The federal government of the United States has been urging businesses to report cyber attacks on their computer networks for years now.
At the same time, the federal government has been bolstering the security of its own networks for various government bureaus as well as the military. The fear is that hackers in other countries could launch sophisticated cyber attacks in an effort to damage critical infrastructure such as power grids.
Recently, Homeland Security Secretary Janet Napolitano warned that a major cyber attack remains a looming threat – and could have the same type of impact as hurricane Sandy, which left a large portion of the Northeast without electricity and other utilities for an extended period of time.
Napolitano also said that a “cyber 9/11” could happen “imminently” and that critical infrastructure systems in the US were quite vulnerable to cyber attack. She specifically highlighted systems such as water, electricity and gas.
“We shouldn’t wait until there is a 9/11 in the cyber world. There are things we can and should be doing right now that, if not prevent, would mitigate the extent of damage,” said Napolitano, speaking at the Wilson Center think tank in Washington and referring to the September 11, 2001 attacks.
As such, Napolitano is urging Congress to pass legislation to oversee cyber security, allowing the federal government to share information with the private sector to help prevent any potential catastrophic cyber attack. The problem in the United States is that much of the country’s critical infrastructure systems are privately owned.
Last year a cyber security bill failed to garner support in Congress after it met stiff resistance from business groups and privacy advocates who claimed the government was overreaching its boundaries with the bill.
Indeed, privacy advocates continue to fear that cyber security legislation could lead to extensive government eavesdropping on the Internet. Nevertheless, US President Barack Obama is expected to issue an executive order setting up a voluntary system to help protect critical infrastructure systems, with the Executive Order offering incentives to companies who participate.
“The clarion call is here and we need to be dealing with this very urgently,” said Napolitano. “Attacks are coming all the time. They are coming from different sources, they take different forms. But they are increasing in seriousness and sophistication.”
It should probably be noted that in previous years, the DHS itself failed cyber security audits.