What A ‘Cyber 9/11’ Would Look Like

The United States has been beset by hackers who have plundered the country’s intellectual property and meddled with its political system. But the worst could be yet to come in the form of a “cyber 9/11″, a term often invoked but rarely defined.

Recently, two security experts speaking at Fortune’s Brainstorm Tech-conference in Aspen, Colo. this week shared some unsettling specifics.

Jen Easterly, who helps lead cyber security defenses at Morgan Stanley, cited the powerful hacking tools that are already being deployed by the likes of North Korea to attack the international banking system. She warned a broader attack of this nature could create financial instability, and that the tools could be deployed against other critical targets.

“What’s a cyber 9/11? My scary scenario is non-state actors getting hold of these capabilities, and attacking the air traffic control system and the energy system,” said Easterly, who served in the army for 22 years and served as a counter-terrorism advisor to President Obama.

Jay Kaplan, CEO of cyber defense firm Synack, warned a cyber 9/11 could involve terrorists hitting not only the energy grid, but also water systems. He added that the US had been attacked since “the start of the Internet” but that the country’s current lack of preparedness could expose it an unprecedented cyber disaster.

While any worst case attack is likely to come from non-state actors (i.e. terrorists), Easterly and Kaplan say the cyber-threat from countries, especially China, Russia, and North Korea, remains very real. Both echoed Director of National Intelligence, Dan Coats, who stated recently that warning lights “are blinking red again” and a cyber-attack is imminent.

Contrary to the doubt raised by President Trump over Russian interference in the 2016 election, both experts share the view of the intelligence community that such interference definitely occurred.

“There is incontrovertible evidence of a nation state sponsored attack,” said Easterly, adding the goal was to sabotage the country’s fair and free elections, and that such attacks amount to an attack on our “cognitive infrastructure.”

Synack also noted that the country’s broad cyber vulnerabilities stem in large part from a lack of qualified people capable of defending companies and governments. He called for more training, pointing to China, which he says is building six universities for cyber education.

On a brighter note, Synack said US tech giants are doing a better job of working with intelligence agencies to address the problem of terrorists using popular websites to spread propaganda or plan attacks.
“Nobody wants terrorists on their platforms,” he said.

Fortune:

You Might Also Read: 

Deaths From Cyber Attacks:

Russia Will Keep Up Cyber Attacks For Geo-Political Influence:

A New Cold War Will Not Be Based On Hardware:

 

« Fraudsters £350k Spoof University Emails
Trump / Putin Summit Was A Magnet For Hackers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Seclore

Seclore

Seclore is the most advanced, secure, and automated Enterprise Digital Rights Management (EDRM) solution available.

Exprivia

Exprivia

Exprivia is active in the design, development and integration of IT systems including cyber security.

Apricorn

Apricorn

Apricorn provides hardware-based 256-bit encrypted external storage products to companies and organizations that require high-level protection for their data at rest.

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

RangeForce

RangeForce

RangeForce delivers the only integrated cybersecurity simulation and skills analysis platform that combines a virtual cyber range with hand-on training.

Ingenio Global

Ingenio Global

Ingenio is a specialist recruitment business for SaaS companies. Our purpose is to source exceptional talent in areas including cyber security for leading SaaS companies in the UK and Ireland.

The Cyber AB

The Cyber AB

The Cyber AB is the official accreditation body of the Cybersecurity Maturity Model Certification (CMMC) Ecosystem.

Astaara

Astaara

Astaara is an integrated insurance services and risk management advisory business incorporating cyber risk advisory, underwriting and analytics.

CentricalCyber

CentricalCyber

CentricalCyber is a cyber risk consultancy and NIST CSF specialist set up to help business leaders better understand and manage cyber risk.

Nitrokey

Nitrokey

Nitrokey is the world-leading company in open source security hardware. Nitrokey develops IT security hardware for data encryption, key management and user authentication.

Anvilogic

Anvilogic

Anvilogic provides a unifying experience for security professionals aimed at providing improved visibility, enrichment, and context across hundreds of alerting datasets and security tools.

Eunetic

Eunetic

Eunetic IT security solutions - we secure your websites, emails, domains and data.

Moonsense

Moonsense

Moonsense is on a mission to level the playing field in the fight against online fraud.

Flow Security

Flow Security

Enterprises run on data, Flow secures it at runtime. With a runtime-first approach, Flow is a game-changer in the data security space, securing data itself, beyond the infrastructure it resides in.

MadWolf Technologies

MadWolf Technologies

MadWolf’s mission is to deliver enterprise-quality managed services and focused applications to organizations operating in the non-profit, association and international development sectors.

Ark Infotech

Ark Infotech

Ark Infotech is a provider of cloud management services, selective support services, and technology solutions.