The FT reports (and CNET repeats almost in its entirety) that former Director of National Intelligence Mike McConnell says we have had our 9/11 warning and we risk the cyber equivalent of a World Trade Center attack unless “urgent action” is taken.
A former US intelligence chief says the west has had its “9/11 warning” on cybersecurity and warns that unless urgent action is taken, the US faces “the cyber equivalent of the World Trade Center attack”.
According to John “Mike” McConnell, such an attack would bring the country’s banking system, power grid and other essential infrastructure to their knees.
Mind you, McConnell doesn’t appear to be talking about a real warning–the kind of intelligence that set George Tenet’s hair on fire in 2001. Rather, he says the recent attacks on Saudi Aramco and some banks’ internet interfaces constitutes that warning.
Sustained cyber attacks targeting the websites of a dozen major US banks including Wells Fargo, JPMorgan Chase and Bank of America, coupled with an earlier attack on Saudi Aramco, which erased data on two-thirds of the Saudi oil company’s corporate PCs, were examples of the growing threat.
McConnell apparently would have us believe that some crude DNS attacks on banks and an infiltrator’s attack on Saudi oil business (not production) computers is a hair on fire warning.
Leon Panetta made similarly unconvincing claims back in October.
Nevertheless, the FT presented McConnell’s warning without providing readers a few important details. First, here’s how they describe the background that qualifies McConnell to issue such warnings.
Mr McConnell, who served as director of the National Security Agency under President Bill Clinton and then as director of national intelligence under President George W. Bush and President Barack Obama, believes those corporate attacks should be treated as a further “wake-up call” to politicians and business leaders in the west.
Here’s the very important detail they left out.
Mike McConnell is Vice Chairman of Booz Allen Hamilton, where his primary roles include serving on the firm’s Leadership Team and leading Booz Allen’s rapidly expanding cyber business.
It is McConnell’s job to make the cyber threat seem as dangerous as possible so his employer can get rich by charging the government an arm and a leg to take “urgent action.” While I’m not sure where the emails are available anymore, one of the amusing features of the HB Gary emails liberated by Anonymous is Mike McConnelll licking his chops as he identified new purported threats to build business around.
More amusing still is this:
Mr McConnell said such an attack could see a country like Iran work with Russian criminals or Chinese hackers to target banks, the power grid and the computers that control routing and ticketing for planes and trains.
Mr McConnell said he doubted whether Iran or a terrorist group could undertake such a devastating assault at the moment but added that it is only a matter of time before the sophisticated tools needed fall into the wrong hands.
The government (and, apparently McConnell himself) believes Iran launched the attacks on Aramco and the banks. But as McConnell suggests, Iran couldn’t carry out a real 9/11 cyber-attack by itself: it’d have to have the help of Russian criminals or Chinese hackers to pull off a really serious attack.
Because, you see, cyberattacks aren’t as easy as McConnell’s fear-mongering suggests.
But note the scenario he envisions: “the sophisticated tools” needed for a cyber attack would “fall into the wrong hands” and enable such an attack.
Mike McConnell was Director of National Intelligence from 2007 to 2009. During his tenure, the StuxNet project moved from intelligence-gathering to testing to implementation. It is inconceivable the DNI, the former head of NSA, and former executive of BAH would be out of the loop on that operation.
In other words, McConnell is almost certainly one of the people involved in the decision to unleash these sophisticated tools in the first place. And now he’s screaming about the dangers he unleashed for profit.
It’s a very neat system our Military Intelligence Industrial Complex has created.