commercial, and military technology that could threaten our national security and our economy. let china and russia know in no uncertain terms that cyber economic espionage has very negative consequences for normal trade relations and other relations. in the area of personnel, aimed at slowing down the increase of personnel and health care costs that continue to rise at unsustainable rates this includes significant reduction in military and strength over the next five years, other personnel related forms, and a commission to review military retirement benefits. i

to with the sba, but your testimony reports that the fcc with reports having been affected by cyberattacks. what is the role of the fcc in preventing the attacks or aiding the small business community? >> well, i think increasingly the networks underpin all of the attacks. you the isps, the carriers themself, and you have devices attaching to it. i think one of the areas that we must remember is it's not always outside where those attack vectors come from, and just like organized crime found its way inside organizations, i think increasingly we're going to have to look at that as an attack vector, and that should be something that the fcc takes into consideration is they look at how to deal with it in addition to the isp filtering and listen to the other pieces they use. one thing i would caution. i hear a lot of rhetoric on building separate networks and having lived in a world that i'm old enough that we had separate networks, but only had clear people dealing with it, i think the reliability when things like 9/11 and tsunamis happen, the benefits of having multiple networks outweigh the

january for example, the state department expelled the counsel general of venezuela for planting a cyberattack on the u.s. government, and yet here we are debating an issue that could affect our getting to be less dependent on foreign energy sources and ignoring what is the obvious. we ought to be obviously trying to be less dependent on foreign oil, and yet that debate isn't even going on. we're talking about debate on an amendment that is simply redundant of current law. now, i don't know why we are having this debate, but i think the redundancy of it here, we always have a worst-case discharge scenario in current law. we simply don't need this, and so with that, mr. chairman, i urge opposition to this amendment, and i'll reserve my case i have to say something further. the chair: the gentleman from washington reserves. the gentleman from florida is recognized. mr. deutch: mr. chair, how much time do i have remaining? the chair: the gentleman from florida has two minutes remaining. mr. deutch: thank you, mr. chairman. the chair: the gentleman is recognized. mr. deutch: mr. chairman, the gent

cyber threats and the widespread prospect of a cyberattack could be as devastating to this country as the terror strikes that tore apart this country just ten short years ago. so how is that possible, you ask. think about how many people could die if the cyberterrorist attack attacked our air traffic control system, both now and when it's made modern, and our planes slammed into one another, or rail-switching networks were hacked, causing trains carrying people, and more than that, perhaps hazardous materials, toxic materials to derail or collide in the midst of our most populated urban areas, like chicago, new york, san francisco, washington, d.c., et cetera. what about an attack on networks that run a pipeline, refinery or chemical factory, causing temperature and pressure imbalance, leading to an explosion equivalent to a massive bomb or an attack on a power grid, shutting down generators that kill electricity going into cities and our hospitals. in short, we are on the brink of what could be a calamity. george bush's last -- president bush's last director of national intelligence

been used, there's nothing to stop the authors of the conficker botnet from launching a massive cyberattack. on april 1, 2009, than they don't want to take down the internet. they want to use the internet to make money. so if it was terrorist organization we would probably know by now. >> if it was terrorist organization, probably be a little quieter. it comes back to how noisy the threat is. >> this is to t.j. what is microsoft doing to prevent worm/virus in the first place? os improvements? like unex? >> weren't the first root history -- we have a number of programs them security development life cycle. windows 7, having things like address-based layout. things like that. we obviously have these trustworthy computing contingent, an army of individuals that triage vulnerabilities and have timely patches. automatic updates, a division of our company called the microsoft mall protection center so we offer free antivirus, and we have seen a shift from attacks against windows windows to a shn attacks against third-party add ins in social engineering so we're making huge strides on the security

this is going after the advanced cyberattacks like china who are out stealing art -- this historic transferof wealth between the united states in china right now as folks, chinese actors are getting intercompanies in stealing our i.t.. the chinese are stealing their wholesaler we need to do a better job of helping companies protect themselves against those attacks. we believe the project is doing some great stuff out there. i just need some help. they are paying for the great work that goes on at places like nsa to collect that stuxnet data so they should get the benefit of that data in protecting their networks. i think as you have for there is a pretty good consensus that this is a good model for going forward. there is disagreement in the details but i think it's encouraging there is so much similar thinking on both sides of the aisle of this narrow legislation, fairly narrow 13 pages so we try to achieve that in plain english. i think we got that done. >> terrific and i would like to pick up on some of those points later on to try to get a sense of the defense industrial base pilot proj

something like a bot net of this size is also a very powerful tool and if he wanted to launch a cyberattack, and assert the capable of overwhelming the root servers of the internet itself. now say nationstates behind it he wouldn't necessarily use the weapon right away. you would wait until you wanted to use it. suburban folks about this book and are disappointed the real world sometimes doesn't offer a germanic ending to a story. so it is true the button have not yet tried to destroy the internet with it. the idea some guy to make up on the wrong side of the bed and without telecommunications i find a little disturbing. >> is your bet that they haven't gotten the authors? >> correct. >> so there's a spectrum of possibilities. one is the most obvious is distribution or selling off lease time. there's war tool, but i discovered in your boat which i thought was fascinating is that in one of the generations of isp's is how connected they were. the authors were thinking about the structure of the social realm and there were some guys. i'm a few ram but these guys at m.i.t. who wondered whether