Think cyber-attacks are bad now? You ain’t seen nothing yet.
The Pew Research Center is predicting there will be a massive and debilitating cyber-attack against the U.S. within the next decade.
Of the 1,600-plus experts surveyed by the Pew Research Center and Elon University’s Imagining the Internet Center, 61 percent agreed a major attack causing widespread harm would occur.
The result of such attacks will also cost the government and industry billions of dollars in government over time, the report indicated.
“Damages in the billions will occur to manufacturing and/or utilities but because it ramps up slowly, it will be accepted as just another cost (probably passed on to taxpayers through government rebuilding subsidies and/or environmental damage), and there will be little motivation for the private sector to defend itself,” said Jeremy Epstein, program director at the National Science Foundation and former Department of Homeland Security (DHS) program director of Secure and Trustworthy Cyberspace.
“Due to political gridlock and bureaucratic inertia, the government will be unable to defend itself, even if it knows how. The issue is not primarily one of technical capability (although we’re sorely lacking in that department). The primary issue is a lack of policy/political/economic incentives and willpower to address the problem.”
Former ICCAN CEO Mike Roberts said governments are becoming more aware of the problems and risks.
“Governments are discovering they can’t fake a commitment to security for their own facilities,” he said. “The ObamaCare server fiasco is just one of the more visible examples of politicians believing their own hype about the Net. There ought to be a highly regarded annual award for ‘demonstrated Internet security competence.”
There was also a consensus that individual accounts and identities will be more vulnerable and that businesses will “be persistently under attack,” according to the attack.
“The Internet of Things is just emerging,” activist Internet user Tim Kambitsch said. “In the future, control of physical assets, not just information, will be open to cyber attack.”
Pew said this will also make essential utilities more vulnerable as well as open the door to large economic disruptions.
Here are some of the other more interesting comments Pew collected from the experts:
- Ray Schroeder, associate vice-chancellor for online learning at the University of Illinois-Springfield — “I fear a cyber attack that will bring down key parts of the national infrastructure and severely damage the economy. I do not expect the Internet itself to suffer irreparable harm. But through the Internet, such infrastructures as the power grid; water and sewage services; hard-wired telephone and cell phone networks may be impaired. These, in turn, would put enormous pressures on the economy and alternative service models. Daily, there are thousands of attacks that are thwarted. But, it is only a matter of time before a large-scale attack succeeds. The key will be to establish effective models for recovery and support.”
- Henning Schulzrinne, Internet Hall of Fame member and a technology developer and professor at Columbia University — “Primarily financial services (both trading and financial transactions) and maybe the power grid seem vulnerable and their disruption is most likely to inflict large collateral damage. Both are dominated by legacy systems, with a limited willingness to make the necessary investments in upgrades and, particularly for utilities, limited technical depth in their staff.”
- Elena Kvochko, manager for IT industry at an international organization based in New York — “The possibility of a widespread cyber attack on national critical infrastructure is a major concern for many governments. The scope and the consequences of such attacks may be different for different nations. However, a large portion of critical infrastructure facilities still rely on software and technology created decades ago and which has not been upgraded. The level of sophistication of adversaries generally progresses much faster, therefore, it is important to implement adequate measures to ensure a proper protection of critical assets and capabilities.”
- Judith Perrolle, a professor at Northeastern University in Boston — “The U.S. government’s series of cyber attacks on citizens, economic entities, and governments around the world has already done this. People have died from faulty equipment producing gas pipeline explosions and from drone bombings of civilians. U.S. companies have lost billions worth of business as foreign customers no longer trust their products and services. One way to counter such attacks is by diplomacy and respect for international law, especially by the United States. As one of my students once titled a paper on Stuxnet: ‘People who live in electronic houses shouldn’t throw worms.’ A second line of defense is to design computer and information systems to be more secure. Our current systems are incredibly vulnerable, by design. U.S. cyber-security efforts seem dedicated to breaking into computer systems, not securing them.”