An interesting article about the various political and military challenges connected to cyber technology.
Full Text Follows:
Defense Secretary Leon Panetta said Thursday a series of recent electronic attacks that have been tied to Iran, both in the U.S. and abroad, herald a "significant escalation in the cyberthreat," and warned the U.S. would aggressively pursue the perpetrators, in what cybersecurity experts called a veiled warning to Tehran.
The attacks, which have targeted U.S. and foreign banks, demonstrate the need for a more aggressive military role to defend U.S. networks and to retaliate against organized groups or hostile governments, Mr. Panetta said. That is especially the case if electric grids, water systems, transportation networks and other critical functions are targeted, he said.
"This is a pre-9/11 moment," he said in a speech in New York. "The attackers are plotting."
Mr. Panetta's comments represent his most urgent warning to date concerning the security threats, and provide new details about military planning to counter what he and others see as a growing threat in a call-to-arms over the computer-security issue, the first such call from a U.S. defense secretary.
Mr. Panetta didn't name Iran as a perpetrator of any particular plot, but identified Iran, along with China and Russia, as countries active in cyberspace. His address notably included information that had been declassified for his remarks, delivered to the Business Executives for National Security, a trade group.
The declassified material included description of attacks that have taken place, including efforts to disable the websites of U.S. banks, which have affected about 10 banks in the past few weeks. The impact has varied, from slowing website response to disabling websites used for personal and business banking.
The defense secretary also noted a July attack against Saudi Arabia's state oil company, Aramco, in which a virus called Shamoon erased critical files on some 30,000 computers, replacing them with images of burning American flags.
U.S. officials have connected all these attacks to individuals in Iran. Based on these people's capabilities, U.S. agencies suspect they are connected to the Iranian government, according to former officials briefed on the matter. A senior defense official confirmed the U.S. has identified those responsible for the attacks.
Among the declassified information were descriptions of a variety of threats against critical infrastructure in the U.S. Mr. Panetta said the U.S. had learned that intruders gained access to computer control systems that "operate chemical, electricity and water plants and those that guide transportation throughout the country." Officials didn't say whether they had identified who was responsible for those intrusions, and Mr. Panetta didn't indicate there had been any consequences.
Mr. Panetta's public remarks were also more expansive than any other U.S. official's to date on the Pentagon's development of cyberweapons. While defense officials were reluctant to call them "offensive weapons," He said the U.S. had developed capabilities to conduct cyberoperations. "If we detect an imminent threat of attack that will cause significant physical destruction or kill American citizens, we need to have the option to take action to defend the nation when directed by the president," he said.
The speech by Mr. Panetta comes as the U.S. is trying to forge new rules of engagement in cyberspace and create a level of deterrence by talking more openly about America's own capabilities—and showing a willingness to use them.
The Pentagon is spending $3 billion annually to develop cybercapabilities, and officials have said they are trying to build a core of military service members who are adept at defending against cyberattacks and wielding cyberweapons.
"Just as DoD developed the world's finest counterterrorism force over the past decade, we need to build and maintain the finest cyber operators," Mr. Panetta said.
Cybersecurity experts said that while the speech didn't explicitly connect Iran to the attacks, the Iranians will understand that the U.S. is suspicious.
The effect of the speech is a veiled warning to Iran to back off, said James Lewis, a cybersecurity specialist with the Center for Strategic and International Studies who frequently advises the Obama administration. "The purpose is to signal to the Iranians: naughty, naughty," he said.
Defense officials said Mr. Panetta's speech was meant to be a call to arms, and was aimed at deterring others.
"One of the effects of talking about cyber more openly is that we are making clear to anyone who would try to do harm to the nation that we are paying attention and we are not going to take this sitting down," said a U.S. official.
Kristin Lord, an expert at the Center for a New American Security, applauded Mr. Panetta's discussion of cyberweapons and deterrence. But his remarks described the gravest attack Americans might face, not the most likely, she said.
"On 9/11, more than 3,000 people died in a couple hours," she said. "I think that is an unlikely scenario for a cyberthreat. It's not impossible. But it is unlikely, in the near term."