Defense Secretary Leon Panetta painted a bleak picture of American preparedness for cyber attacks on critical infrastructure in a speech yesterday, warning that America is open to the threat of a “cyber-Pearl Harbor” that could “be just as destructive as the terrorist attack of 9/11.” Panetta described the threats to U.S. critical infrastructure as dire:
“An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches… They could derail passenger trains, or even more dangerous, derail passenger trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”
Panetta’s comments come after a string of cyber attacks targeting the private banking industry and his doomsday scenario of critical infrastructure security failures is backed by the twenty-fold increase in deployments for Department of Homeland Security’s Industrial Control Systems Computer Emergency Readiness Team (ICS-CERT) since its creation in 2009.
However, the U.S. forays into cybersecurity have not always been on the defensive side, with researchers uncovering three new malware programs possibly developed by the U.S. this summer in addition to the widely reported Stuxnet virus. Commentators have noted Panetta’s heated rhetoric on cybersecurity comes while the administration is reaching out to the Hill to build support for an impending cybersecurity executive order.
Department of Homeland Security Secretary Janet Napolitano confirmed in September that the administration was nearing completion of a draft cybersecurity order following the failure of multiple cybersecurity legislative efforts in Congress. Online outlets have expressed concern that the order may take policy guidance from defeated bills that were maligned for lax privacy protections similar to those in the SOPA and PIPA copyright enforcement proposals that resulted in numerous online protests in early 2012.