Sunday, October 13, 2013

Cyberattacks cost the US

Now is the Time to Strengthen Cyber Defenses
By Congressman Jim Langevin
Darrell West and Rep. Langevin at a Brookings Institute forum on
cybersecurity

We wake up and check our e-mail. Send a tweet. Post on Facebook.  We schedule trips to the mechanic, pay our bills and review information from our doctors online. Infrastructure, banking, health care, the power grid, national security – it all relies on technology. 

Everywhere you turn, the services we depend upon are intertwined with the Internet. And with a few strokes on a keyboard, it could all come crashing down.

A cyber strike could leave people in the dead of winter without heat, or without air conditioning and water in the sweltering summer, or it could deny power to our military bases. Cyber attacks can disable news outlets and send the stock market into chaos, as we've already seen. 


Last spring, the Associated Press tweeted that the President had been injured in an explosion at the White House. The tweet was untrue, the account hacked. The AP quickly suspended its Twitter account, but the damage had been done. The Dow plunged 143 points, which was enough to wipe out billions in stock value. And that is nothing compared to what could happen through a cyberattack. It wouldn’t take missiles or armies to threaten our infrastructure and put lives on the line.

We know that there are a number of actors who seek to do harm to our networks, from domestic criminals to foreign nation states, and as threats and capabilities grow, so do the risks of a cyberattack on our critical infrastructure. Modern warfare is changing, and I believe that all future conflicts will have a cyber component. 

The Syrian Electronic Army is one of several hacking groups that have carried out nuisance attacks, primarily on media websites. But there doesn’t need to be physical damage for there to be a crippling effect – cyber-espionage and intellectual property theft continue to run rampant to the tune of $338 billion a year in losses, prompting General Keith Alexander, the head of U.S. Cyber Command, to call it the “greatest transfer of wealth in history.” The long-term economic damage from cybercrime is in many ways even worse and more insidious than a destructive attack. 

Many Americans remain unaware of these attacks, and while this is changing, we must do more to put cybersecurity at the forefront of the minds of lawmakers and the American people.

As a member of the House Armed Services and Intelligence Committees, and as Co-Founder of the Congressional Cybersecurity Caucus, I was encouraged to see President Barack Obama issue an Executive Order on cybersecurity earlier this year. 

The order promises to advance the state of our cyber preparedness, tapping into many of the recommendations from the Center for Strategic and International Studies’ Commission on Cybersecurity for the 44th Presidency, which I was proud to co-chair. 

Yet it is only a start. The vast majority of our critical infrastructure is privately held. Without uniform, national security standards, these entities are left to their own devices, which often means placing security behind profit on the list of priorities. I am convinced that many in the private sector still fail to fully appreciate the urgency of this threat.

That is the reality of living in an increasingly networked world: the Internet makes life easier, but it also exposes us to new dangers and vulnerabilities. If we truly consider national security a priority – which I believe my colleagues in Congress do – we must prioritize investments in cyber defense. 

Our armed forces need to be educated and trained in this new domain, and we should continue to encourage our young people to pursue careers in IT as well. We face a critical shortage of talented cyber professionals capable of operating at the highest levels, and skilled IT workers are in increasing demand in today’s job market. We should embrace any opportunity to bolster our cyber workforce while improving options for those embarking on new careers.

October is National Cyber Security Awareness Month, organized and promoted by the non-profit National Cyber Security Alliance (NCSA), which is a public-private partnership of U.S. companies that work with the US Department of Homeland Security and other agencies. Together, NCSA partners educate the public and empower our digital society to be more secure online. 

As part of their awareness efforts, they have embarked on a national cybersecurity education campaign with the Anti-Phishing Working Group called “STOP. THINK. CONNECT.” This campaign offers tips and advice about online safety, and you can visit stopthinkconnect.org to discover ways to better protect yourself and your family.

This year, National Cyber Security Awareness Month marks its 10th anniversary. Let us celebrate by passing comprehensive cybersecurity legislation, supporting a better IT future for our students, and raising awareness about what we can do as individuals and as a nation to strengthen our cyber defenses.


Jim Langevin, a Democrat, represents Rhode Island’s Second Congressional District.