The uber-CERT: Germany’s new cyber-defense centre  2.4.11

I guess when average media consumer hears “cyber-defense centre”, she likely has Star-War-ish control rooms in mind,. Now, starting today, Germany has its National Cyber Defense Centre. It is located in the offices of the Federal Office for Information Security (BSI), which reports to the Federal Minister of the Interior. Not much of a surprise, any Quite some headlines in national media for a 10-persons task-force. (Sources: FAZ, Ministry of the Interior, both in German)

It has a staff of mere 10 members, 6 of which from BSI, 2 from the domestic intelligence agency (Bundesamt für Verfassungschutz), 2 from the Federal Office of Civil Protection and Disaster Assistance. The most senior position appears to be the ‘Speaker’, held by the BSI president, which might imply that the Centre is just a department of the BSI or a trans-organisational task-force rather than a distinct organisation. The Centre’s task is to share information about incidents, vulnerabilities, forms of attacks, categorise incidents, detect vulnerabilities and propose activities.

In addition, Berlin plans to set up a National Cyber-Security Council under the auspices of Merkel’s ICT advisor. No details reported here, but is sounds like a discussion group bringing together government, industry, security bureaucracy, telcos and the like.

The main function of Centre and Council likely is to gather information and data related to internet security and to provide decision makers in politics with timely recommendations how to proceed in this new field of internet security governance. Kind of a national über-CERT. But we have no details here, alas.

Noteworthy for students of internet security governance is the institutionalisation of collaboration between technical IT security experts and intelligence. Previous large-scale dDos attacks have shown that technical side can get the upper hand over attackers if intelligence manages to provide information about them.

But the main issues are not dDos attacks or similar obstructive attacks. Espionage, especially for economic purposes not only between China and the West, but also among Western states, has alarmed policy makers and media alike. Early February, Germany’s leading conservative newspaper FAZ wrote in an article caption “A Worldwar“: “As Western allies spy Germany day in, day out, one or another cyberattack could be attributed to them.” Stuxnet was allegedly developed by the US and Israel.

The mentioned article has an example of another trend in internet security governance: A call to arms for internet security experts. We’ve heard that before. In Tom Friedman’s 1998 “Techno-Nothings” column. And more recently in the Estonian Cyber Army concept or in Richard Clarke’s book “World Wide War.” Looks like politics is approaching those communities indispensable for internet security. Only the modes of approaching differ: sometimes careful, sometimes clumsy, and sometimes coercing.