AT&T Advocates Innovative Solutions to Growing Cyber-Security Threats to Consumers, Businesses and Government Agencies

March 19, 2009

AT&T Chief Security Officer Tells Senate Committee Cyber-Crime Exceeds Drug Trafficking as the Most Lucrative Illegal Global Business

AT&T Chief Security Officer Edward Amoroso told a Senate Commerce Committee today that cyber-security threats have increased significantly over the past five years, and are evolving to the point where they pose a significant threat to both private and government institutions.

Testifying before the Senate Committee on Commerce, Science, and Transportation, Amoroso said, "Evolving and more lethal types of cyber-attacks can devastate infrastructure. It has become so easy and rampant that the risk has grown exponentially. The result is a laser-like cyber-attack on an unsuspecting business or government system." He added, "Last year the FBI announced that revenues from cyber-crime, for the first time ever, exceeded drug trafficking as the most lucrative illegal global business, estimated at reaping more than $1 trillion annually in illicit profits."

Most citizens equate the issue of cyber-security with viruses that find their way onto computers, or with the stories they hear about so-called "security breaches" resulting from laptops being lost or stolen. While these are certainly problems, from the perspective of protecting the nation's critical infrastructure, these issues are not nearly as severe.

Amoroso noted, "Cyber-security is more about protecting the infrastructure from intrusion by individuals or forces determined to disrupt the flow of data and the storage of information."

Amoroso recommended three actions to address the growing cyber threat to the U.S.

• The federal government procurement process needs to be upgraded to implement sufficient security protections to deal with large-scale cyber-attacks.
• More international partnership and cooperation is required during a cyber-attack.
• Endorse several National Security Telecommunications Advisory Committee (NSTAC) recommendations to improve public and private sector communications to better thwart cyber-attacks.

For AT&T, cyber-security is the collective set of capabilities, procedures and practices that are designed to protect our customers and the services we offer them from the full spectrum of cyber-threats, including botnets. To this end, strong cyber-security is essential to maintaining the integrity and reliability of the network, as well as protecting privacy of personal customer information.

This year alone, AT&T is investing approximately $17 billion to $18 billion to expand the capabilities of our network and infrastructure to meet the rapid global expansion of advanced information technology and services, and to enhance reliability and security. AT&T's advanced network technology currently transports more than 17 petabytes a day of IP data traffic.