Rear Admiral William Leigher, who is in charge of “information dominance” with the US Navy, says its networks see thousands of intrusion attempts every day. Photo: Reuters
Cybersecurity professionals know a myriad ways hackers can try to wreak havoc on critical infrastructure or infiltrate corporations to steal or spy, but it is the fear of the unknown that some say keeps them up at night.
US security officials and private sector experts wonder what kinds of time-bombs can be - or have been - embedded by malware into computer networks, just waiting to explode.
US National Security Agency Director Keith Alexander, the top US general in charge of cybersecurity, told the Reuters Cybersecurity Summit in Washington last week that cyber espionage is already "the greatest transfer of wealth in history".
He said that disruptive and destructive attacks on his country would get worse. "Mark my words, it will get worse," General Alexander said.
Stealing software or money - like the $US45 million lifted from two Middle Eastern banks in a daring global plot revealed this month- might pale next to an attack that could, for example, switch off the lights in a major US city.
That was the fear in New Orleans in February when a power outage struck the Super Bowl, the National Football League's championship game, watched by tens of millions of viewers. The outage was blamed on an electrical relay device not a cyber attack.
"The known unknown is what I worry about," US Secretary of Homeland Security Janet Napolitano told the summit.
KNOW UNKNOWNS A WORRY
"For example, we don't have the identity of all the adversaries who are trying to either commit crimes or acts over the cyber networks. The things we know about, we can deal with. It's the known unknown," she added.
The military is a big target, something that Rear Admiral William Leigher, who is in charge of "information dominance" with the US Navy, takes on board.
"Our networks see thousands of intrusion attempts every day ... staying up with the threat, making sure that our defensive systems are up to par is probably one of the things that gets most of my attention," Leigher said.
To be sure, the United States has not suffered the kind of destructive cyber attack that damaged some 30,000 computers at Saudi Arabia's oil company, Saudi Aramco, last year. But experts said they were worried about the increasingly sophisticated cyber capabilities of countries such as China, Russia and Iran.
Sign up for Computerworld eNewsletters.