A cyberattack of devastating proportions is not a matter of if, but when, numerous security experts believe. The scale of it, one information security specialist said, will be such that it will have its own name — like Pearl Harbor or 9/11. “The more I speak to people, the more they think that the next Pearl Harbor is going to be a cyberattack,” cybersecurity executive and professional hacker Tarah Wheeler told a panel audience during the Organization for Economic Cooperation and Development’s (OECD) annual forum in Paris.
“I think that the most horrifying cybersecurity attack is going to have its own name and I think it’s going to involve something more terrifying than we’ve thought of yet.” Wheeler is CEO and principal security advisor at Red Queen Technologies, a cybersecurity Fellow at Washington, D.C.-based think tank New America, and former cybersecurity czar at multinational software firm Symantec.
Explaining her premonition, Wheeler pointed to vital health and transport infrastructure she described as grossly under-protected. “I think about the fact that most American healthcare technology is secured, if at all, with ancient, crumbling security infrastructure. I think of planes full of people, the kind of infrastructure that protects flu vaccinations. I think about fertility clinics losing years’ worth of viable embryos,” she said, stressing that people are not paying attention to that crumbling infrastructure.
Wheeler is not alone in her apocalyptic outlook. Not a single report from technology companies and researchers in this field claims that the cyberthreat environment is becoming less hostile or less significant. The World Economic Forum’s (WEF) Global Risks Report 2018 names cyberattacks and cyber warfare as a top cause of disruption in the next five years, coming only after natural disasters and extreme weather events.
Retired Admiral James Stavridis, who served as NATO Supreme Allied Commander for Europe, echoed these warnings in a prior interview with CNBC: “We’re headed toward a cyber Pearl Harbor, and it is going to come at either the grid or the financial sector… we need to think about this cyberattack as a pandemic.” Artificial intelligence-focused security firm BluVector reported in February that almost 40 percent of all industrial control systems and critical infrastructure faced a cyberattack at some point in the second half of 2017.
