Secretary of Homeland Security Janet Napolitano - photo credit: Fema/NyxoLynoCangemi
The “big one” is coming. No, this is not a warning about an earthquake in California nor a monster hurricane heading for the Gulf Coast.
Outgoing Secretary of Homeland Security Janet Napolitano was referring to an inevitable cyberattack against our nation, as she delivered her remarks at the National Press Club this week.
“Our country will, for example, at some point, face a major cyber event that will have a serious effect on our lives, our economy, and the everyday functioning of our society.
While we have built systems, protections and a framework to identify attacks and intrusions, share information with the private sector and across the government, and develop plans and capabilities to mitigate the damage, more must be done, and must be done quickly....”
As one would expect, the global press reacted with headlines like these:
BBC News: US 'concerned' over cyber threat
The Developing Cyberthreat
These departing words from the outgoing DHS Secretary surprised many people – including yours truly. While I have heard similar warnings from numerous sources inside the intelligence community including three-letter agencies over the past year, I didn’t expect to hear Secretary Napolitano be quite so open about the growing cyberthreat in a major speech.
The reality is that the threat to critical infrastructure has been growing over the past several years. President Obama’s word during the State of the Union this year, along with the Executive Order on Cybersecurity and Presidential Directive 21 (PPD-21) are tangible examples of the sense of urgency coming from the federal government as well as leading experts in the field. World-wide attention regarding serious new cyberthreats has also been steadily rising.
Nevertheless, this speech went much further. Previously, (mostly private) warnings have been used to rally the forces to do everything possible to defend our critical infrastructure. The sense from these words was that a major cyberattack is inevitable, even though that exact word was not used.
And any suggestion that we are already in a cyberwar now will not do. Look carefully at these words again:“… A major cyber event that will have a serious effect on our lives, our economy, and the everyday functioning of our society….”
Clearly, the Secretary of Homeland Security is thinking of something more than the status quo.
How imminent is the threat?
Which, of course, raises many questions. How imminent is this major cyberthreat? Was she referring to some specific or known enemies who have the required capabilities to harm us? Have previous serious cyberthreats been stopped? Are there know vulnerabilities that we are worried about?
Experts are all over the map in their views about where a significant cyberattack could come from. Opinions range from underground hacker groups to foreign military powers like Russia or China to terrorist organizations around the globe.
Could Napolitano be warning about Syria?
For example, one hot topic right now is a potential cyberattack from the Syrian Electronic Army (SEA). While some sources claim that the SEA is not a serious cyberthreat, others disagree. For more background on the SEA, see this article from Krebs on Security.
The SEA is getting quite a bit of attention right now as a result of their recent actions in taking down the New York Times, as well as world events regarding a potential US missile strike against Syria. It appears that President Obama has decided to get Congressional approval before taking any further military action against Syria. However, plans are being made now to defend against cyberattacks from the Middle East, if an attack does occur.
This CNN video offers one example of how the news media has spent significant time over the past few days discussing a Syrian cyberattack as a potential retaliation from a US missile strike.
As the video suggests, experts are more worried about the cyber capabilities of China and Russia than the specific threat from the SEA. But would these countries help in an attack against US critical infrastructure if the US attacks Syria?
Only time will tell, but some fear Iran’s help in a coming cyberattack. Here’s an excerpt from Reuters:
“The risk is heightened by Syria's alliance with Iran, which has built up its cyber capability in the past three years, and already gives the country technical and other support. If Iran stood with Syria in any fray with the United States that would significantly increase the cyber threat, security experts said....”
In conclusion, we all should take Secretary Napolitano’s words very seriously. I believe her speech reflects the majority view inside the DC beltway that the worse is yet to come regarding attacks against critical infrastructure from cyberspace.
The chain of events that started several years ago, possibly with the introduction of Stuxnet, is playing out in new ways today.
The question remains: Will America be ready for the major cyber event when, and not if, it occurs?
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.