Cyber Attacks: Protecting America's Security Against Digital Threats

Abstract

The events of September 11, 2001, underscored the vulnerability to foreign attack of the territory of the United States itself, in a way not seen since Pearl Harbor. Since that day, the federal government, the media, and the public have been intensely focused on taking measures to protect us from similar attacks — or from even more devastating attacks involving weapons of mass destruction (WMD), such as nuclear, biological, chemical, or radiological weapons.

In addition to such physical attacks, however, America remains highly vulnerable to another form of attack: a "cyber attack" against the computer networks that are critical to our national and economic security. Attackers might target banking and financial institutions, voice communication systems, electrical infrastructures, water resources, or oil and gas infrastructures. The growing complexity and interconnectedness of these systems renders them increasingly vulnerable to attack. While a physical attack is likely to be carried out only by terrorists or hostile foreign nation-states, cyber attacks may be carried out by a wide array of adversaries, from teenage hackers and protest groups to organized crime syndicates, terrorists, and foreign nation-states. As a result, the problem is of enormous breadth and complexity. It requires that both our protective and reactive measures deal with each specific scenario, and not just the threat of an attack by terrorists.