Let’s use that Texas water utility that was hacked as an example of why information sharing is not enough and security practices need to be agreed to. The owners had no idea their system was connected to the Internet, so information sharing wouldn’t have helped because they had no idea they were at risk in the first place.
And this need not be expensive. A recent report by Verizon, the Secret Service and other international law enforcement agencies analyzed 855 data breaches in 2011 and found that 96 percent were not difficult to pull off and 97 percent could have been prevented through fairly simple and inexpensive means.
Using the Texas example again, the hacker was able get onto the control board because the utility had never changed the three-digit password installed by the factory — and that was easy to find in technical manuals available on the Internet.
Six of our nation’s most experienced Republican and Democratic national security leaders have endorsed our approach and urged the Senate to act “as soon as possible.”
In a letter to the Senate Majority and Minority Leaders, former Homeland Security Department Secretary Michael Chertoff, former National Intelligence Director Adm. Michael McConnell, former Deputy Defense Secretary Paul Wolfowitz, former National Security Agency and CIA Director Michael Hayden, former Joint Chiefs of Staff Vice Chairman Marine Gen. James Cartwright and former Deputy Defense Secretary William J. Lynn wrote:
“Infrastructure that controls our electricity, water and sewer, nuclear plants, communications backbone, energy pipelines and financial networks must be required to meet appropriate cybersecurity standards. ... We carry the burden of knowing that 9/11 might have been averted with the intelligence that existed at the time. We do not want to be in the same position again when ‘cyber 9/11’ hits — it is not a question of whether this will happen; it is a question of when.”
Many more of our nation’s top security officials, including Defense Secretary Leon Panetta and Joint Chiefs of Staff Chairman Gen. Martin Dempsey, have issued similar warnings.
The threat board is blinking red. Congress needs to act now before a cyber 9/11.
Sen. Joe Lieberman (I-Conn.) is chairman of the Homeland Security and Governmental Affairs Committee. Sen. Susan Collins (R-Maine) is the panel’s ranking member.
Roll Call has launched a new feature, Hill Navigator, to advise congressional staffers and would-be staffers on how to manage workplace issues on Capitol Hill. Please send us your questions anything from office etiquette, to handling awkward moments, to what happens when the work life gets too personal. Submissions will be treated anonymously.