For some time now, people associated with cybersecurity have warned of a substantial cyber attack that would rise to the level of what they call a “cyber 9/11.” Now, former Homeland Security Secretary Janet Napolitano is quoted as saying a “cyber 9/11” that could hit critical U.S. national infrastructure — water, electricity, gas networks — could happen “imminently.”
Any way you look at it, those are strong words from someone who has a view of the cyber threat environment that few people come close to!
At one conference, I overheard a conversation in which several individuals pondered when the death toll from a cyber war would appear on Wikipedia’s lists of war deaths.
Add to that a warning that came late last year when a cybersecurity industry insider talked about deaths directly resulting from a cyber attack. This warning came after multiple reports of cyber terrorists and even nation-states began launching sophisticated and highly targeted cyber attacks that damaged or even destroyed equipment. In addition, researchers showed how they could hack and take control of medical equipment and even vehicles.
Multiple articles have been published suggesting that the cyber threat is overstated. There are those who dismiss such warnings as fear mongering.
It all boils down to risk management. Organizations must assess the cyber risks their products and systems face and take appropriate action. If the warnings are correct, and death via cyber becomes a public reality, you can bet civil litigation and possibly criminal negligence charges will surely follow.
Let’s take a moment and remember all those who lost their lives on 9/11.