What A ‘Cyber 9/11’ Would Look Like

The United States has been beset by hackers who have plundered the country’s intellectual property and meddled with its political system. But the worst could be yet to come in the form of a “cyber 9/11″, a term often invoked but rarely defined.

Recently, two security experts speaking at Fortune’s Brainstorm Tech-conference in Aspen, Colo. this week shared some unsettling specifics.

Jen Easterly, who helps lead cyber security defenses at Morgan Stanley, cited the powerful hacking tools that are already being deployed by the likes of North Korea to attack the international banking system. She warned a broader attack of this nature could create financial instability, and that the tools could be deployed against other critical targets.

“What’s a cyber 9/11? My scary scenario is non-state actors getting hold of these capabilities, and attacking the air traffic control system and the energy system,” said Easterly, who served in the army for 22 years and served as a counter-terrorism advisor to President Obama.

Jay Kaplan, CEO of cyber defense firm Synack, warned a cyber 9/11 could involve terrorists hitting not only the energy grid, but also water systems. He added that the US had been attacked since “the start of the Internet” but that the country’s current lack of preparedness could expose it an unprecedented cyber disaster.

While any worst case attack is likely to come from non-state actors (i.e. terrorists), Easterly and Kaplan say the cyber-threat from countries, especially China, Russia, and North Korea, remains very real. Both echoed Director of National Intelligence, Dan Coats, who stated recently that warning lights “are blinking red again” and a cyber-attack is imminent.

Contrary to the doubt raised by President Trump over Russian interference in the 2016 election, both experts share the view of the intelligence community that such interference definitely occurred.

“There is incontrovertible evidence of a nation state sponsored attack,” said Easterly, adding the goal was to sabotage the country’s fair and free elections, and that such attacks amount to an attack on our “cognitive infrastructure.”

Synack also noted that the country’s broad cyber vulnerabilities stem in large part from a lack of qualified people capable of defending companies and governments. He called for more training, pointing to China, which he says is building six universities for cyber education.

On a brighter note, Synack said US tech giants are doing a better job of working with intelligence agencies to address the problem of terrorists using popular websites to spread propaganda or plan attacks.
“Nobody wants terrorists on their platforms,” he said.

Fortune:

You Might Also Read: 

Deaths From Cyber Attacks:

Russia Will Keep Up Cyber Attacks For Geo-Political Influence:

A New Cold War Will Not Be Based On Hardware:

 

« Fraudsters £350k Spoof University Emails
Trump / Putin Summit Was A Magnet For Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Packet Storm

Packet Storm

Packet Storm is an online resource for security tools, whitepapers, exploits, and advisories on computer security issues.

Quality Professionals (Q-Pros)

Quality Professionals (Q-Pros)

QPros are a recognized leader in providing full-cycle software quality assurance and application testing services.

Conscia

Conscia

Conscia provides IT infrastructure solutions and 24/7 services in network, data center, security and mobility.

ENEA Qosmos Division

ENEA Qosmos Division

Qosmos, a division of Enea, leads the market for IP traffic classification and network intelligence technology used in physical, SDN and NFV architectures.

ZeroNorth

ZeroNorth

ZeroNorth provides a new approach to improve software and infrastructure security, simplify continuous compliance reporting and to create more cost-effective risk management programs.

Genians

Genians

Genians provides the industry’s leading Network Access Control (NAC) solution, which ensures full visibility of all IP-enabled devices regardless of whether they are wired, wireless, or virtual.

Wynyard Group

Wynyard Group

Wynyard Group is a niche, technology-driven company specializing in Integrated Border Security solutions for enhanced public safety.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

Gotham Digital Science (GDS)

Gotham Digital Science (GDS)

Gotham Digital Science is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management.

KYND

KYND

KYND has created pioneering cyber risk technology that makes assessing, understanding, and managing business cyber risks easier and quicker than ever before.

LogicMonitor

LogicMonitor

LogicMonitor provides SaaS-based IT infrastructure monitoring services for on-premises and multi-cloud environments.

VulnCheck

VulnCheck

VulnCheck helps organizations outpace adversaries with vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Redefine

Redefine

Redefine are Crypto-Native, Cyber Experts, and Blockchain Believers. We are here to make Web3 anti-fragile, safe and accessible to all.

PRE Security

PRE Security

PRE Security is leading the transition into the next era of AI cybersecurity with a new model: Predict & Prevent.

Reality Defender

Reality Defender

Reality Defender stops deepfakes before they become a problem. Our proprietary deepfake and generative content fingerprinting technology detects video, audio, and image deepfakes.

Defendis

Defendis

Defendis develops AI-powered cybersecurity solutions for Government Agencies, Banks, and Businesses, designed to helps them contain data leaks, minimise damage, and proactively hunt for new threats.