U.S. defense chief says pre-emptive action possible over cyber threat

WASHINGTON Thu Oct 11, 2012 11:06pm EDT

U.S. Secretary of Defense Leon Panetta addresses a news conference during a NATO defence ministers meeting at the Alliance headquarters in Brussels October 10, 2012. REUTERS/Francois Lenoir

U.S. Secretary of Defense Leon Panetta addresses a news conference during a NATO defence ministers meeting at the Alliance headquarters in Brussels October 10, 2012.

Credit: Reuters/Francois Lenoir

Related Topics

WASHINGTON (Reuters) - The U.S. military could act pre-emptively if it detects an imminent threat of cyber attack, U.S. Defense Secretary Leon Panetta said on Thursday, urging stronger action to bolster America's defenses against such plots.

In what was described by U.S. officials as the first major policy speech on cyber security by a defense secretary, Panetta lamented under-investment by America's private sector and political gridlock in Washington that he said stymied cyber security legislation. He said a presidential executive order was being considered "while we wait for Congress to act."

Addressing a gathering of business leaders in New York, Panetta warned that unnamed foreign actors were targeting computer control systems that operate chemical, electricity and water plants and those that guide transportation.

"We know of specific instances where intruders have successfully gained access to these control systems. We also know that they are seeking to create advanced tools to attack these systems and cause panic, and destruction, and even the loss of life," Panetta said.

Aggressors could derail passenger trains, contaminate the water supply or shut down the power grid in much of the country, he said.

Still, he cautioned the gathering of the Business Executives for National Security that although awareness of the threat in America's private sector had grown, "the reality is that too few companies have invested in even basic cyber security."

To underscore the degree of concern, Panetta pointed to the August cyber attack on Saudi Arabian state oil company, ARAMCO, blamed on the "Shamoon" virus, and a similar one days later that struck Qatar's natural gas firm, Rasgas.

"All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date," he said.

Panetta called the "Shamoon" virus sophisticated and noted that in Saudi Arabia it replaced crucial system files with an image of a burning U.S. flag.

"More than 30,000 computers that it infected (at ARAMCO) were rendered useless, and had to be replaced," he said.

He also pointed to recent denial-of-service attacks on major U.S. banks, which delayed or disrupted services on customer websites.

One U.S. official, briefing reporters before the speech on condition of anonymity, said the United States knew who carried out the attacks cited in Panetta's speech, but declined to disclose that information.

TRACKING CYBER ATTACKERS

The United States has long been concerned about cyber warfare capabilities in China, Russia and increasingly from Iran. But one problem has been the difficulty in knowing with certainty where a cyber attack hails from - making potential retaliation difficult.

Panetta said the United States had made significant investments in cyber forensics to address that problem "and we are seeing returns on those investments."

"Potential aggressors should be aware that the United States has the capacity to locate them and to hold them accountable for actions that may try to harm America," Panetta said, adding the Pentagon was finalizing the most comprehensive change to the rules of engagement in cyberspace in seven years.

He said that the Department of Defense had a mission to defend the country and would be ready to respond to attacks - or even the emergence of a concrete threat. Such pre-emptive action would occur only under certain, dire scenarios, he said.

"If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us," he said.

(Additional reporting by Andrea Shalal-Esa; Editing by Peter Cooney)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (3)
colddeadhands wrote:
In other words their still trying to get a kill switch on OUR internet even if a false flag is needed, can you say blatant!

Oct 12, 2012 12:49pm EDT  --  Report as abuse
pilgrimson wrote:
Can you hear the steady drumbeat for war against Iran? The destruction of Syria is an engineered prelude to war with Iran. Beware after the election! He didn’t say anything about Stuxnet. Wasn’t that a cyber attack against Iran? Poor America! Always the victim! And always so innocent!

Oct 12, 2012 2:03pm EDT  --  Report as abuse
AdamSmith wrote:
Shall we try to foretell the cyber future, when today we don’t care that the carcass of America is being eaten away in broad daylight by the people other nations, today, on a massive scale?

There is no other country in the world that is allowing foreigners to enter at will, like America has been carelessly doing for the last twelve years. What other nation on earth allows the unhindered immigration that America does? What other nation on earth has stopped defending its borders?

There are giant cities all over the world, brimming with impoverished people and wealthy people, both. All of them, both the impoverished foreigner and the rich foreigner, are being allowed to feast on the carcass of America. The only precedent would be the fall of Rome.

Impoverished immigrants, accustomed to living in slums of giant foreign cities, or the mud huts of foreign villages, are flooding into America, willing to work for any wage, and thus driving down American wages, in all working professions.

Kept from the public news media is the stark fact that the huge flow of immigrants has sharply driven up American rents, adding more and more distress to American middle class renters. Young Americans are paying exhorbitant rents in every American city because of the huge influx of immigrants.

And now the American military-industrial complex, who sold out the American worker a long time ago, is warning us about cyber-security. Whose security? The wealthy have security to worry about. But the American worker’s security was destroyed twelve years ago when our borders were opened up to mass immigration.

But the influx of poor immigrants is only part of the story. The wealthy classes from the same foreign countries (literally all foreign countries) are bringing their ill-begotten money to America and buying up American real estate at an unprecedented rate.

Foreigners are buying not just Manhattan and Miami trophy condominiums, but small properties on, literally, almost every corner in every city and town in America.

The Obama administration is talking about cyber security, but I ask, why? Why do they care about cyber-security when we openly allow the whole world to march in every day and feast on our nation’s carcass, while the wealthy get richer?

In whose interest are we governed?

The immigration into America over the last 12 years is the greatest defeat, the greatest destruction to our American lives, our livelihoods and our future, that America has every experienced — far more destructive than if 10 nuclear bombs were dropped on us.

The American military-industrial complex is only interested in money for themselves and the wealthy. To them, the American worker is a villain, especially if he dare organize with another worker.

This cyber-security warning is about big wealthy multinational corporations, not about the American people.

Oct 13, 2012 5:29pm EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

Full focus