A massive cyber attack on American infrastructure is the 21st-century equivalent of the neutron bomb. All buildings remain standing but systems inside them are rendered useless. Human beings aren’t killed on a large scale, but few, if any, are left standing either. And while this sounds pretty dire, it’s quite likely some segment of this nation will at some time be shut down by cyber terrorists.
Late last month Janet Napolitano, Obama’s homeland security chief, made some startling statements at a live event on cyber security sponsored by the Washington Post. For example, she said that hackers have “come close” more than once—maybe several times, or maybe many times—to compromising critical segments of America’s infrastructure. In particular, she mentioned that big banks and transportation systems were popular targets for cyber attackers. When she was asked how many cyber attacks might have occurred during her 45 minute conversation, Napolitano replied, “Thousands.” And if that weren’t enough by itself, her most ominous remark was delivered in almost desultory terms: “I think we all have to be concerned about a network intrusion that shuts down part of the nation’s infrastructure in such a fashion that it results in a loss of life.”
It goes without saying that if an attack successfully shut down essential services, people would die unnecessarily. Curiously, Secretary Napolitano’s remarks didn’t attract a great deal of attention because it wasn’t news like it used to be. Large-scale data breaches or security hacks themselves are reported, but not highlighted as much, because they happen so frequently. It’s similar to the criticism that the media sometimes considers shootings in “bad” neighborhoods as common occurrences and no longer really treats them as newsworthy. As a result, the near-apocalyptic observations about a hidden part of America (the binary bits of the cyber highway) by a cabinet level officer also seemed to go unnoticed, drowned in a sea of news about gridlock in Washington, collapsing governments in Europe, and the brain blips of certain presidential candidates.
By this time we all know that most major institutions of government and industry have been hacked in some way, shape or form. Millions of people were compromised when Sony, Citibank, the Department of Veterans Affairs, contractors for the Department of Defense and others were successfully breached.
At least we heard about those.
[Featured Product: Need credit monitoring options?]
A couple of days ago, Virginia Commonwealth University disclosed that a server containing files with the personal data, including Social Security numbers, of 176,567 current and former students, faculty, staff and affiliates had been compromised. From what I can tell, this breach wasn’t reported anywhere except in local media and some security and tech websites. So I guess we’re not likely to hear much about breaches of this type as time goes on, because they’ve become the equivalent of “white noise.” But especially after hearing Ms. Napolitano’s comments, perhaps we don’t hear about other cyber attacks—hopefully far less common—which are directed at hurting all of us instead of just some of us, for very different reasons.
The government has tacitly acknowledged that the war is on, which can be deduced more from actions than from words. The Department of Homeland Security is hiring 1,000 cyber security specialists, and the always covert NSA is looking to hire 3,000. At DEFCON, the Las Vegas convention of hackers held last August, representatives of Homeland Security, NASA, the NSA, and the CIA were among the 10,000 attendees. For the agencies, it was a massive job fair, presuming that one could distinguish the white hats from the black hats during the interview process.
The Next Osama bin Laden (cont.) »
Image: OndraSoukup, via Flickr.com