• United States



Could Syria launch a major cyberattack against the USA?

Sep 02, 20134 mins
IT LeadershipIT Strategy

Are US businesses ready?

As the US government debates the pros and cons of a use of force against Syria over the coming days and weeks, should our leaders also consider whether pro-Syrian forces might launch a cyberattack against US critical infrastructure in retaliation?

There are many important questions that are surfacing regarding this topic. Some of these include: How dangerous could an online attack really be? What is the most likely scenario? Are owners and operators of US critical infrastructure ready to defend the power grid, transportation systems our water supply and more? Are there steps that chief information security officers (CISOs) and other technology leaders should be taking now to prepare? Or, is any cyberthreat resulting from current events in the Middle East just overblown?

My view: American businesses should hope for the best, while preparing for the worst.

Recent Warnings of Coming Cyberattack

Yesterday, I posted this blog over at which highlighted Secretary of Homeland Security Janet Napolitano’s outgoing speech at the National Press Club last week.  Here is an excerpt that I think everyone who has a role in protecting critical infrastructure in America should take very seriously:

“Our country will, for example, at some point, face a major cyber event that will have a serious effect on our lives, our economy, and the everyday functioning of our society.

While we have built systems, protections and a framework to identify attacks and intrusions, share information with the private sector and across the government, and develop plans and capabilities to mitigate the damage, more must be done, and must be done quickly….”

Background of the Syrian Electronic Army (SEA)

There has been plenty of press coverage regarding the Syrian Electronic Army (SEA).  Krebs on Security recently provided this background piece on the SEA and their potential capabilities. Most recently, the SEA was able to bring down the New York Times.

But can they much more? Or, if they work with others who may sympathize with their viewpoint on world-events, could they cause serious damage – such as the “major cyber event” described by Secretary Napolitano?

 These questions have become hot topics online. Consider these three perspectives:

How Serious is the Threat of a Syrian Cyberattack?

While opinions vary widely on the SEA’s cyber capability to cause harm, businesses are preparing. National Public Radio (NPR) reported that US firms are taking notice:

“A lot of companies are coming and asking us to do assessments on the Syrian Electronic Army and other actors in the broader region and how they may suffer attacks in the coming weeks from them,” says Dmitri Alperovitch, co-founder and chief technology officer at CrowdStrike, which provides companies with cybersecurity advice and assistance.

“My phone has been buzzing off the hook over the last few days because of this,” he says.

At the same time, as the NPR report makes clear, there has not been any special alerts by the Department of Homeland Security (DHS) or others to take special steps – at least not yet.

Bloomberg ran this piece last week which offered suggestions for banks and utilities to prepare for a possible Syrian cyberattack.  I think these words from Michael Chertoff, who is the former Secretary of DHS are very important and relevant:  

 “The line between national security and private security is eroding,” said Chertoff, founder of a Washington consulting company. “It is a reasonable concern to be prepared for the possibility of some kind of retaliation — asymmetric retaliation — if we take action in Syria.”

The question remains, are we ready? If the Congress votes for military action, we are about to find out.


Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist and author. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan State Government. Dan was named: "CSO of the Year," "Public Official of the Year," and a Computerworld "Premier 100 IT Leader." Dan is the co-author of the Wiley book, “Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing and Recovering From Inevitable Business Disruptions.” Dan Lohrmann joined Presidio in November 2021 as an advisory CISO supporting mainly public sector clients. He formerly served as the Chief Strategist and Chief Security Officer for Security Mentor, Inc. Dan started his career at the National Security Agency (NSA). He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US / UK military facility. Lohrmann is on the advisory board for four university information assurance (IA) programs, including Norwich University, University of Detroit Mercy (UDM), Valparaiso University and Walsh College. Earlier in his career he authored two books - Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The Guide to Bring Your Own Device to Work. Mr. Lohrmann holds a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.

More from this author