Thursday, June 27, 2013

Are Defenses Against Cyberattacks on U.S. Critical Infrastructures Missing the Target?

When the first version of what would become the Internet became operational in the late 1970s, one of the developers revealed years later that the team never expected the user base of this new technology to exceed 10,000. Nor did they imagine that critical infrastructures like power generation would be connected to what was meant to be an open network.

How wrong on both counts.

Today, we enjoy the marvels of a global Internet that has revolutionized our daily lives in ways that could not have been envisioned in the 1970s. But this marvelous technology – called the most complex manmade environment on earth – has a dark side. Explosive cybercrime, near-daily disruptions of commercial networks and looming cyberattacks on critical national infrastructures are all part of our daily media diet.

Preparations to control, prevent, and forestall these activities are immense. The cyber-military industrial complex has grown from a subject of intriguing study less than 15 years ago to an immense network of government agencies, military commands and private cyber defense firms. Their outputs are impressive: cyber defense tools, early warning methods, and powerful cyber attack weapons, to name a few.

But when you step back to look at the big picture of the impact of cyberattacks on critical American infrastructures (utilities, communications, and travel), our arsenal of cyber defense capabilities appears distressingly incomplete.

With the power of a thousand tsunamis, the impact of such cyberattacks will crash through our nation, shattering three essential spheres and altering our way of life for years to come, if we are not prepared.

The first sphere is our political environment. Witness the shock and continuing reverberations of 9/11 and the Oklahoma City bombing. We Americans are not accustomed to attacks on our homeland. We had no known actionable warnings against these two attacks and were not prepared for their consequences. But we do know with certainty that cyberattacks on our power and communications networks are coming. And they will affect American politics.

The second sphere, the bedrock of what makes America function, is our economy. Serious cyberattacks will send securities markets plummeting, bringing commerce to a disruptive halt. What are the plans to keep our key commercial functions operating, even if in partial mode, following an attack? Who bears financial responsibility for preparing for these contingencies?

The third sphere is the human impact. Extremist terrorist groups are driven by a desire to disrupt the way we live, throw us into turmoil, and make us afraid and weakened. America’s leadership must be prepared to take instant and decisive action following infrastructure attacks. Strong, believable assurances must be offered to provide our citizens with comfort that the country is safe, and that action is being taken. We must believe the worst is over and those responsible will feel the full wrath of America’s response.

We have certain warning. Now is the time to begin our preparations in all spheres, rather than making them up as we go after the cyberattacks begin.

For anyone wishing an advance look at how lack of preparation in these three spheres can affect America in this new and unpredictable world we live in, a vivid portrait can be found in my novel AFTERSHOCK.

("Dart Board" image: zirconicusso/

No comments:

Post a Comment