recommended reading

Panetta: Intruders ‘successfully gained access’ to critical control systems

Virginia Mayo/AP

Defense Secretary Leon Panetta late Thursday said outsiders are known to have breached the computers that control U.S. chemical, electricity or water utilities. And he announced the Pentagon is finalizing the most comprehensive changes to its offensive rules of engagement in cyberspace to protect civilian networks, for the first time in seven years.

The comments marked a rare occasion in which government officials have confirmed that adversaries are not just probing critical infrastructure systems but penetrating those machines’ safeguards. Panetta, who was addressing business executives in New York City, also disclosed that the severity of recent disruptions to U.S financial services websites and a Saudi oil company is unparalleled.

“We know that foreign cyber actors are probing America’s critical infrastructure networks. They are targeting the computer control systems that operate chemical, electricity and water plants, and those that guide transportation throughout the country. We know of specific instances where intruders have successfully gained access to these control systems,” Panetta said.

U.S. cybersecurity is the responsibility of the Homeland Security Department, with the Pentagon and the FBI playing supporting roles to protect civilian systems. To further that support, “the department has developed the capability to conduct effective operations to counter threats to our national interests in cyberspace,” Panetta said. “Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for actions that harm America or its interests.”

He added that the new rules of engagement “will make clear that the department has a responsibility not only to defend DoD’s networks, but also to be prepared to defend the nation and our national interests against an attack in or through cyberspace.”

Panetta sits on the more provocative side of a debate over the ability of aggressors to wage network attacks that could cripple American society. While most experts agree that terrorist groups and enemy states may be trying to buy or build such capabilities, they are divided over the imminent risk of a cyber assault “that could be the equivalent of Pearl Harbor,” to quote Panetta’s oft-used axiom.

Panetta on Thursday again depicted images of simultaneous cyberattacks that derail trains loaded with lethal chemicals, contaminate the water supply in major cities, and degrade critical military systems -- combined with a physical attack -- that could culminate in a “cyber Pearl Harbor.”

It is clear that bad actors currently are able to engineer malicious software that steals substantial monetary funds, intellectual property and national security secrets. Disruptive malware that destroys electronics and software already is emerging.

Panetta pointed to an August strike on internal network services at Saudi Aramco, the Saudi Arabian state oil company, that corrupted 30,000 employee workstations.

The so-called Shamoon virus “replaced crucial system files with an image of a burning U.S. flag. It also put additional garbage data that overwrote all the real data on the machine,” Panetta said. “The Shamoon virus was probably the most destructive attack that the private sector has seen to date.”

Aramco’s computers have since been cleaned of the malware and restored to service, the firm stated in late August. None of the company’s oil and gas operations were affected by the infection, according to Aramco officials.

More recently, a string of computer incidents temporarily disabled customer sites at major U.S. banks, including Capital One and SunTrust Banks. An activist group calling itself “Cyber fighters of Izz ad-din Al qassam” took credit for planning floods of network traffic to paralyze the sites’ servers, known as denial of service attacks.

On Thursday, Panetta said, “While this kind of tactic isn’t new, the scale and speed was unprecedented,” adding that the online bank disturbances and the Saudi Arabia hit “mark a significant escalation of the cyber threat.”

The Pentagon -- with a $3 billion purse -- is continuing to increase key investments in cybersecurity even in times of fiscal constraint. “Our most important investment is in the skilled cyber warriors needed to conduct operations in cyberspace,” Panetta said. 

Threatwatch Alert

Credential-stealing malware / User accounts compromised / Software vulnerability

Android Malware Infects More than 1M Phones, Adds 13,000 Devices a Day

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.