Department of Justice Seal
Remarks of Deputy Attorney General
Larry D. Thompson
Armstrong Atlantic University
Savannah, Georgia
September 19, 2002

Thank you.

I am, as always, happy to be back in Georgia and pleased to have the opportunity to address leaders in law enforcement and private industry charged with defending against cyber-terrorism and cyber-crime.

I would like to speak with you about some of the key issues that have arisen concerning the threat of attack on our nation's critical infrastructure launched from cyber-space. In confronting these threats, we do well to remind ourselves that the internet is nothing more than an elaborate chain of connections among computers and their users, private and government, foreign and domestic. As with any chain, it can only be as strong as its weakest link.

In securing cyberspace, we cannot rely solely on government or solely on private industry. It reminds me of the story about Muhammed Ali when he was the Heavyweight Boxing Champion of the World. After one of his victorious title fights, the Champ was on a airplane waiting to take off. Ali was annoyed when a flight attendant pestered him to put on his seat belt. "Do you know who I am?" He challenged her. "I am the Champion of the World! I am Muhammed Ali! I am Superman! Superman don't need no seatbelt!" The flight attendant looked at him sternly and then quickly shot back, "Superman don't need no airplane either."

We at the Justice Department are not Supermen and Superwomen. We necessarily rely on private industry – which owns most of the infrastructure that we are trying to protect. In a world in which everything from telecommunications, to financial systems, to pipelines, dams and power grids is controlled by networked computers, cyberspace is a critical front in our national defense – and one in which cooperation is crucial.

Although the Department has focused on computer crime for some time, the terrorist attacks of 2001 and our concern over the exploitation of weaknesses in our computer defenses pushed our efforts into high gear. Those terrorist attacks have, of course changed many things.

Americans before us have gone to war many times – and spent untold blood and treasure to secure the liberties that we hold dear – but we live in historic times; we are the first generation of Americans to confront the mass murder of civilians by a foreign enemy on our own soil. September 11, 2001 was not the beginning of America's war against terrorism, but the attacks that day in New York and Washington did galvanize the country and bring our goals into sharp focus.

We are fighting a tenacious, sophisticated and devious enemy who seeks to use our own freedoms against us. That fact has had far-reaching consequences for the law enforcement role in this war. We have had to use every weapon in our legal arsenal to disrupt and prevent future terrorist attacks. Not the least among these has been our efforts to defend our critical infrastructure while preserving the freedoms that have made our system the envy of the world and the perennial winner in the marketplace of ideas.

As Deputy Attorney General, I represent the Justice Department on the President's Critical Infrastructure Protection Board. Created in the wake of last year's terrorist attacks, the Board coordinates the federal government's efforts to protect our information systems. Yesterday, the Board unveiled the outline of our national strategy to secure cyberspace through unprecedented and comprehensive cooperation among government, private industry and individuals. We hope that you will join with us to develop this strategy and execute it successfully to protect our nation from cyber-terrorism and cyber-crime.

As Deputy Attorney General, I also oversee the Department's efforts to investigate and prosecute attacks on our computer infrastructure, whether they be terrorism, theft or sheer vandalism.

We are actively pursuing a number of initiatives in this area, and I would like to talk with you about a few of them:

1) The National Infrastructure Protection Center (NIPC) serves as the government's focal point for threat assessment, warning, investigation and response for attacks or threats against our critical infrastructure. Through the NIPC, the Department works together with other government agencies and private businesses to identify weak points in our electronic defenses and shore them up before they can be exploited.

2) Then we have the 24/7 Law Enforcement Network – As part of an international effort against high-tech crime, the department leads a multinational group that cooperates to exchange information among law enforcement agencies. As the name implies, this coordination continues around the clock and it has contributed to the development of leads and evidence in thousands of investigations the world over. This coordination can develop critical leads – something as simple as an e-mail address or a URL can prove to be the first clue in a trail that circles the globe electronically and leads to our enemies. As terrorists, thieves and vandals increasingly communicate across borders using the internet, the 24/7 network will become ever more critical.

3) FBI Cyberdivision – As part of a major reform of the FBI, the Bureau has created a new Cyberdivision that concentrates the Department's resources to investigate all manner of computer crime. The Cyberdivision includes our Computer Analysis Response Team that specializes in computer forensics and evidence preservation.

4) C-CIPS – the Department's Criminal Division has established a Computer Crime and Intellectual Property Section that concentrates the Department's expertise on a range of criminal enforcement issues involved in prosecuting and investigating computer crimes. CCIPS has taken the lead in employing the new tools that the USA PATRIOT Act provided to investigate threats and produce evidence in the cyber-arena. For instance, the USA PATRIOT Act amended the pen/trap statute, the law that gives law enforcement the authority to trace the source of communications of criminals and terrorists. These amendments modernized the statute to make clear that it applies to Internet communications (not just telephones), and it granted federal courts the authority to compel assistance from any provider of communication services in the United States rather than only those within the district of the court issuing the order. The Act also lowered the barriers to sharing information from law enforcement investigations with military and intelligence investigators, including some grand jury information.

We are defending the nation on all of these fronts, while handling the persistent rash of computer hacking vandalism and computer-based fraud that is a continual irritant to our economy. As you know, it is often difficult to distinguish between a terrorist attack and a malicious, but ideologically empty assault – and the two may have equally catastrophic results. We will press ahead in these efforts and look forward to your continued ingenuity, enterprise, cooperation and support.

I believe we are on the right track but we will not be complacent. As Will Rogers once said, "even if you're on the right track, you'll get run over if you just sit there." And we will not just sit there. We will move aggressively to defeat terrorism wherever it exists and defend citizens' rights whenever they are threatened. I can assure you of that