Research, ideas, and leadership for a more secure, peaceful world

Reports & Papers

Should We Fear a Cyber Pearl Harbor or 9/11?

Published: May 15, 2014

Takeaways from the Harvard Kennedy School IDEASpHERE panel “Should We Fear a Cyber Pearl Harbor or 9/11?,” with Alexander Klimburg and Joseph Nye

 

Sampling of Notable Thoughts

Terrorist organizations do not possess the skills and technology needed to carry out a large-scale cyber attack today, but might one day in the future. – Joseph S. Nye

Cyber weapons could be used to prevent conflict escalation; for example, by disabling satellites linked to radar and missile installations. But such uses are both fully understood. – Joseph S. Nye

Many more loopholes exist today for attackers to exploit than did ten-years ago, as do weapons to use in such an attack. – Alexander Klimburg

A $300 denial-of-service attack can create $100,000 in damages. – Alexander Klimburg


Summary

While some in government have sounded alarm bells over the prospect over a cyber Pearl Harbor or 9/11, Harvard University Distinguished Service Professor Joseph S. Nye and Alexander Klimburg, research fellow with the Belfer Center's Science, Technology, and Public Policy Program and Cyber Project, reject this claim - at least in the near-term.  In their presentation, "Should We Fear a Cyber Pearl Harbor or 9/11?,” during Harvard Kennedy School's IDEASpHERE, both Nye and Klimburg pointed to the myriad of obstacles that would-be cyber attackers would have to surmount to carry out such an attack, but cautioned that cyber threats do exist and that they are growing daily.

Nye cited the 2010 Stuxnet attack, which destroyed thousands of Iranian centrifuges, as a case-in-point of what terrorists cannot do. Stuxnet required coordination across three diverse fieldsnetwork, supply chain, and humanand required the type of planning which is outside of the capabilities of known terrorist groups.

The most important issues around cybersecurity and cyber-terrorism are the questions to which answers do not exist or are unclear, Nye said. What role does deterrence play in cyber security? What secondary uses are there for cyber weapons? How are attacks attributed and how does attribution affect policy responses?

Klimburg's remarks focused on the technical aspects of cyber security and the diffusion of cyber capabilities to greater numbers of people and actors. Pointing to the massive growth in computing power and applications in recent years, Klimburg warned that many more loopholes exist today for attackers to exploit, as do weapons to use in such an attack. This has made defending against them much more difficult.

The latest from Belfer
See more
Recommended citation

"Should We Fear a Cyber Pearl Harbor of 9/11?" Event Report, Discussion, IDEASpHERE Celebration, Harvard Kennedy School, May 15, 2014.