view counter

CybersecurityCyber experts divided over the scope of damage of a cyberattack on U.S.

Published 25 November 2014

Citing the risks of lack of preparation against future cyberattacks and the absence of security infrastructure, a new report urges across the board updates in the domain of cybersecurity. Most of the experts interviewed for the report pointed to the Stuxnet malware, which damaged Iranian nuclear-enrichment centrifuges and other nuclear-related machinery in 2010, as an example of the sort of future attacks that could disable and destroy vital infrastructure such as power grids, air-traffic controls, and banking institutions.

Citing the risks of lack of preparation against future cyberattacks and the absence of security infrastructure, the Pew Research Center and Elon Univeristy’s Imagining the Internet Center have released a report that urges across the board updates in the domain of cybersecurity.

As theJamaica Gleaner reports, researchers from the two organizations surveyed more than 1,600 Internet and computer experts on their thoughts about the future of cyberattacks in countries.

More than 60 percent of them answered “yes” to the question, “By 2025, will a major cyberattack have caused widespread harm to a nation’s security and capacity to defend itself and its people?”

“The majority opinion here is that these attacks will increase and that lots of institutions, including major government institutions, will be at risk,” said Lee Rainie, the director of the Pew Research Internet Project and one of the authors of the report.

Most of the experts surveyed pointed to the Stuxnet malware, which damaged Iranian nuclear-enrichment centrifuges and other nuclear-related machinery in 2010, as an example of the sort of future attacks that could disable and destroy vital infrastructure such as power grids, air-traffic controls, and banking institutions. Pew reported that Stuxnet had destroyed up to a fifth of the nuclear centrifuges in Iran. In terms of future potential to do harm, the virus was the first of its kind to be able to spread on its own through a network once introduced.

“There has already been a ‘Pearl Harbor’ event: the Stuxnet computer worm that was used to attack Iran’s nuclear capabilities,” said Jason Pontin, the editor and publisher of the MIT Technology Review. “Do we really believe that the infrastructure of a major industrial power will not be so attacked in the next twelve years? The internet is an insecure network; all industrialized nations depend on it. They’re wide open.”

Others took a less alarmist approach.

“[There will be] many, many small and medium-sized cyber attacks between now and 20205, but nothing on a major scale,” said one expert in the report.

“Right now, cyber attacks are too costly,” said another expert, “The bigger risk will be when cyber crooks drain Wall Street of all its cash.”

Others estimated that the threats are exaggerated and that the majority of power of a cyberattack often lies in the fear factor — an important tool for many terrorist organizations.

In a more comforting development, many of those interviewed did stress that if the proper preparations were made before such attacks occur, then much of the damage could be mitigated.

“While in principle all systems are crackable, it is also possible to embed security far more deeply in the future Internet than it is in the present Internet environment,” said Lee McKnight, a professor at Syracuse University’s School of Information Studies. “The white-hat good guys will not stop either.”

Regardless of where many of those consulted in the report fell on the matter of risk, most agreed that the coming cyber arms race is now only beginning.

view counter
view counter