Government alarm over cyberattacks validated by terrorists

It is not just federal government intelligence officials who are warning of terrorist or hostile nation-state cyberattacks on U.S. defenses or critical infrastructure. It is terrorists themselves.

A video obtained about a year ago by the FBI, purportedly from al Qaeda, is being circulated by supporters of legislation in the U.S. Senate that would let the government regulate the computer security of critical industries, such as the electric power grid.

The video exhorts al Qaeda followers -- the "covert Mujahidin" -- who have the skill to commit "electronic jihad" -- launch cyberattacks on U.S. and other Western targets. Sens. Susan Collins, R-Maine, and Joseph Lieberman, I-Conn., the lead sponsors of the Cybersecurity Act, told Fox News that they had learned of the video just a week ago.

"It's essentially instructing anybody who's sympathetic with al Qaeda's ideology to engage in cyberattacks, and the tape is telling them how easy it is to do so," Collins told Fox.

Lieberman, in a statement on the website of the U.S. Senate Committee on Homeland Security and Government Affairs, says the video means, "Congress needs to act now to protect the American public from a possible devastating attack on our electric grid, water delivery systems, or financial networks. I urge the Majority Leader to call up for debate and a vote the bill that Senators Collins, Rockefeller, Feinstein, and I authored to set those standards."

The video tells followers that the U.S. is as vulnerable now to cyberattacks as its airlines were in 2001. And Lieberman and others have pointed out the obvious - it doesn't take an army, navy and air force to launch a cyberattack. All it takes is superior hacking skills. It calls for attacks on both infrastructure and media targets.

The video also includes a U.S. television clip featuring cyber analyst James Lewis and former Navy admiral and past head of both the National Security Agency and director of National Intelligence Mike McConnell discussing the vulnerabilities of government and private networks.

McConnell has been preaching that message consistently. At a panel on cyberespionage at the Bloomberg Link Cyber Security Conference in April, expressed the need for government and industry to cooperate with information sharing, since cyberattacks occur at light speed. "If you're going to be successful, you have to see it and react in milliseconds," he said. "It's about 30 milliseconds from Tokyo to New York."

But he was pessimistic about Congress passing legislation. "That debate will only end when a catastrophic attack occurs," he said. "Those bills [in Congress] are necessary, but not enough. We're going to talk but not act, sufficiently."

The Lieberman-Collins bill is backed by the White House but opposed by Republicans in Congress, who complain that it calls for too much regulation on business.

Meanwhile, Government Security News reports that at an April government security conference in Washington D.C., Kevin Helmsley, vulnerability handling lead for the Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), said, "ICS-CERT has recorded a 300% increase in vulnerability disclosure reports from water and power companies since 2008, from nine incidents then to 198 in 2011."

Read more about global security in CSOonline's Global Security section.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Taylor Armerding

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts