'Cyber Pearl Harbor': Could future cyberattack really be that devastating?
Cyberattacks on critical infrastructure like the power grid ‘could be a cyber Pearl Harbor,’ Defense Secretary Leon Panetta warned in October. Some others say the concept is overblown.
(Page 2 of 2)
"There is no "Battleship Row" in cyberspace," writes the professor of defense analysis at the Naval Postgraduate School in Monterey, Calif. "Pearl Harbor was a true ‘single point of failure.’ Nothing like this exists in cyberspace."Skip to next paragraph
Subscribe Today to the Monitor
The logic behind creating the Internet, he says, was to ensure continued communications even after a nuclear war. Resilience is a key idea that shaped the structure of cyberspace, he says. Still, he's not entirely sanguine:
"Our armed services, increasingly dependent upon their connectivity, can be virtually crippled in the field by disruptive attacks on the infrastructure upon which they depend – but which are not even government-owned," he writes.
Still others say the whole concept is overblown.
"Digital Pearl Harbor is just a funding term, a way to get money for military and cybersecurity budgets," says John Robb, a former Air Force pilot who served in Special Operations Forces and is author of "Brave New War" about new modes of warfare. "It has no real relevance because we still live in a world dominated by nuclear weapons."
There are also those who say the cyber threat is quite real, but they don't much like the “cyber Pearl Harbor” term.
"When people started talking about a cyber Pearl Harbor, the general rule is to wildly overestimate the ability of hackers to turn America into a Stone Age economy," says James Lewis, a cybersecurity expert with the Center for Strategic and International Studies in Washington. "It's hard to think of any scenario in which you could kill a lot of people in a cyberattack. So that part of the analogy doesn't make sense."
But the other part of the analogy – the sneaky part – does make sense, he says.
"It's not hard to imagine a surprise cyberattack for which we are unprepared, which I think is why some people continue to use the phrase," he says. "With Pearl Harbor, there was plenty of warning it was coming – and military commanders didn't do much. If we were in a tense situation with China today, it might make the analogy more credible. They might try to launch a surprise cyberattack."
Even so, he says, it "would be nice if the phrase went away, but it seems to be stuck."
A few years ago, a cybersecurity group that Mr. Lewis meets with held a contest with a free pizza dinner for anyone who could think of a better term. "Digital Dunkirk" and a few other alternatives were offered, but none won much support.
"If some nation takes down the US power grid, that will certainly disrupt Americans' lives, but it might also galvanize action – which would be the same strategic blunder made by the Japanese," Lewis says. "I don't know. Maybe we'll have to revive the [naming] contest."