Red alert! Red alert! Leon Panetta warned of a digital 9/11 a "National Security Dinner" for business executives in NYC! The mainstream news blotter on my PC indicated the alarums had been sent far and wide. The infrastructure was vulnerable and menaced by a potential Iranian cyberattack!
Ten years ago it was mostly always China that was named. And China is still a very favorite country to mention in Cult of Cyberwar news.
But as I've pointed out previously, it takes a lot of gall to paint Iran as plotting to launch cyberattacks -- the Shamoon virus being the star of this show, since it infected Saudi Arabian Aramco installations -- when you're the party who started the cyberwar.
While the US government has not acknowledged it, it's not a secret that it has been quietly hard at work attacking Iranian infrastructure, and the networks of other Middle Eastern nations deemed unfriendly, with malware.
And it would come as no surprise if it had touched off a cyber-arms race and a retaliating clandestine war.
So since we've been poking Iran with pointed sticks in cyberspace for awhile, we're really not in any position to summon outrage over malware on Saudi Arabian oil terminal networks.
We had to go and s--- the bed so now we must live with it.
Look -- it's simple. Have good back-ups. Root, hog or die.
It's worth adding that the implication that Americans will wake up one morning and find the country, or portions of it, a smoking dysfunctional ruin due to Iranian cyberattack is about as disingenuous as can be imagined.
However, this type of rhetorical/political maneuvering is not new and Panetta's speech is one in a historical continuum of warnings about digital Pearl Harbor that go back well over fifteen years. In fact, many American cyberwarriors, and computer security workers, were in rubber pants when they were first cranked up. We furnish the enemy of convenience, according to the time and conditions. The rest of the stuff about what they can do, embellished with the seasoning of computer malware incidents chosen from current news, follows automatically.
"Here in the U.S., attacks on large financial institutions during the last two months have delayed or disrupted services on customer Web sites. Secretary Panetta said the scale and speed of those attacks was 'unprecedented' ...
"While recent attacks concern defense officials, the worry is that there could be even more destructive scenarios. 'We know that foreign cyber actors are probing America's critical infrastructure networks,' said Secretary Panetta. Those hackers are trying to access computer control systems that operate chemical, electricity and water plants as well as those that guide transportation systems, he said. 'We know of specific instances where intruders have successfully gained access to these control systems,' he said."
What's not explained here is that networked computers have been everywhere for a good long time. And that trouble-makers and malware invariably always get into them, sooner or later.
To catalog it all might fill the Library of Congress.
As for the attack-the-water meme, no a requirement of every story on the issue, DD blog has dealt with it decisively, many times. Most recently, here.
And the "unprecedented attacks on US giant banks, which made their web pages run slow or inconvenienced some doing on-line banking, a digital Pearl Harbor that somehow failed to bring the nation low, is discussed here.
Due to the continued abuse of public news on the issue by US national security men, the now constant use of fearful scenarios and predictions, the public is primed to react badly to even the most trivial incidents. People believe the country could be ruined through cyberspace because they have been told so many times by the Leon Panettas.
One understands fully why the Leon Panettas of our nation do this. They must. Since 9/11, everything has to be described in terms of how it could be a potential American civilization-destroying catastrophe, or you are not doing proper due diligence. Many others would say there's quite a bit of rote CYA-ism to it.
Trouble via the Internet daily will always be with us. It's a risk that must be managed and, to a large extent, is -- with great labor and struggle. But it has not been served by unleashing a state-sponsored malware attack on foes and then hypocritically complaining when someone has aimed a clumsy attack in kind back at you or an "ally."
"All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date," said Leon Panetta, as conveyed by the Wall Street Journal.
But Iranian computers, or those in other countries caught in the splatter campaign by the Stuxnet program and its brethren somehow have gone missing in this calculation. Because they're the bad guys and deserve it, right?
In the world of global network security, what you see depends on where you're standing.
"The Shamoon virus attacked 30,000 Saudi ARAMCO workstations and replaced crucial system files with an image of a burning U.S. flag ... That virus added false information that overwrote all of the real data on those machines," reads the Journal.
Viruses that corrupt the disk. Hmmm, seems ... old.
Restore from back-up. Pot, kettle, black. Resist primitive urges to increase hysteria on cyberwar and potential retaliations.