As the US government debates the pros and cons of a use of force against Syria over the coming days and weeks, should our leaders also consider whether pro-Syrian forces might launch a cyberattack against US critical infrastructure in retaliation?
There are many important questions that are surfacing regarding this topic. Some of these include: How dangerous could an online attack really be? What is the most likely scenario? Are owners and operators of US critical infrastructure ready to defend the power grid, transportation systems our water supply and more? Are there steps that chief information security officers (CISOs) and other technology leaders should be taking now to prepare? Or, is any cyberthreat resulting from current events in the Middle East just overblown?
My view: American businesses should hope for the best, while preparing for the worst.
Recent Warnings of Coming Cyberattack
Yesterday, I posted this blog over at Govtech.com which highlighted Secretary of Homeland Security Janet Napolitano’s outgoing speech at the National Press Club last week. Here is an excerpt that I think everyone who has a role in protecting critical infrastructure in America should take very seriously:
“Our country will, for example, at some point, face a major cyber event that will have a serious effect on our lives, our economy, and the everyday functioning of our society.
While we have built systems, protections and a framework to identify attacks and intrusions, share information with the private sector and across the government, and develop plans and capabilities to mitigate the damage, more must be done, and must be done quickly....”
Background of the Syrian Electronic Army (SEA)
There has been plenty of press coverage regarding the Syrian Electronic Army (SEA). Krebs on Security recently provided this background piece on the SEA and their potential capabilities. Most recently, the SEA was able to bring down the New York Times.
But can they much more? Or, if they work with others who may sympathize with their viewpoint on world-events, could they cause serious damage – such as the “major cyber event” described by Secretary Napolitano?
These questions have become hot topics online. Consider these three perspectives:
While opinions vary widely on the SEA’s cyber capability to cause harm, businesses are preparing. National Public Radio (NPR) reported that US firms are taking notice:
"A lot of companies are coming and asking us to do assessments on the Syrian Electronic Army and other actors in the broader region and how they may suffer attacks in the coming weeks from them," says Dmitri Alperovitch, co-founder and chief technology officer at CrowdStrike, which provides companies with cybersecurity advice and assistance.
"My phone has been buzzing off the hook over the last few days because of this," he says.
At the same time, as the NPR report makes clear, there has not been any special alerts by the Department of Homeland Security (DHS) or others to take special steps – at least not yet.
Bloomberg ran this piece last week which offered suggestions for banks and utilities to prepare for a possible Syrian cyberattack. I think these words from Michael Chertoff, who is the former Secretary of DHS are very important and relevant:
“The line between national security and private security is eroding,” said Chertoff, founder of a Washington consulting company. “It is a reasonable concern to be prepared for the possibility of some kind of retaliation -- asymmetric retaliation -- if we take action in Syria.”
The question remains, are we ready? If the Congress votes for military action, we are about to find out.