What A ‘Cyber 9/11’ Would Look Like

The United States has been beset by hackers who have plundered the country’s intellectual property and meddled with its political system. But the worst could be yet to come in the form of a “cyber 9/11″, a term often invoked but rarely defined.

Recently, two security experts speaking at Fortune’s Brainstorm Tech-conference in Aspen, Colo. this week shared some unsettling specifics.

Jen Easterly, who helps lead cyber security defenses at Morgan Stanley, cited the powerful hacking tools that are already being deployed by the likes of North Korea to attack the international banking system. She warned a broader attack of this nature could create financial instability, and that the tools could be deployed against other critical targets.

“What’s a cyber 9/11? My scary scenario is non-state actors getting hold of these capabilities, and attacking the air traffic control system and the energy system,” said Easterly, who served in the army for 22 years and served as a counter-terrorism advisor to President Obama.

Jay Kaplan, CEO of cyber defense firm Synack, warned a cyber 9/11 could involve terrorists hitting not only the energy grid, but also water systems. He added that the US had been attacked since “the start of the Internet” but that the country’s current lack of preparedness could expose it an unprecedented cyber disaster.

While any worst case attack is likely to come from non-state actors (i.e. terrorists), Easterly and Kaplan say the cyber-threat from countries, especially China, Russia, and North Korea, remains very real. Both echoed Director of National Intelligence, Dan Coats, who stated recently that warning lights “are blinking red again” and a cyber-attack is imminent.

Contrary to the doubt raised by President Trump over Russian interference in the 2016 election, both experts share the view of the intelligence community that such interference definitely occurred.

“There is incontrovertible evidence of a nation state sponsored attack,” said Easterly, adding the goal was to sabotage the country’s fair and free elections, and that such attacks amount to an attack on our “cognitive infrastructure.”

Synack also noted that the country’s broad cyber vulnerabilities stem in large part from a lack of qualified people capable of defending companies and governments. He called for more training, pointing to China, which he says is building six universities for cyber education.

On a brighter note, Synack said US tech giants are doing a better job of working with intelligence agencies to address the problem of terrorists using popular websites to spread propaganda or plan attacks.
“Nobody wants terrorists on their platforms,” he said.

Fortune:

You Might Also Read: 

Deaths From Cyber Attacks:

Russia Will Keep Up Cyber Attacks For Geo-Political Influence:

A New Cold War Will Not Be Based On Hardware:

 

« Fraudsters £350k Spoof University Emails
Trump / Putin Summit Was A Magnet For Hackers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Carson & SAINT

Carson & SAINT

Carson & SAINT is an award-winning consulting firm with deep experience in cybersecurity technology, software, and management consulting.

Inogesis

Inogesis

Inogesis helps blue-chip organisations harness disruptive technologies and thinking to drive new revenues or overcome challenges by connecting them with dynamic small companies.

Blaze Information Security

Blaze Information Security

Blaze Information Security is a privately held, independent information security firm born from years of combined experience and international presence.

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

TDRA focuses on regulating the telecommunications sector and enabling government entities in the field of smart transformation. It is responsible for the overall digital infrastructure in the UAE.

Cybersecurity Defense Initiative (CDI) - University of Arkansas

Cybersecurity Defense Initiative (CDI) - University of Arkansas

The Cybersecurity Defense Initiative is a national cybersecurity training program, developed for technical personnel and managers who monitor and protect our nation's critical cyber infrastructures.

NewGens

NewGens

NewGens is a solution and service provider to banking institutions in the APAC region. Areas of expertise include cybersecurity, AML, fruad prevention, compliance and risk management.

Secure Blockchain Technologies (SBT)

Secure Blockchain Technologies (SBT)

SBT is a team of Enterprise IT Security Professionals weaving security and Blockchain Technology into our customer’s operational fabric.

Secberus

Secberus

SECBERUS creates cloud security technology to help organizations stay secure & compliant in the public cloud.

Cytellix

Cytellix

Cytellix is an industry-standards-based, managed cybersecurity service provider, specializing in proactive behavioral analytics and situational awareness of an organization’s cyber posture.

CloudSEK

CloudSEK

CloudSEK has set its sights on building the world’s fastest and most reliable AI technology, that identifies and resolves digital threats.

INFRA Security & Vulnerability Scanner

INFRA Security & Vulnerability Scanner

INFRA is a powerful platform with an easy interface for any kind of Ethical Hacking, from corporate monitoring and VAPT (vulnerability assessments and penetration testing) to military intelligence.

Pivot Point Security

Pivot Point Security

Pivot Point Security is a trusted leader in information security consulting. We help clients master their information security management systems.

Bionic

Bionic

Bionic is an agentless way to get control over your increasingly complex applications so you can manage, operate, and secure them faster and more efficiently.

Wavex Technology

Wavex Technology

Wavex Technology is an award winning IT Services firm offering clients a secure and fully managed IT service.

Plex IT

Plex IT

Plex IT provides managed IT services to organisations along with managed security services.

Core42

Core42

Core42 provides a full-spectrum of AI enablement solutions covering cloud, data, cybersecurity and digital services designed for customer success.