Leon Panetta implied that World War is on the horizon, and that our Pearl Harbor may come in the form of cyber attacks on computers. In the briefing, he pointed to the increasing threat of such attacks from Iran. (Who needs nuclear power, these days?)
National security experts have long complained that the administration needs to be much more open about what the military could and would do if the U.S. were to be the victim of cyberattacks. They argue that such deterrence worked in the Cold War with Russia and would help convince would-be attackers that an assault on America would have dire results. Panetta took the first steps toward answering those critics in a speech analysts said was a thinly veiled warning to Iran, and the opening salvo in the campaign to convince Tehran that any cyberattack against America would trigger a swift and deadly response. “Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for actions that harm America or its interests,” Panetta said in a speech in New York City to the Business Executives for National Security. And while he did not directly connect Iran to the Gulf cyberattacks, he warned that Iran’s abilities were growing. Security analysts agree. The presumed Iranian cyberattacks hit the Saudi Arabian state oil company Aramco and Qatari natural gas producer RasGas using a virus, known as Shamoon, which can spread through networked computers and ultimately wipes out files by overwriting them.
“Congress must act and it must act now,” he said. “This bill is victim to legislative and political gridlock like so much else in Washington. That frankly is unacceptable and it should be unacceptable not just to me, but to you and to anyone concerned with safeguarding our national security.” Specifically, Panetta called for legislation that would make it easier for companies to share “specific threat information without the prospect of lawsuits” but while still respecting civil liberties. He also said that there must be “baseline standards” co-developed by the public and private sector to ensure the cybersecurity of critical infrastructure IT systems. The Cybersecurity Act of 2012 contained provisions that would arguably fit the bill on both of those accounts. While Panetta said that “there is no substitute” for legislation, he noted that the Obama administration has been working on an executive order on cybersecurity as an end-around on Congress. “We need to move as far as we can” even in the face of Congressional inaction, he said. “We have no choice because the threat that we face is already here.”
Keep alert, and your Constitution and anti-virus handy!