Last Thursday, the United States Defense Secretary Leon Panetta announced that the country’s military will seek to use pre-emptive measures if a significant cyber attack threat is detected, disclosing America’s stance against the dangers in the cyber world.
Described as the first major policy speech by observers, Panetta also revealed the lack of funding by private sectors in this area, as well as the ineffective wrangling in Washington by politicians that hinders a c good cyber security legislation. He also said that a presidential executive order would be the temporary policy in place “while we wait for Congress to act.”
Panetta met business leaders in New York during the speech. He disclosed that the country’s critical infrastructures like water, electricity, and chemical plants were being targeted by overseas actors.
“We know of specific instances where intruders have successfully gained access to these control systems. We also know that they are seeking to create advanced tools to attack these systems and cause panic, and destruction, and even the loss of life,” he said.
Panetta mentioned that threats coming outside the U.S. can take control of computer systems being used for train transportation, distribution of water supply and electricity in the country.
Addressing the businessmen in the Business Executives for National Security, he said that the private sector’s awareness of the cyber security threat has grown although “the reality is that too few companies have invested in even basic cyber security.”
He mentioned as examples the hacking incident that happened in Saudi Arabia’s ARAMCO and Qatar’s Rasgas facilities. The said facilities were attacked by the “Shamoon” virus. The virus was so sophisticated that it was able to replace a set of critical system files with an image of U.S. burning flag.]
He said over 30,000 ARAMCO computers were rendered useless and were eventually replaced.
Panetta also cited the more recent attack of major U.S. banks a few weeks ago, which disrupted the victim’s services to their customers.
A U.S. official commenting on Panetta’s speech after the conference confirmed that the government knew the perpetrators of the attacks but Panetta decided not to disclose them.
The United States had always viewed the cyber warfare capabilities of Russia, China, and lately Iran, with respect as they have become more effective over the years. But the main problem confronting the U.S. military is to pinpoint the exact origin of the attack.
The U.S. Defense Secretary said the U.S. is investing in cyber forensics to make tracing of the source of a cyber attack easier.
“Potential aggressors should be aware that the United States has the capacity to locate them and to hold them accountable for actions that may try to harm America,” he said.
He also added that the Pentagon is currently formulating the final changes to rules of engagement in cyberspace.
He underscored the mission of the Department of Defense to defend and protect the country, as well as to respond effectively to attacks and emergence of threats.
“If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us,” Panetta said.