It’s no longer just Sony, your LinkedIn account, or Yahoo email address that needs to be concerned about cyber crime. After announcing that certain attacks on US banks and Middle Eastern oil companies were perpetuated by a nation state, US Defense Secretary Leon Panetta warned of the possibility of a “cyber-Pearl Harbor that would cause physical destruction and the loss of life, an attack that would paralyze and shock the nation and create a profound new sense of vulnerability.”
Panetta made his case in a speech last week at the Intrepid Sea, Air and Space Museum in New York, the New York Times reported.
Though Panetta did not specifically blame Iran for a series of cyber attacks that erased vaults of data at US banks and a Middle Eastern oil company, he did say that Tehran has“undertaken a concerted effort to use cyberspace to its advantage.” The AP cited a state official who reported that Washington knew who launched the attacks and that it was a nation state.
Panetta said there has been increased technological aggression against the United States and US businesses by China, Russia, Iran and militant groups. The dire picture he painted went far beyond databases, financial systems and tech infrastructure typically targeted by hackers.
“An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches,” Panetta said. “They could derail passenger trains, or even more dangerous, derail passenger trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”
In sounding the alarm, Panetta also called for legislation that would mandate new cyber security standards at critical private-infrastructure facilities such as pipelines, power facilities and water treatment plants where a cyber attack could cause widespread devastation and panic. A cyber security bill was blocked last August by a group of Republicans including John McCain, who sided with the US Chamber of Commerce, which argued that such regulation would stifle private businesses already struggling in the recession. President Obama is said to be weighing the possibility of an executive order to promote the sharing of cyber security information between the government and the private sector.
Cyber attacks in the form of the Shamoon virus wiped out database files at the the Saudi Arabian state oil company Aramco and Qatari natural gas producer RasGas. Service of denial attacks have also been launched against US banks to over run their systems and take them offline.
“They have been going after everyone—financial services, Wall Street,” a senior defense official told the Wall St. Journal. “Is there a cyberwar going on? It depends on how you define ‘war.'”
Iran isn’t the only country potentially waging a hack war. Last week, the House Intelligence Committee warned US firms against doing business with Huawei and ZTE, two prominent Chinese tech companies, because of cyber spying concerns.
Security companies warn against cyber crime as often as most people talk about the weather. When the War Department takes a stand, however, somebody had better listen.