Dire cyber scenarios may await U.S. infrastructure

Deputy Defense Secretary William J. Lynn III has warned that new disruptive cyberattacks are on the near-term horizon. He believes the United States is facing a new generation of cyberattacks. Based on our analysis, the current average threat rating of cyberattacks is 3.65 (scale: 1-low to 5-high). Factoring in Lynn’s comments, the forecasted cyber threat rating would increase to between 4.0 to 4.3 on our threat rating scale.

“We have not seen much destruction in terms of cyber threats, but we will,” Lynn said.

Cybersecurity professionals have expressed deep concerns over the proliferation of advanced cyber weapons. These weapons have made their way down to actors at the low end of the capabilities spectrum and also horizontally across the actor spectrum (e.g., individuals, activists, terrorists, criminals, rogue nation states, businesses, and other entities).

Just think of the destruction that could result from a Stuxnet type attack on supervisory control and data acquisition systems controlling the massive critical infrastructure of the United States. There are numerous cyberattack scenarios that come to mind, all of which could result in the physical destruction of infrastructure assets.  

Lynn went on to acknowledge the need for the private sector that owns or operates an estimated 85 percent of the U.S. critical infrastructure to be fully engaged in its defense. Given the economy and the primary focus of the private sector being profits, their participation is highly questionable unless the government funds these efforts.