The Number One Threat to America’s National Security
Of all the risks to America’s national security, U.S. defense officials warn that a cyber attack now poses the greatest threat.
And we’re not just talking about attacks on the government or individual corporations anymore.
Ominously, experts fear cyber terrorists’ most likely target is also the most exposed…
The U.S. power grid.
It turns out they’re not the only ones worried, either.
A recent survey from Tenable Network Security, which does business with the Department of Defense, showed that an overwhelming 92% of Americans feel the energy infrastructure – like the power grid and other public utilities – are vulnerable to an attack.
Even more of them – 94% – believe the president should have the same power to respond to a cyber attack as he would to any other terrorist attack.
Hmm… sounds great in theory, folks… but there’s a problem: By nature, it’s often very hard to know who’s behind cyber attacks and where they are! These people are masters at covering their tracks.
And unlike physical wars, cyber attacks are executed in seconds, often with the element of surprise, and with potentially widespread, crippling effects.
There’s another problem, too…
Private Grid = Public Peril
These days, the mere mention of “government regulation” is enough to send many people into a flap, spewing a volley of colorful expletives toward our elected misrepresentatives in Washington.
But when it comes to cyber security, dare I say that there isn’t enough regulation?
I say that because it’s a particular problem with regard to securing the power grid. Because much of it is privately owned, the government doesn’t have the ability to oversee all-encompassing cyber regulation.
Now, you may think it’s a good thing to get the government out of the way. But Jeffrey Carr, author of Inside Cyber Warfare, says the status quo isn’t working: “The grid is becoming more vulnerable, not more secure.”
President Obama knows it, too…
Executive Order: Improving Critical Infrastructure Cyber Security
In his State of the Union speech this year, he warned that cyber terrorists were “seeking the ability to sabotage our power grid.”
So in conjunction with the speech, and following the failure of Congress to pass the Cyber Intelligence Sharing and Protection Act (CISPA) last year, he signed Executive Order: Improving Critical Infrastructure Cyber Security.
Fancy name… but what does it aim to do? Simply…
- Orders the National Institute of Standards and Technology (NIST) to work with government agencies and industry experts to set a standard operating procedure for tackling cyber threats and attacks.
- States that federal agencies must share real-time cyber security information – both classified and de-classified – about threats to industries and private companies that provide essential services and are vulnerable to an attack.
- Says “strong privacy and civil liberties protections” should be included in new laws. In other words, a shout out to those concerned about “Big Brother.” The American Civil Liberties Union said the order would do more to protect privacy than the controversial CISPA, which would have forced companies to share information with the government. Obama had threatened to veto the bill if its original version had passed in Congress.
Quoted in Reuters, Former Director of Homeland Security, Michael Chertoff, calls the order a “critical step in protecting America… a down-payment in the protection of our nation’s cyber infrastructure, which Congress will build upon as they develop cyber security legislation.”
Obama claims that the new mandate will “strengthen our cyber defenses by increasing information-sharing… protect our national security, our jobs and our privacy.”
But remember… much of the power grid is privately owned, so because it’s an executive order and not official law, private companies don’t have to follow any of it. The details are directed more toward federal agencies, and all the government can do is offer incentives to encourage companies to adopt any directives.
So despite Obama’s best executive efforts, Carr grimly concludes, “There is no way to secure the U.S. power grid. There’s simply no way to do it.”
Which is why Obama is pushing Congress to pass stricter cyber laws this year that will “give our government a greater capacity to secure our networks and deter attacks.”
What Could a Cyber Attack on America’s Power Grid Look Like?
As it stands, the ramifications of a widespread, sophisticated cyber attack on America’s infrastructure could be catastrophic. A recently de-classified report from the National Academy of Sciences estimates that an attack on the power grid could cost hundreds of billions of dollars and lead to thousands of deaths.
Gary McGraw, a cyber security expert at Cigital, says: “The idea would be to go after generation plants or maybe the grid itself in such a way that physical components of the grid would destroy themselves. It’s quite possible to do this to make a transformer burn itself up… Replacing a whole bunch, like thousands, or tens of thousands of transformers throughout the grid, would be something that would take us months or even years to recover from.”
Bottom line: Cyber attacks are a serious and growing threat. We can’t keep bumbling along, dodging the bullet from would-be online terrorists. Enacting comprehensive cyber security laws is essential and long overdue. A bill would at least help coordinate preventative measures between both government and private industry, as well as responses to threats and attacks.
Congress: It’s over to you. Time to get it done.
Ahead of the tape,