Attackers of U.S. government and private-sector Internet networks are increasingly looking to inflict permanent damage, not just render them inoperable, says a senior military official.
Cyberattacks against American information networks first went from exploitative to disruptive. Now such online strikes are moving into the realm of destructive, says Gen. Keith Alexander, National Security Agency and U.S. Cyber Command chief.
"What I am concerned about...is when these transition from disruptive to destructive attacks," says Alexander. "And I think those are coming. We have to be ready for that. ... The probability for a crisis is mounting.
"Statistically, the number of attacks is growing," he says. "They're growing for disruptive [and] destructive, and our country has the bulk of this network. As a result, we're vulnerable."
U.S. officials from two presidential administrations for nearly a decade have warned about cyberstrikes that could cripple U.S. financial or national security networks, or even take down the American electrical grid. Defense Secretary Leon Panetta has warned of a cyber-Pearl Harbor, and senior intelligence officials say cyberthreats fall just behind terrorism and weapons of mass destruction on the intel community's list of top U.S. threats.
Alexander called for lawmakers to iron out several remaining policy disputes as they slowly craft cybersecurity legislation.
Finally etching into stone a federal cybersecurity law "is more important than nuclear deterrence theories we've talked about in the past," Alexander said during a forum at Washington's American Enterprise Institute.
According to the general, that's because the nuclear game featured primarily two players: the United States and the Soviet Union. With cyber, American networks face attacks from other nations, groups, and individuals.
"You may not know who's doing it," says Alexander. "So you've got to come up with a defensive strategy."
Yet, after years and years of dire warnings, some experts say the dangers are significantly overblown.
"It's ridiculous," Benjamin Friedman of the CATO Institute told U.S. News & World Report recently. "That kind of rhetoric lets people talk of grand hypotheticals that have not actually occurred without much thought or analysis."
Friedman calls warnings from senior government and industry officials about the economic and security dangers "wildly overblown."
John T. Bennett covers national security and foreign policy for U.S. News & World Report. You can contact him at firstname.lastname@example.org or follow him on Twitter.
- Cyber Attack Talk May Outpace The Actual Threat
- House Intel Chairman Predicts Major Cyber Attack on U.S.
- Check out U.S. News Weekly: an insider's guide to politics and policy