- The Washington Times - Monday, October 11, 2010

Your Oct. 1 editorial “Beware the cyberscare” dismissing Sen. Joe Lieberman’s efforts to protect our most critical infrastructure from cyber-attack as nothing but scare tactics is misinformed.

The threat of cyber-attack from a foreign country, a terrorist group or malevolent hackers is real. Last year, multiple U.S. corporations were the targets of industrial espionage through cyberspace. Before that, the governments of Estonia and Georgia were partially paralyzed by massive denial-of-service attacks. Recently, the Department of Defense acknowledged that some of its systems were compromised by a foreign intelligence service.

The latest worm - Stuxnet - demonstrates that a cyber-attack on critical infrastructure control systems is no longer theoretical. Forensic analyses conducted by private-sector experts have concluded that Stuxnet is designed to take control of physical machinery, meaning that machinery can be made to do whatever Stuxnet’s authors want it to do, regardless of an operators’ commands.

An attack on our electric grid, water-treatment facilities, financial system, telecommunications networks and other critical infrastructures - all of which are dependent upon cybernetworks to operate - is a catastrophe waiting to happen. Mr. Lieberman, Sen. Susan Collins and Sen. Thomas Carper are taking the responsible approach by urging the government to plan and organize to prevent or respond to a cyber-Sept. 11 before one actually occurs.

Their legislation gives the president the authority to implement emergency measures in selected areas of our nation’s most critical infrastructure - only to preserve networks and assets essential to maintaining our way of life. The bill does not give the government authority to take over private networks.

Cyber-attacks are no longer limited to identity theft. If we are going to get serious about cybersecurity, Americans need to know that a cyber-attack could cause as much damage as a conventional attack, and we are far more vulnerable to a cyber-attack than we are to a conventional one. Cybersecurity is national security. To suggest otherwise is irresponsible.

LESLIE JULIETTE PHILLIPS

Communications Director

Senate Homeland Security and Governmental Affairs Committee

Washington