On Oct 11, Elisabeth Bumiller and Thom Shanker reported for The New York Times on remarks by SecDef Leon Panetta. SecDef Panetta reiterated some things we already know: the U.S. could suffer a “”cyber-Pearl Harbor,” U.S. critical infrastructure is vulnerable to both extremist groups and nation-states, and such an attack on critical infrastructure would cause major damage. SecDef Panetta then went on to advocate for cybersecurity legislation passage. Noting that “we are vulnerable [without passage of cybersecurity legislation],” SecDef Panetta said “[w]e’re not interested in looking at e-mail . . . [b]ut if there is a code, if there’s a worm that’s being inserted, we need to know when that’s happening.”
The SecDef mentioned a bit of doctrine, explaining that the U.S. cannot rely on defenses alone, suggesting that offensive cyberattacks will play an important role. To that end, the NYT reported that cyber ROEs are on the way. For what it’s worth, cyber ROEs have been on the way since early May. They keep getting pushed back.
You can find the NYT source article here.
***
John Reed also covered SecDef Panetta’s remarks for Foreign Policy’s Killer Apps blog. Interesting remark that I didn’t see in the NYT article: “the U.S. government knows of ‘specific instances where intruders have gained access’ to [SCADA] systems . . . and . . . ‘they are seeking to create advanced tools to attack these systems and cause panic, destruction and even the loss of life.'”
***
The remarks . . .
Leave a Reply