Lawmakers and administration officials have warned of potentially catastrophic consequences if Congress doesn't pass cybersecurity legislation this year, but some observers question whether the rhetoric is overblown.
"Think about how many people could die if a cyber terrorist attacked our air traffic control system and planes slammed into one another," Sen. Jay Rockefeller (D-W. Va.) testified at a Homeland Security and Government Affairs Committee hearing last month. "Or if rail-switching networks were hacked — causing trains carrying people, or hazardous materials — to derail and collide in the midst of some of our most populated urban areas, like Chicago, New York, San Francisco or Washington."
Jerry Brito, director of the Technology Policy Program at George Mason University, said the "rhetoric does not match the reality" on cybersecurity.
"When members of Congress talk about [cybersecurity] they conflate the different threats," Brito said.
He explained that cyber espionage is a "very real" problem that is "happening right now." Companies and foreign governments are hacking into the computer systems of American companies to steal their trade secrets and gain a competitive advantage.
But Brito said the likelihood of a cyber attack having a major "kinetic effect"—meaning significant physical destruction—is low.
He said he doubts that terrorist groups or hacker collectives like Anonymous have the sophistication to takedown critical infrastructure systems.
Foreign governments, such as Russia or China, could probably wreak havoc with a cyber attack, Brito said, but they would likely only employ that tactic if the U.S. was already engaged in all-out war with them.
Brito said comparing a potential cyber attack to Sept. 11 or Pearl Harbor is "totally hyperbolic."
No comments:
Post a Comment