This year’s Blaster computer virus wreaked havoc on half a million computers. But that’s child’s play compared to what a real terrorist cyber-attack would do, U.S. homeland security officials said on Wednesday.
“The attacks that have been launched to date have been relatively unsophisticated” and undisruptive, said Amit Yoran, director of the National Cyber Security Division, at a meeting with government officials and executives of technology companies. “But we cannot count on that forever or for long.”
Tom Ridge, secretary of the U.S. Department of Homeland Security, told attendees at the National Cyber Security Summit that the Internet and corollary networks that modern U.S. industries depend on “do present an attractive target for terrorists.”
A simulated attack on banks, utilities and other companies and government agencies in October showed problems in communication between corporations and government that would need to react quickly, Ridge said.
It “is still not as smooth as it could be,” he said Ridge.
Yoran described the simulation as more of a role-playing exercise to test how fast corporations and government agencies can respond to cyber attacks. The U.S. government’s record in protecting its own networks is “unacceptable,” he told the group.
Officials are worried that cyber attackers could bring chaos to telecommunications systems, banking and trading networks and other infrastructure with crippling viruses or by breaking into networks through holes in software or other methods.
Discussions at the two-day event centered on how to establish an early warning system for cyber attacks, develop secure software and make executives and consumers more aware of the need for better practices.
The National Cyber Security Division is also establishing with Carnegie Mellon and its Computer Emergency Response Team a central coordination center for responding to cyber attacks, according to Ridge.
The goal of the government-private cooperation is to “close the gaps and weaknesses that terrorists would dare exploit,” he said.
More than 76,000 cyber-security breaches were reported in the first half of this year, representing an increase from previous years, Ridge said.