Editor’s Note – Dangers lurk all around us, from terror attacks on our embassy in Libya to plots to kill a Saudi on US soil, and our critical infrastructure may be our Achille’s Heel.
Defense secretary bluntly warns were in ‘pre-9-11 moment’ that could precede catastrophic attack, hints Iran involved
By John Solomon – Washington Guardian
In a blunt admission designed to prod action, Defense Secretary Leon Panetta Thursday night told business executives there has been a sudden escalation of cyber terrorism and that attackers have managed to gain access to control systems for critical infrastructure.
In a speech in New York City, Panetta said the recent activities have raised concerns inside the U.S. intelligence community that cyber terrorism might be combined with other attacks to create massive panic and destruction on par with the Sept. 11, 2001 attacks.
“These attacks mark a significant escalation of the cyber threat. And they have renewed concerns about still more destructive scenarios that could unfold,” he said. “For example, we know that foreign cyber actors are probing America’s critical infrastructure networks.
“They are targeting the computer control systems that operate chemical, electricity and water plants, and those that guide transportation throughout the country,” he added. “We know of specific instances where intruders have successfully gained access to these control systems. We also know they are seeking to create advanced tools to attack these systems and cause panic, destruction, and even the loss of life.”
Current and former U.S. officials tell the Washington Guardian that U.S. investigators have growing evidence that Iran was behind a recent wave of cyber attacks, particularly those that temporarily paralyzed energy interests in two Middle East countries that are key U.S. allies.
Panetta stopped short in his speech of formally accusing Iran but left no doubt America has strong suspicions about Tehran. “Iran has also undertaken a concerted effort to use cyberspace to its advantage,” he declared.
Panetta’s speech came as the Obama administration is pressing ahead with its own cyber security measures using executive powers after reaching a stalemate with congressional Republicans and their business allies over sweeping legislation to change the nation’s cybersecurity posture.
“This is a pre-9/11 moment,” Panetta told the business executives, referring to the period before the terror attacks 11 years ago when signs of a mounting threat were overlooked. “The attackers are plotting. Our systems will never be impenetrable, just like our physical defenses are not perfect. But more can be done to improve them. We need Congress, and we need all of you, to help in that effort.”
Panetta, who has been sounding alarm for month about the potential for a “Cyber Pearl Habor”, gave unusually blunt description of three recent attacks — one against U.S. financial interests and two against Middle East energy interests – that have raised the alarm. Defense officials said classified information was declassified so Panetta could give specific details about the nature of the attacks.
The defense secretary, who previously served as President Obama’s CIA director, said consecutive attacks on Saudi Arabia’s ARAMCO oil company and Qatar’s Ras Gas known launched by a virus known as Shamoon were “probably the most
destructive attack that the private sector has seen to date. “
“Shamoon included a routine called a ‘wiper,’ coded to self-execute. This routine replaced crucial system files with an image of a burning U.S. flag. It also put additional “garbage” data that overwrote all the real data on the machine. The more than 30,000 computers it infected were rendered useless, and had to be replaced,” Panetta explained.
The defense secretary offered an assessment of possible future doomsday scenarios feared by U.S. intelligence in which cyber terrorism could be combined with waves of attacks.
“An aggressor nation or extremist group could gain control of critical switches and derail passenger trains, or trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.,” he said.
“The most destructive scenarios involve cyber actors launching several attacks on our critical infrastructure at once, in combination with a physical attack on our country,” he added. “Attackers could also seek to disable or degrade critical military systems and communications networks.”