Technology

Cyberwarfare greater threat to US than terrorism, say security experts

Intelligence and defense officials warn of 'cyber Pearl Harbor'

The headquarters of the National Security Agency in Fort Meade, Maryland.
NSA via Getty Images

Cyberwarfare is the greatest threat facing the United States – outstripping even terrorism – according to defense, military, and national security leaders in a Defense News poll, a sign that hawkish warnings about an imminent “cyber Pearl Harbor” have been absorbed in defense circles.

That warning, issued by then Secretary of Defense Leon Panetta in Oct. 2012, struck many as a fear-mongering plug for defense and intelligence funding at a moment when many in the United States, including 32 percent of those polled by the same Defense News Leadership Poll, believe the government spends too much on defense.

But 45 percent of the 352 industry leaders polled said cyberwarfare is the gravest danger to the U.S., underlining the government’s shift in priority – and resources – towards the burgeoning digital arena of warfare. In 2010, the Pentagon created the U.S. Cyber Command, under the helm of NSA director Gen. Keith Alexander, to better prepare the U.S. for a potential attack on digital infrastructure.

Later that year, U.S. Deputy Secretary of Defense William Lynn said cyberspace had become “just as critical to military operations as land, sea, air, and space.”

Graphic
John Harman and Staff/Defense News/United Technologies

The nebulous term "cyberwarfare" refers to full-on conflict between countries or terror groups featuring digital attacks on computer systems. But its more devastating, violent impacts are considered by many analysts to be largely theoretical at this point.

Looming fears of cyber attacks on pacemakers of world leaders, for instance, have inspired movie plots and television shows but are not known to have occurred, noted Morgan Marquis-Boire, a security researcher at the University of Toronto's Citizen Lab. “At the moment, this is all set in the realm of science fiction."

Marquis-Boire said the most kinetic cyberattack to date was probably the Stuxnet worm that attacked Iran’s Natanz nuclear enrichment facility in 2010, stoking fears of a cyber-triggered nuclear terror attack. In the U.S., the most prominent cyber attacks have targeted websites, including the Syrian Electronic Army's infamous White House bomb hoax that briefly caused a 140-point drop in the Dow Jones Industrial Average.

But the classic fear is that enemy hackers – from countries like Iran, China, or Russia – could infiltrate the U.S. power grid, shutting down government agencies, crashing planes into buildings, and grinding the economy to a halt.

And though it has yet to happen, security experts say a large-scale attack on the U.S. power grid that could inflict mass casualties is within the realm of possibility. The North American Electric Reliability Corporation reported in 2009 that the U.S. grid remains susceptible to infiltration despite substantial government investment in securing it.

“We do have a security problem whereby life is rushing towards the Internet faster than we’re developing Internet security,” said Marquis-Boire. “Many of these systems weren’t built in a cyberwarfare age. We weren’t worried about cyberwarfare when we built the national power grid, and it’s difficult to retrofit security.”

The impact of such an attack could be devastating. Massive power outages could not only unleash chaos, they could also distract from a simultaneous military – or terrorist – attack.

That latter concern – that cyber war tactics might blur with traditional terrorism – were underlined in June 2012, when information security expert Eugene Kaspersky announced his lab’s discovery of the Flame virus that targeted computers in Iran.

“It’s not cyber war, its cyber terrorism and I’m afraid it’s just the beginning of the game,” Kaspersky said at a conference in Tel Aviv. “I’m afraid it will be the end of the world as we know it.” A few months later, Panetta compounded fears when he warned of a “new, profound sense of vulnerability” in the U.S. due to the prospect of cyberwarfare.

But with the exception of several high-profile hacking incidents of websites, the American public has yet to experience any sort of large-scale attack on U.S. infrastructure, let alone American lives.

Despite the improbability of a full-on cyber conflict, analysts say they are not surprised the nebulous threat posed by cyberwarfare has struck fear in American hearts.

"The capability is out there to launch a large-scale cyberattack resulting in loss of life or property damage, and potential targets are in some sense infinite, because everything is connected to computers in one way or the other,” said Tara Maller, a research fellow with the National Security Studies program at the New America Foundation and a former military analyst for the CIA.

"But do I think it is very likely another country would launch a cyber attack of this type on the U.S. right now? No, because I think there is some level of cyber deterrence that exists between states," she said.

The prospect of cyberwarfare between world powers might be compared to a nuclear standoff: Unless geopolitical dynamics shift, it's difficult to envision a viable scenario whereby any state's capacity to wreak havoc and mass casualties is actually deployed. A "cyber" Pearl Harbor – like the real one – could spark a world war.

"I don’t think there’s any country right now where tensions are high enough for the state to essentially carry out an act of war against the U.S.," added Maller. "It could make more sense for a terrorist group, but they have more limited capabilities."

Find Al Jazeera America on your TV

Get email updates from Al Jazeera America

Sign up for our weekly newsletter

Get email updates from Al Jazeera America

Sign up for our weekly newsletter

Join the Conversation