United Press International, Washington DC (UPI): Forty-five percent of corporate chief security Officers believe a “digital Pearl Harbor” will take place eventually, with 13 percent anticipating such an attack within a year, according to a survey by CSO Magazine.
The survey defined a “digital Pearl Harbor” as an attack that “plunge(s) America into chaos by using computer technology and the Internet to attack national critical infrastructures.”
Derek Slater, Editor of CSO Magazine, a specialty magazine for security professionals, told United Press International he was surprised that so many respondents thought such an attack would happen.
Slater suggested that the threat drawing the most concern is what he termed a blend-in thread, where “a physical event is magnified by a nearly-simultaneous digital attack that would … limit people's ability to get information.”
More than half of responding CSOs characterized themselves as not very or not at all confident in the government's ability to successfully respond to cyber-emergencies; 77 percent of respondents suggested the government establish better communication with the private sector to better safeguard cyberspace, and nearly half suggested creating a high-level cyber-security position at the Department of Homeland Security, a development that did occur not long after the survey was taken.
Paul Kurtz, Executive Director of the Cyber Security Information Alliance, told UPI that government preparedness for a large-scale cyber-attack is not where it should be, but the creation of the assistant secretary for cyber-security in the Department of Homeland Security was a step in the right direction.
“The good news is we have increased attention on these issues,” Kurtz said.
Slater said that protecting their own information, companies also help avoid a large-scale cyber-attack.
“Companies need to examine and fortify their electronic defenses to protect their customers' records and their own financial info,” Slater said. “In doing that, they greatly curtail the damage that can by done by some kind of terrorist-motivated attack.”
Kurtz echoed Slater's sentiments, saying that in the process of protecting against identity theft, “in the end we will also harden our systems for an eventual 'digital Pearl Harbor.'”
Responding to a question about recommended actions to safeguard against identity theft, 64 percent of CSOs suggested installing software that prevents keystroke-logging and 88 percent suggested installing a firewall.
These less obvious suggestions often slip through the cracks, Slater said.
“The average end-user would prefer not to have to do this stuff and that it all be provided for them,” he said.
Twenty-seven percent of CSOs reported that they or members of their household had been the victim of identity theft in the last three years and lost money because of it.
Slater suggested that the percentage is even higher for non-CSOs.
“I doubt that the average consumer is safer than the average security professional,” Slater said. “(CSOs) typically have a pretty solid defensive array.”
Kurtz said the threat of identity theft has become a big concern for consumers.
“Many are so concerned that they are not engaging in e-commerce at all,” Kurtz said.
Kurtz said that one of the big reasons for the increase in the threat of identity theft is that computer hacking has become profitable, so hackers are putting more time and resources into what they do.
Slater said consumers must stay attuned to the latest threats and protections in order to stay safe online.
“Three years ago, nobody was talking about having anti-spyware programs on your computer,” Slater said. “Now if you don't have it, you're inviting trouble. As a PC owner, you've got to stay plugging in to current developments in cyber-security.”
Twenty-four percent of the responding CSOs worked for federal, state or local government (including military). The rest were from various fields including banking, health care, education and telecommunication.