Strategic Industries Must Shift Focus on Cybersecurity

Secretary of Defense Leon Panetta’s recent address to the Business Executives for National Security conference in New York revisited an old metaphor of the cybersecurity game: a Pearl Harbor-esque surprise attack on the nation’s computer systems. Though the fears that Panetta invoked of a massive cyber attack on the United States may be overblown, there are valid reasons for concern. As Panetta highlighted, foreign powers are increasingly going on the offensive in cyberspace, with two of the world’s most important industries, energy and banking, recently coming under assault. His speech signals that, for the Department of Defense, cyberattacks have likely eclipsed acts of terrorism as the top national security threat.

Prominently mentioned in Panetta’s address was Shamoon, a malicious software program used in an August 2012 attack directed at Saudi Aramco, the world’s largest oil producer, representing some 13.3 percent of global production. Shamoon corrupted data on Saudi Aramco’s network of Windows-based personal computers, deleting contents and disrupting business operations for the company. It is reputed to have impacted as many as 30,000 computers at Aramco, with Qatar’s RasGas also affected. While the Shamoon malware does not appear to have significantly damaged the process control systems for upstream or refining operations at Aramco, its impact on the company was significant. ...