CISPA necessary to avert ‘Cyber-Pearl Harbor’ – Panetta
In light of this “pre-9/11 moment,” the US should act preemptively to protect “national interests in cyberspace,” the US Secretary of Defense said.
“[A] Cyber-Pearl Harbor that would cause physical destruction and the loss of life, an attack that would paralyze and shock the nation and create a profound new sense of vulnerability,” Panetta said during a speech at the Intrepid Sea, Air and Space Museum in New York. He claimed that cyber-attackers had developed new technologies that could knock out entire city power grids, derail trains and contaminate water supplies.
Panetta branded China, Russia and Iran, along with extremist military groups, the greatest cyber-threats to the US.
“An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches,” Panetta said. “They could derail passenger trains, or even more dangerous, derail passenger trains loaded with lethal chemicals.”
He did not elaborate on details about where or how these cyber-strikes would occur.
According to Panetta, the only way to effectively “protect the US democracy” is to pass a cybersecurity bill in Congress that enables the sharing of private information between companies and the government.
The US Senate voted against the Cyber Intelligence Sharing and Protection (CISPA) legislation amid complaints that it gravely violated personal freedoms and could be used to spy on citizens.
Despite the widespread opposition, the Obama administration said it would sign an executive order effectively forcing companies to instate new cybersecurity standards.
Mr. Panetta claimed the laws would not violate people’s rights or liberties, “but if there is a code, if there’s a worm that’s being inserted, we need to know when that’s happening,” he told the New York Times prior to his speech.
‘Defense alone is not enough’
“If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us, to defend this nation when directed by the president,” Panetta said during the speech.
To this end, the US invested significant funds and research into developing techniques to pinpoint the origin of cyber-attacks, with the aim of striking preemptively in the name of “national cyber-security,” he said.
“There is no substitute for comprehensive legislation, [but] we need to move as far as we can in the meantime,” Panetta said. “We have no choice because the threat we face, as I’ve said, is already here.”
According to media reports, the US played a major part in the development of the Stuxnet and Flame viruses that attacked Iran’s nuclear program and extracted classified information.
The White House also confirmed that hackers linked to the Chinese government mounted a cyber-attack in October. The ‘spear-phishing’ attempt struck an unclassified network and failed to extract valuable data, although such attacks are “not infrequent,” officials said.