Defense Secretary Leon Panetta Recycles His 'Cyber-Pearl Harbor' FUD... Third Time's The Charm?
from the if-at-first-you-don't-succeed,-beat-that-dead-horse dept
A recent (failed) push to enact cybersecurity legislation has resulted in some interesting maneuvering in Washington, DC. Rep. Mike Rogers, who introduced CISPA, is trying to revive his lousy legislation by telling scary stories that are short on detail, but long on FUD. Other interested parties are hoping to bypass the legislative process altogether and get an executive order pushed through. The "process" has become so chaotic that politicians are finding themselves hurriedly agreeing to stuff that contradicts the other stuff.Of all the people that believe Something Must Be Done, cybersecurity-wise, one of the pithiest has been Secretary of Defense Leon Panetta, who issued a memorable pull-quote on October 11th in a speech at the Intrepid Sea, Air and Space Museum, warning that the United States was facing the possibility of a "cyber-Pearl Harbor."
A dire situation indeed, if true. Panetta is worried about critical infrastructure being sabotaged by cyberterrorists and is totally not just pushing his own agenda.* According to defense officials, "Mr. Panetta's words were not hyperbole."
(*Panetta is totally pushing his own agenda... those same defense officials "acknowledged that Mr. Panetta was also pushing for legislation on Capitol Hill.")
Yes. Panetta is non-hyperbolically pushing his own agenda. The problem is that, while the CISPA/executive order debacle is fairly recent, Panetta's "cyber-Pearl Harbor" has the ring of a worn-out catchphrase, severely limiting the impact of those somewhat stirring words.
Let's go back to June 2011, when Panetta was holding forth during his confirmation hearing for the post of Secretary of Defense.
The next great battle America faces is likely to involve cyberwarfare, Leon Panetta, the Central Intelligence Agency director, warned senators Thursday, predicting that "the next Pearl Harbor that we confront could very well be a cyberattack that cripples" America’s electrical grid and its security and financial systems.Tough words from an old warrior (and now former CIA Director). Perhaps the warrior might be a bit too old, as he also offered this quote-worthy bit of scaremongering back in February 2011:
"The potential for the next Pearl Harbor could very well be a cyber-attack," he testified on Capitol Hill Thursday before the House Permanent Select Committee on Intelligence.The more things change, the more they are the same old shit. Unchanged: using "Pearl Harbor" as shorthand for "unforeseeable bad thing," while simultaneously plucking at patriotic heartstrings by conjuring up the last war the US didn't play to a tie. Savvy. But repetitive.
The most current edition of "cyber-Pearl Harbor" finds Panetta concentrating mostly on infrastructure, thus equating a military surprise attack with some
“An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches,” Mr. Panetta said. “They could derail passenger trains, or even more dangerous, derail passenger trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”Past editions of "Clue: Panetta Edition" haven't been so concentrated on the still-mythic "Cyberterrorists in the Water Main with the Malicious Code." In February 2011, it was "Chinese 'Entities' in the Internet with the Hacking," and a bit of "Anonymous in the EVERYTHING with the LOIC." There was some talk of putting together a joint task force composed of NSA and DHS members. Additional hyperbole was added by Director of National Intelligence James Clapper:
"This threat is increasing in scope and scale, and its impact is difficult to overstate."Sure is. Especially when you lead in with "cyber-Pearl Harbor." Setting the "overstatement" bar this high does kind of throw off the curve.
June 2011 didn't change much for Panetta's ongoing game of cyber-Clue. Most of the "grilling" during his confirmation hearing revolved around ongoing actual wars, like Afghanistan, Iraq and Libya. Concern was also expressed about "indiscriminate Pentagon budget cuts."
Back to last week, and it's all about the infrastructure. It's as if no one had bothered debunking a recent DHS report about Russian hackers burning out a water pump at an Illinois water facility. Not that it matters, as the DHS was proud to have been involved in a successful FUD operation. Any publicity is good publicity, right? Boring old truth and measured phrases rarely inspire the sort of support needed to shove through questionable legislation and keep the money flowing to the cottage industries that have sprung up like kudzu around the leaky water main that is Washington, DC.
This repeated catchphrase of Panetta's has stuck with him, even as he's shifted loyalties. Back in February 2011, there was talk of DHS/NSA cooperation. Fast-forward to the latest iteration of "cyber-Pearl Harbor" and Panetta's batting for his new home team: the Defense Department, pulling the control (and money) back into the hands of the NSA, the greater of two evils.
Repeat after Panetta:
If you're against cybersecurity legislation, you're for bombing Americans on early December mornings. Can you live with that?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cyber pearl harbor, cybersecurity, fud, leon panetta
Reader Comments
Subscribe: RSS
View by: Time | Thread
These guys can't keep anything straight.
[ link to this | view in chronology ]
Re: These guys can't keep anything straight.
[ link to this | view in chronology ]
Re: These guys can't keep anything straight.
[ link to this | view in chronology ]
Re: These guys can't keep anything straight.
[ link to this | view in chronology ]
Re: Re: These guys can't keep anything straight.
[ link to this | view in chronology ]
Re: Re: These guys can't keep anything straight.
[ link to this | view in chronology ]
Re: These guys can't keep anything straight.
[ link to this | view in chronology ]
These guys can't keep anything straight.
[ link to this | view in chronology ]
I'm unclear on this, how is the internet loading up Amtraks with nerve gas exactly? Is there some administrative web-app for that? www.loadlethalchemicalsontrains.net/admin/login.asp?
[ link to this | view in chronology ]
Re: ;-P
[ link to this | view in chronology ]
Re: Re: ;-P
[ link to this | view in chronology ]
Huh . . .?????
http://publicintelligence.net/nsa-helped-with-windows-7-development/
And they've been offshoring all the jobs, technology, investment and defense tech (in at least the Clinton and Bush administrations) to China (and elsewhere, but especially China) --- so now we should be worried?????
Or is this another route to absolute control of the Internet at least on the North American side, by the Wall Street-run gov't????
Who actually does own AT&T????
[ link to this | view in chronology ]
Re: Huh . . .?????
[ link to this | view in chronology ]
Doen't Amtrack have its own network, they have the rights of way as it need to go where the trains go. Thinking on it, if the train system can be attacked over the Internet, or even over the phone system, the Amtrack board should be charged with criminal negligence. The best defense against an attack is an air gap to any publicly accessible network, as the most likely attack is a disgruntled e3x-employee who knows how the system workss, and has relevant password,access codes.
[ link to this | view in chronology ]
Re:
Not that Panetta actually intends to fix any of those absurd vulnerabilities, mind. He simply wants to secure funding, none of which would go toward fixing vulnerabilities. (Otherwise how would they be able to keep securing funding?)
[ link to this | view in chronology ]
Re: Re:
This is problem then ... duh!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Or...
[ link to this | view in chronology ]
Re: Or...
Their modus operandi appears to be:
1) Find crazy nutjob(s)
2) Convince them that America needs to be destroyed
3) Go over details of phony terrorist plot/false flag operation
4) Bust would-be terrorists
5) Use the media to try and scare Americans into complacency, i.e. "Give us more broad-sweeping powers."
6) Wash, rinse, repeat
[ link to this | view in chronology ]
Wrong target
[ link to this | view in chronology ]
Re: Wrong target
[ link to this | view in chronology ]
Re: Re: Wrong target
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
You... you... fiend! It's your fault all these companies are pulling such insanely stupid stunts!
[ link to this | view in chronology ]
Simple two-step fix:
Step 2. Get this guy a good psychiatrist, so the problem doesn't pop up later.
[ link to this | view in chronology ]
Critical Systems
Why do these guys seem to think that every piece of critical infrastructure we have in this country is somehow attached to either a remote self-destruct button or some kind of doomsday 'quick! poison the cool-aid before they all become zombies' system?
[ link to this | view in chronology ]
Somehow, I get the feeling that this is NOT what they have in mind however.
"If critical infrastructure is copnnected to the Internet the disconnect it."
The problem is, if you have any sort of network that extends beyond areas you can physically secure, someone can get into it effortlessly. Give me a pair of RJ45 connectors, a crimp, and a switch. BOOYAH! I agree wtih what you're saying, but you need security anyways. Just not being on the internet won't stop an attacker, or even make them bat an eyelash. Nothing is stopping me from hopping into your private network if your cyber security is weak.
"Why do these guys seem to think that every piece of critical infrastructure we have in this country is somehow attached to either a remote self-destruct button or some kind of doomsday 'quick! poison the cool-aid before they all become zombies' system?"
I think it's less a worry about me running the PoisonAllTheWater.exe, than it is about me shutting down any computer control you may have, or screwing with the power grid. Let me rephrase, I think that's the LEGITIMATE worry.
[ link to this | view in chronology ]
[ link to this | view in chronology ]