8 Ways Cyberterrorism Threatens You
Imagine these very chilling -- and real -- possibilities: The money in your bank accounts gone.
Imagine these very chilling -- and real -- possibilities: The money in your bank accounts gone. Drinking water contaminated. Your home and business hit by widespread and prolonged power outages. Areawide explosions and chemical gas leaks. These are just some of the horrific ways cyberterrorists can mess with your life and business.
With a recent attack on mideast oil companies, the Pentagon is taking notice. "This is a pre-9/11 moment," Secretary of Defense Leon Panetta warned in a recent speech. Some members of Congress will make another push before yearend for a comprehensive cybersecurity law. Meanwhile, the president is mulling an executive order to press government agencies to exchange information with private industries and create cyber standards.
Private defenses also remain full of holes. Expect a big ramp-up in spending on bolstering firewalls and other defense mechanisms, with tech firms such as Cisco, Oracle and McAfee in the thick of the action -- and hiring.
Click through our slide show to see where we're most vulnerable.
1. Financial Services
Your money, and in fact most of the nation's wealth, is recorded as electronic data stored on computer servers. A wholesale attack on the nation's financial systems could in a few keystrokes render such data meaningless.
Picture a mass disruption of ATMs and credit card transactions. A shutdown of Wall Street for a week or more. A widespread dismantling of electronic commerce. These scenarios are not just hypothetical. This year, a cybercriminal hacked into U.S. payment processor Global Payments and stole 1.5 million credit and debit card numbers. Later, the company pegged the cost of the data breach at a whopping $84 million and saw its profits plunge 90 percent in the quarter following disclosure
2. Nuclear Power Plants
Nuclear energy makes up 19% of U.S. energy, with 104 nuclear reactors in 31 states. Each nuclear power plant serves a large region. The biggest one, for example, about 50 miles west of Phoenix, generates nearly 4,000 megawatts of power and serves 4 million people.
Besides causing widespread power outages, attacks could lead to catastrophic meltdowns and explosions. Cyberattacks can come in many ways. The U.S. and Israel's recent cyberattack on Iranian nuclear reactors, for example, used the infamous Stuxnet computer worm and was aimed at disrupting centrifuges. America's vulnerability to computer problems was exposed recently when a nuclear power plant in Georgia shut down during a software update.
3. Electric Power
A large scale attack on the nation's vast and fragmented electric grid could leave large sections of the country without power for weeks -- even months.
Note that 50 million people in the Northeast were left powerless in 2003 when an industrial control system in part of the grid failed. Some areas were powerless for four days, and damages from the outage ran close to $10 billion. Though the grids were built to be safe and reliable, they’re not necessarily secure against cyberthreats. "You have legacy equipment that is 40 years old, built with minimal or no security," says Annabelle Lee, technical executive of cybersecurity at the Electric Power Research Institute, which conducts research for the electricity industry.
And though the North American Electric Reliability Corp. has created cybersecurity standards, some experts warn that the standards are weak and outdated.
4. Company Business Files
Businesses of all stripes are highly concerned about the cost of losing valuable intellectual property.
A company can expect to pay millions of dollars for the cost of a data breach. Mobile-computing and increasing use of cloud computing only heighten the risk of a breach. Aurora, a cyberhack in 2009 that originated in China, was first publicly disclosed by Google, but it didn't stop there. The attack affected Adobe Systems, Dow Chemical Co., Northrop Grumman, Morgan Stanley and many others. Google called the incident "a highly sophisticated and targeted attack."
To date, cyberthieves have stolen $1 trillion worth of intellectual property from businesses worldwide. General Keith Alexander, commander of U.S. Cyber Command and director of the National Security Agency, calls cybertheft "the greatest transfer of wealth in history."
America's transportation systems include 450 commercial airports, 600,000 bridges, 4 million miles of roadway and 140,000 miles of active railroad, and all of our subways.
The New York City subway, for example, which carries more than 8 million riders each day, uses scores of complicated control systems that could fall prey to hackers.
A real world example: In 2003, the Sobig virus and similar computer worms wreaked havoc on million of computers, shutting down trains on the east coast of the U.S. and Canada and infecting CSX Corp.'s train system headquarters in Jacksonville, Fla. Train service was shut down or delayed up to six hours.
6. Water Systems
Clean drinking water is critical to life, of course, and yet many water operations are vulnerable targets. Terrorist groups have specifically named U.S. water supplies as a point of attack. And almost all of the country's 155,000 public water systems have control systems connected to computer networks that leave them vulnerable.
Sewage operations are also at risk. The Deer Island Sewage Treatment Plant in Massachusetts, for example, is one of the largest treatment plants in the U.S. Located in Boston Harbor, the plant gets rid of up to 90% of contamination in sewage before the water is released back into Massachusetts Bay. In Australia in 2000, a disgruntled employee used a remote computer to hack into the Maroochy Shire Council's sewage system 46 times over two months. Pumps failed, and a quarter of a million gallons of raw sewage poured into nearby streams, flooding a hotel and park.
7. Gas and Chemical Pipelines
Large refinery fires or explosions and chemical gas leaks are a constant worry for folks living near refineries and chemical plants.
There are 144 petroleum refineries in the U.S., producing more than 17 million barrels of crude oil per day. The biggest is owned by ExxonMobil in Baytown, Texas. It cranks out more than half a million barrels per day. There are also 15,000 industrial chemical plants in the U.S. This past spring, the Department of Homeland Security and the Industrial Control Systems Cyber Emergency Response Team issued an alert about hackers phishing for information in natural gas pipelines. They were trying to steal information that could potentially let them access the pipelines from remote computers.
8. Communications Systems
If telecom emergency systems fail, millions of cell phones won't work. That's more than just an inconvenience: Almost every important sector relies heavily on communications. Police, fire, ambulance and scores of other services -- from banking and IT to mail delivery and energy -- are integrated with communications. The 2010 Cyber ShockWave, created by the Bipartisan Policy Center’s simulated cyberattack, may not have been an actual event, but the simulation sparked renewed concern of a lack of U.S. preparation. In the event, 60 million cell phones went silent.