Is a Cyber Pearl Harbor a Real Threat?

By Samuel Greengard

In recent weeks, U.S. financial institutions such as JP Morgan Chase, Capital One and Wells Fargo have undergone sustained cyber-attacks from sources that security experts say could be a hostile foreign government or terrorist organization. Some experts, including Defense Secretary Leon Panetta, have cautioned that this distributed denial-of-service (DDoS) activity could foreshadow widespread and sustained cyber-attacks. In fact, he warned of the possibility of a “Cyber-Pearl Harbor.”

Strong and frightening words. But according to security experts, the risk of a “Cyber-Pearl Harbor” attack is real … and growing. “Unfortunately, U.S. critical infrastructure is vulnerable, and security is weak overall,” states Jonathan Gossels, president and CEO of SystemExperts, a Sudbury, Mass., security risk analysis consulting.

The power grid, flight control systems, traffic control systems, water treatment facilities, hospitals, communications systems and other key technology systems are all vulnerable, Gossels says. Although banks have withstood recent attacks reasonably well—most have managed to get through the attacks with few disruptions due to significant investments in security—other organizations and industries are lagging behind.

In fact, it’s a tale of two mentalities, according to Gossels. “Financial institutions and certain companies in vulnerable industries have prepared for the risk of cyber-attacks,” he says, “but many other organizations have done the bare minimum and don’t believe that they are a real target.”

What’s even worse, Gossels warns, is that these incremental gaps in security, when combined, exacerbate the risk for everyone. “When you add everything up, it’s apparent that the United States is at great risk from a sustained and coordinated attack on infrastructure,” he adds.

Digging out of this hole is no simple task. Despite constant discussion about cyber-attack risks, CIOs and other IT executives aren’t putting the essential protections in place. According to Gossels, a multipronged approach is critical.

This approach includes the use of data loss prevention (DLP) software, encryption, anti-malware systems, strong authentication methods and applying software patches as they become available. In addition, it includes training employees on how to spot increasingly sophisticated phishing and spear-phishing methods and other forms of social engineering.

The best approach is to adopt a comprehensive security framework based on ISO 27002 or COBIT. The former, for example, provides guidance on more than 135 controls in a dozen major areas.

Finally, Gossels says that these issues extend to human resources. At one company he consulted with, two high-level IT workers suddenly disappeared. Only afterward did the firm discover that they were Chinese moles who had been collecting data and trade secrets. Both lacked key documentation, but nobody had checked on it.

Many observers say that it’s not a question of if a massive cyber-attack will occur; it’s a question of when.

“The thing that the public and many business executives overlook is that we are living in the digital age,” Gossels says. “Our books and records reside in cyber-space, and transactions increasingly occur online. … The ability to take out key infrastructure would have a crippling effect on the economy and create lasting damage.”

 

Feeling stuck in self-doubt?

Stop trying to fix yourself and start embracing who you are. Join the free 7-day self-discovery challenge and learn how to transform negative emotions into personal growth.

Join Free Now

Picture of Samuel Greengard

Samuel Greengard

TRENDING AROUND THE WEB

10 subtle behaviors of a man who has fallen out of love, according to a relationship expert

10 subtle behaviors of a man who has fallen out of love, according to a relationship expert

The Blog Herald

8 things you’ll learn from living with a narcissist, according to psychology

8 things you’ll learn from living with a narcissist, according to psychology

Global English Editing

Woman left “bewildered” after boyfriend demands she should have “disclosed” her past plastic surgeries on their first date

Woman left “bewildered” after boyfriend demands she should have “disclosed” her past plastic surgeries on their first date

Personal Branding Blog

8 subtle behaviors of people who are addicted to being busy, according to psychology

8 subtle behaviors of people who are addicted to being busy, according to psychology

Small Business Bonfire

If a man displays these 10 behaviors, he wants to spend his life with you

If a man displays these 10 behaviors, he wants to spend his life with you

The Vessel

People who flourish in their later years tend to follow these 8 practices

People who flourish in their later years tend to follow these 8 practices

Jeanette Brown