Defense Secretary Leon Panetta last week described what he called “the most destructive attack” to date in the cyber realm on the private sector. The incident involved a sophisticated virus known as Shamoon that struck and destroyed more than 30,000 computers in the offices of the Saudi Arabian state oil company Aramco about two months ago, said Panetta in his address at a cybersecurity conference in New York City on Oct. 11. Shamoon replaced critical files on the company’s computers with images of a burning US flag and overwrote real data with bogus data, he said. Days after the Aramco case, a similar attack hit a major energy company in Qatar, he said. “These attacks mark a significant escalation of the cyber threat and they have renewed concerns about still more destructive scenarios that could unfold,” said Panetta. For example, he warned of a “cyber Pearl Harbor” where an aggressor nation or extremist group could use cyber tools to derail trains loaded with passengers or lethal chemicals, contaminate the water supply, or shut down the power grid. “The cyber threats facing this country are growing,” he said. (Panetta transcript)
The defense intelligence community has tried three times in the past decade to build a “common intelligence picture”—a single data stream providing the information that commanders need to make decisions about the battlefield. The first two attempts failed. But officials say things are different today.