Iranian Cyber-Attack Is Most Destructive to Date Says Defense Secretary
Defense Secretary Leon Panetta, speaking in New York to the Business Executives for National Security, used the forum to warn Iran to curb its attacks and to never even think about attacking the United States.
“Don't ever attack this country because you will not get away with it,” said Panetta in his speech delivered on board the retired World War II-era aircraft carrier USS Intrepid, which is permanently docked as an aviation museum in New York Harbor.
Panetta said that Iran is working hard to “gain an advantage in cyber-space.” While he didn’t specifically point fingers at Iran in a series of attacks against oil and gas companies in the Middle East, he made it clear that he felt Iran was responsible. Other current and former administration officials have been widely quoted on background as saying that Iran has been launching cyber-attacks in the region.
The fact that Iran is attacking the oil and gas interests in Saudi Arabia and Qatar should be no surprise. Notably these attacks, which took out something like 30,000 computers at the Aramco and RasGas petroleum production companies, took place just after a new round of sanctions was placed on Iran, further hurting the nation’s economic stability.
Neither Saudi Arabia nor Qatar is on friendly terms with Iran and they provide a convenient target for Iran’s response to cyber-attacks attributed to Western interests, including the Stuxnet worm that effectively killed Iran’s nuclear arms business for about a year.
Panetta explained the attack: “But even more alarming is an attack that happened two months ago when a very sophisticated virus called Shamoon infected computers in the Saudi Arabian State Oil Company Aramco. Shamoon included a routine called a ‘wiper’, coded to self-execute. This routine replaced crucial systems files with an image of a burning U.S. flag. But it also put additional garbage data that overwrote all the real data on the machine. More than 30,000 computers that it infected were rendered useless and had to be replaced. It virtually destroyed 30,000 computers,” Panetta said.
“Then just days after this incident, there was a similar attack on RasGas of Qatar, a major energy company in the region. All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date,” he said.
Panetta then went on to describe the risks to the U.S. critical infrastructure if such an attack were leveled against the United States directly. “Imagine the impact an attack like that would have on your company or your business. These attacks mark a significant escalation of the cyber-threat and they have renewed concerns about still more destructive scenarios that could unfold,” Panetta said.
“For example, we know that foreign cyber-actors are probing America's critical infrastructure networks. They are targeting the computer control systems that operate chemical, electricity and water plants and those that guide transportation throughout this country,” Panetta said. “We know of specific instances where intruders have successfully gained access to these control systems. We also know that they are seeking to create advanced tools to attack these systems and cause panic and destruction and even the loss of life.”
Panetta outlined a nightmare scenario in which a cyber-attack could do immense damage to the United States. “An aggressor nation or extremist group could use these kinds of cyber-tools to gain control of critical switches. They could, for example, derail passenger trains or even more dangerous, derail trains loaded with lethal chemicals,” he said. “They could contaminate the water supply in major cities or shut down the power grid across large parts of the country.”
“The most destructive scenarios involve cyber-actors launching several attacks on our critical infrastructure at one time, in combination with a physical attack on our country. Attackers could also seek to disable or degrade critical military systems and communication networks.”
But now, as they say, there’s a new sheriff in town. Panetta announced that the rules of engagement for U.S. cyber-warriors are changing. “If we detect an imminent threat of attack that will cause significant, physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us to defend this nation when directed by the president,” Panetta said, explaining how the U.S. military would take on foreign cyber-attackers who endangered the United States. “For these kinds of scenarios, the department has developed that capability to conduct effective operations to counter threats to our national interests in cyberspace.”
“As part of that effort, the department is now finalizing the most comprehensive change to our rules of engagement in cyber-space in seven years. The new rules will make clear that the department has a responsibility, not only to defend DoD's networks, but also to be prepared to defend the nation and our national interests against an attack in or through cyberspace.”
In other words, if the United States is attacked, the entire defense establishment of the United States is prepared to take on the attackers, whether the attack is against the government or against private companies or private citizens. Panetta asked for help from industry to do this. “I want you to know the Department of Defense is doing our part,” he said. “And tonight, I'm asking you to do yours as citizens and as business leaders. Help us innovate. Help us increase the nation's cyber-security by securing your own networks.”
Panetta made it very clear that he intends to avoid what he calls a “Cyber Pearl Harbor” at all costs. He’s asking for the help of industry to accomplish it. But he also wants to make sure that potential attackers are aware of what they’re up against. China? Iran? Are you listening?