Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Secretary Panetta Warns of a "Cyber-Pearl Harbor"

November 1, 2012

First, a shout out to my friend Ben Kerschberg for making sure I finally got around to covering this story.

A recent Washington Post editorial referred to the now famous address given by Secretary of Defense Leon Panetta on October 11th. He talked about Shamoon, the nickname for a virus that deleted data from 30,000 computers at Saudi Arabia’s state-owned oil company in August. He called it "probably the most destructive attack" on the private sector we've experienced in the new world of cyberwarfare.

Experts are still debating whether the source of the attack was Iran, which illustrates the complexity of retaliating when we are not sure who to retaliate against. Was that attack in retaliation for the cyber-assault by the U.S. and Israel on Iran's nuclear development efforts by damaging nearly 1,000 uranium-enrichment centrifuges?

Shamoon did not cause enough physical damage for experts to consider it the equivalent of an armed attack. But we have no measuring stick for exactly how much damage must be done before officials would say, “We can’t let this go unanswered.”

And how do we answer a cyberattack? With a cyberattack of our own? A military attack? International law is murky at best.

The government has defined an armed attack in cyberspace as one that results in death, injury or significant destruction. Harold Koh, the State Department’s chief legal adviser articulates the rule like this: “If the physical consequences of a cyberattack work the kind of physical damage that dropping a bomb or firing a missile would, that cyberattack should equally be considered a use of force.”

I suspect that Retired Gen. James Cartwright, former vice chairman of the Joint Chiefs of Staff, is right on target. He has often said that an act of war "is in the eye of the beholder." In other words, the judgment may be a political one.

That judgment – just like the official cyberwarfare deliberations to date – is likely to be made behind closed doors.

E-mail: Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Secretary Panetta Warns of a "Cyber-Pearl Harbor"

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer