Cyberattack on U.S. Infrastructure

Cyberattack on U.S. Infrastructure

A highly disruptive cyberattack on U.S. critical infrastructure

 

In March 2013, Director of National Intelligence James Clapper identified cyberattacks as the greatest threat to U.S. national security. Critical infrastructure—the physical and virtual assets, systems, and networks vital to national and economic security, health, and safety—is vulnerable to cyberattacks by foreign governments, criminal entities, and lone actors. Due to the increasingly sophisticated, frequent, and disruptive nature of cyberattacks, such an attack on critical infrastructure could be significantly disruptive or potentially devastating. Policymakers and cybersecurity experts contend that energy is the most vulnerable industry; a large-scale attack could temporarily halt the supply of water, electricity, and gas, hinder transportation and communication, and cripple financial institutions.

The rising prevalence of cyberattacks was detailed in a 2013 report by the U.S. security firm Mandiant that linked the Chinese military to 140 cyberattacks against U.S. and foreign corporations. The same year, major U.S. banks called on policymakers for assistance after experiencing cyberattacks emanating from Iran. The Obama administration has emphasized the importance of cybersecurity—its fiscal year 2014 budget requested a 20 percent increase in funding. The United States has strengthened its offensive strategies by developing rules of engagement for cyber warfare and cyber weapons capabilities. However, cyberspace policymaking remains decentralized with authority shared among the White House and five executive departments, resulting in gaps in U.S. cyber policy that leave vulnerabilities unaddressed.

Background Information
Breaking News
Primary Sources
Latest CFR Analysis
Related CFR Experts