“Our mission is to defend the nation. We defend. We deter. And if called upon, we take decisive action to protect our citizens,” he said.
He added, however, that the Defense Department will not monitor American citizen’s personal computers, or provide for the day-to-day security of private or commercial networks.
Panetta used the Persian Gulf attacks in his remarks as a warning to business community that it must embrace stalled legislation that would encourage companies to meet certain cybersecurity standards. And he is endorsing a planned move by President Barack Obama to use his executive powers to put some of those programs, including voluntary standards, in place until Congress acts.
“These attacks mark a significant escalation of the cyber threat,” Panetta said. “And they have renewed concerns about still more destructive scenarios that could unfold.”
U.S. authorities have repeatedly warned that foreign Internet hackers are probing U.S. critical infrastructure networks, including those that control utility plants, transportation systems and financial networks.
“We know of specific instances where intruders have successfully gained access to these control systems,” Panetta told the business group. “We also know that they are seeking to create advanced tools to attack these systems and cause panic and destruction, and even the loss of life.”
Business leaders, including the U.S. Chamber of Commerce, opposed the legislations, arguing it would expand the federal government’s regulatory authority over companies already struggling in the tough economy. The bill also encourages more information sharing between the government and private companies.
Panetta pressed the group to support the stronger cybersecurity measures, warning that failure to do so could have catastrophic consequences.
“Before September 11, 2001 the warning signs were there. We weren’t organized. We weren’t ready. And we suffered terribly for that lack of attention,” said Panetta. “We cannot let that happen again. This is a pre-9/11 moment.”