Congress' Profound Failure on Cybersecurity

On August 2, 2012 Congress did it again. They acknowledged the looming threat of cyberwarfare while discussing the Cybersecurity Act of 2012, and then they "kicked the can down the road." It's what they do best. The "Party of No" hurt us all on a critically necessary piece of cyber-security legislation, and continued the U.S. Senate's proud tradition of failing to do anything to deal with our absolute vulnerability to an attack by state sponsored hackers and terrorists on our critical infrastructure.

The Obama administration called the result "a profound disappointment." That is a bloody understatement.

We no longer have Cold War problems. It's hackers, working either for rogue states or terrorist organizations. At some point, they will disrupt not just our military's computers, which will be bad enough, but also the computers upon which all Americans depend: computers that run our nuclear power plants and electricity grid; computers that deliver our drinking water; computers that manage our hospitals, banks, and every. They will use our own machines against us, but as of yet we have no John Connor.

"(T)he Pentagon has formally recognized cyberspace as a new domain in warfare . . . [which] has become just as critical to military operations as land, sea, air, and space," William J. Lynn III, the deputy secretary of defense, wrote in a 2010 article for Foreign Affairs magazine.

What's particularly troubling, experts warn, is the degree to which America's critical computer infrastructure is decentralized, privatized, unprotected, and vulnerable to attack. It was precisely this problem that the cybersecurity bill was intended solve.

Knocking out even 10 percent of the computers used to control the complicated network of water reservoirs and pipelines that crisscross the Western states would have an immediate, severe impact in giant metropolises including Phoenix, Las Vegas and Los Angeles. Private utility companies like First Energy — which caused the 2003 East Coast blackout, and which came within 60 days of incinerating a large swath of Michigan, Ohio and Pennsylvania in 2002 by allowing acid to eat a football-sized hole in a nuclear reactor lid at its Davis-Besse power plant — face only limited requirements to safeguard their critical computer systems. If this is how major utilities handle basic infrastructure such as power transmission lines and nuclear reactors, just think what unseen dangers lurk in their disparate computer systems.

"The alarm bells sound regularly: cybergeddon; the next Pearl Harbor; one of the greatest existential threats facing the United States," Preet Bharara, U.S. attorney for the Southern District of New York, wrote in The New York Times. "With increasing frequency, these are the grave terms officials invoke about the menace of cybercrime — and they're not understating the threat."

[Related Article: 5 Stupid Things You're Doing to Ruin Your Credit]

  • 1
  • |
  • 2
  • |
  • 3
Join the Discussion
blog comments powered by Disqus
You Might Also Like...