On Tuesday, former top-ranking national security officials participated in a war-game to test America's cyber security apparatus. Consensus? The U.S. is woefully under-prepared. The Washington Post's Ellen Nakashima said the simulation "laid bare" that the U.S. government "lacks answers" to key national security questions. So what are the potential ways America could fall victim to a cyber catastrophe? Here's what Tuesday's panel faced. Following that, two cyber security observers explain what keeps them up at night:
The problem started with a downloadable application that infected smartphones. But it then spread to infect PCs, sending massive video files over the net and virtually shutting it down.
Later, two bombs disabled the country's electricity network and destroyed gas pipelines... Soon 60 million cellphones were dead. The Internet crashed, finance and commerce collapsed, and most of the nation's electric grid went dark. White House aides discussed putting the Army in American cities.
- An Orchestrated Attack from China, writes James Fallows in The Atlantic. He says we're living in a "pre-9/11" era when it comes to cyber security:
China has hundreds of millions of Internet users, mostly young. In any culture, this would mean a large hacker population; in China, where tight control and near chaos often coexist, it means an Internet with plenty of potential outlaws and with carefully directed government efforts, too. In a report for the U.S.-China Economic and Security Review Commission late last year, Northrop Grumman prepared a time line of electronic intrusions and disruptions coming from sites inside China since 1999. In most cases it was impossible to tell whether the activity was amateur or government-planned, the report said. But whatever their source, the disruptions were a problem. And in some instances, the "depth of resources" and the "extremely focused targeting of defense engineering data, US military operational information, and China-related policy information" suggested an effort that would be "difficult at best without some type of state-sponsorship."
- An Al-Qaeda-Executed Attack on Our Financial Markets, writes Jim Kennedy, author and security services consultant. He says a cyber attack by al-Qaeda is highly plausible and could be aimed at U.S. financial firms:
These plans could include attacks on the stock market or other now very fragile financial markets. Their attacks could be directed to intercept, delay, or corrupt some of the many financial transactions that take place over the sophisticated network of computers interconnected via the Internet. They (terrorist groups) could launch 'denial of service' attacks to delay or deny access of credit markets to money needed to keep businesses functioning. They could also break into large credit organizations and eliminate transactions already completed and erase or corrupt databases thereby blocking financial transactions from taking place or being completed. With today's unstable financial markets any cyber attack that further exacerbates the problem could cause catastrophic consequences. In reality, with financial markets already weakened by the credit crisis, terrorists who desire to do the US harm could inflict economic damage using techniques that would not require any advanced technical skills or financial knowledge.