Opinion: The errors between 1s and 0s
January 17th, 2014
06:00 AM ET

Opinion: The errors between 1s and 0s

By Meg King, Special to CNN

Editor's note: Meg King is the national security adviser to the president and CEO of the Woodrow Wilson International Center for Scholars.

People operate computer systems that monitor power grids, nuclear power plants and air traffic control systems and do it through e-mail, company networks and government networks. People write the code that tells one computer to speak with another and to carry out various tasks from financial exchanges to changing traffic lights.

Somewhere in the mass of 1s and 0s, there is bound to be a mistake. One that a terrorist is eager to abuse.

Many information technology experts suggest that terror groups aren’t now - and might never be - capable of carrying out an act of cyberterror. It’s true that terror groups won’t be likely to craft a damaging computer virus such as the ILOVEYOU Virus (2001), The Klez (2001), Code Red Worm (2002), Blaster Virus (2004) or Conficker Worm (2008).But recent plots and propaganda suggest that the motive exists and the know-how is growing. Cyberterror is just around the corner: It could be a physical attack on the Internet’s infrastructure, as attempted in London in 2007, that could halt important financial traffic. Or it might be an attack on a system controlling critical infrastructure – from oil refineries and nuclear plants to transportation networks. And we aren’t prepared.

Just like Inspire magazine provides how-to-guides for building bombs, countless websites – most not even related to terrorism – provide the same step-by-step instructions for “hacking” into key networks. And what’s worse, the trail is easier to hide.

Your neighborhood lone wolf terrorist, radicalized in part by messages on the Internet, can too easily purchase a so-called “exploit” – a piece of software or a sequence of commands that takes advantage of a mistake or vulnerability in it and then can be infiltrated to harm computer software, hardware or other electronic equipment. Or he or she could at no cost send a spear phishing e-mail and break into an entire power company’s computer system. The directions are posted anywhere you turn in the digital universe; the only trouble is that there may be too many instructions from which to choose.

We know that terror groups are interested in these sorts of attacks. The first calls to action came in 2005. In late 2011, al Qaeda urged “electronic jihad” and called for cyberattacks against the networks of government and critical infrastructure.

With time, increased access to computer equipment and technological sophistication only grows. There is also concern that a nefarious, highly skilled hacker will team up with whatever terror group proves to be the highest bidder. Al Qaeda in the Arabian Peninsula is certainly one option.

It’s surprising, but many Americans – even the young “digital natives” – don’t realize critical U.S. infrastructure is connected to or “faces” the Internet. Any technology, database or communications device, even with protections such as firewalls, risks being attacked at some point. The question is how many times and to what extent. Some compare our increasing reliance on information technology and its uneven layers of security to our aviation system before 9/11.

According to the Department of Homeland Security’s figures, more than 200 attacks occurred against critical infrastructure in the United States in the first half of 2013, focusing mostly on the energy sector. That’s the same number of attacks on critical infrastructure for the entire year before.

Imagine what would happen if a savvy cyberterrorist decided to shut down the electric grid powering the East Coast until certain demands are met. Are we doing what’s needed now to prevent that terrorist from penetrating the grid’s network in the first place? We’re certainly not preparing our citizens adequately for the consequences.

We will never be able to protect every sensitive system, so managing the risk of attack must be our priority.

As Congress goes into election mode for 2014, those of us deeply concerned by the cyberthreat hope a law can be passed to set standards across the board for securing networks and that reporting can become more routine and transparent. In the absence of legislation, and in addition to the President’s executive order, there are four steps the U.S. government can take to reduce the risk of catastrophic and even lower-grade cyberterror attacks.

1. Prevent: The Department of Homeland Security runs a campaign called “Stop. Think. Connect.” Its goal is to increase public awareness of cyberthreats and to help the American public be safer and more secure online. Too few people know about this effort – certainly not the older generation that interacts less regularly and more dangerously online. The profile of this effort needs to be raised to the presidential level and broadcast in public service announcements in partnership with the private sector.

2. Detect: Though we consider the Internet to be “everywhere” – mostly because of wireless connections to our smartphones and laptops – there are key “nodes” and routers that direct Internet traffic. Many are in surprisingly unsecured office buildings. This means that a tech-sophisticated attacker isn’t the only one who can threaten the Internet or do damage to important critical infrastructure. DHS, in partnership with the Federal Bureau of Investigation, should work together to map these facilities and monitor security efforts now.

3. Respond: The relationship between government and industry on cyberissues is improving, but it’s not good enough. Plus, we still don’t have full-scale reporting of cyberincidents. Part of the problem is the sheer number. But if our government can’t analyze the full scope of attacks, it is harder to help identify new ones.

4. Recover: A frank conversation with the American public is needed. President Barack Obama spoke about the threats to critical infrastructure when he announced his executive order in January, but he didn’t call for Americans to take on the effort themselves by learning when they might be the prey of a hacker, how to secure better their personal devices – especially those that connect to office networks – and when to report security concerns.

If Americans are involved in the prevention effort, they will be in a better position for recovery in the event of an attack.

Post by:
Filed under: Cyberterror • Opinion
soundoff (15 Responses)
  1. High-Do-Follow Forum-Backlinks

    High DA PA 50+ Do follow Forum Backlinks: https://www.seoclerk.com/Link-Building/836800/High-DA-PA-50-Do-follow-Forum-Backlinks

    https://www.seoclerk.com/Traffic/840816/1500-USA-Visitors-Daily-For-30-Days-From-Niche-Targeted-Organic-Traffic-From-Google

    February 16, 2021 at 11:08 am | Reply
  2. Porter Hlavaty

    Earn 500 a Day With Our Passive Income System Doing These 3 Steps – Step 1: Get our ready made niche websites, Step 2: Setup your Paypal account. Step 3: Run our Unlimited Traffic System from our Free 850 sources of traffic (Approximately 35000 views a day guaranteed). Then in few hours you will start receiving payments without do nothing! More info: https://www.k3reviews.com/2020/08/16/monster-mode-700k/

    https://www.k3reviews.com/

    February 13, 2021 at 2:02 am | Reply
  3. Emmaline Goodridge

    Earn $200/Day With Our Secret Passive Income System – Best Autopilot income system 2021

    https://bc158dq0ub8kcx18dhm-7ebnfp.hop.clickbank.net/

    February 5, 2021 at 7:07 pm | Reply
  4. Cleotilde Steger

    Best Marketing Services – Cheapest on Market. SMM Supreme is the Top 5 Best Social Media Website in the World. Best Quality-Price Ratio on the market with 714,928 orders until now. – Facebook Fan Page Likes for $4.50/1000 – Instagram Followers for $0.78/1000 – Youtube Views: $1.62/1000 – Twitter followers: $2.10/1000 – Paypal Deposit – Bitcoin Deposit – Fast order processing – 1 Hour Delivery (Click on the link in the profile for more details)

    https://bit.ly/3iYGuRO

    January 26, 2021 at 7:07 pm | Reply
  5. Humberto Drowne

    Do you want get more social network traffic, likes, subscribers? Our Company provide SMM Services that means (Social Media Marketing) that is directly using social network websites such as Twitter, Facebook, and LinkedIn to promote a website. High Quality Services / Our prices are the cheapest in the market, starting at $0.01 / 24/7 Support / API Support for panel leaders / Best prices

    https://bit.ly/3iOPatX

    January 26, 2021 at 4:05 pm | Reply
  6. online casino

    Best view i have ever seen !

    https://www.bolacasino88.net

    January 10, 2021 at 12:20 pm | Reply
  7. 700k passive income system

    Earn 100 commissions of up to 900+ dollars DAILY. 90 Second Set Up – Beta Tested Proven 24-7 AUTOPILOT Income – 100 New Income System Never Before Seen. More details: https://bit.ly/2YfQFcC

    https://bit.ly/2YfQFcC

    December 26, 2020 at 8:26 am | Reply
  8. Delaware River Kayaking Map

    It really is amazing how technology can help and harm you.in bad hands it is terrible,but in the right hands It can push the human species so far ahead .

    June 7, 2017 at 6:54 pm | Reply
  9. shivadass

    https://www.facebook.com/pages/Ask-Questions/336424139795162 <==== Please like this page!!!! WE need to UNITE!!!

    http://WWW.FREEUNTODEATH.WORDPRESS.COM

    January 20, 2014 at 2:04 pm | Reply
  10. bill birch

    Meg, if NSA collects ever piece of data they are technologically capable of, the amount of damage would be immeasurable if the NSA database was hacked or botted as has become "the library of Alexandria" in binary. No Faraday cage will help if the attack was inside.
    It and will happen.

    January 17, 2014 at 4:24 pm | Reply
  11. reality

    So let me get this straight...instead of removing our critical infrastructure from being connected to the internet–which would eliminate this threat entirely we're going to spend millions on Prevent Detect Respond Recover???
    What utter crap.

    January 17, 2014 at 3:21 pm | Reply
  12. Random

    You are underestimating them. The knowhow is there already. People won't get how important this is till after something happens and then it will be a finger pointing game of who didn't do what.

    January 17, 2014 at 12:15 am | Reply

Post a comment


 

CNN welcomes a lively and courteous discussion as long as you follow the Rules of Conduct set forth in our Terms of Service. Comments are not pre-screened before they post. You agree that anything you post may be used, along with your name and profile picture, in accordance with our Privacy Policy and the license you have granted pursuant to our Terms of Service.