Americans now see cyberattack as the greatest threat facing the country, two recent polls show, suggesting that cyber fears have outflanked concern over climate change, immigration, terrorism or nuclear weapons.\u00a0
The national obsession with computer-on-computer attack, documented in a\u00a02023 Gallup poll\u00a0and a\u00a02022 Pew Research survey, comes at a time when cyberattack seems to be everywhere and nowhere.\u00a0
Most Americans would be hard-pressed to name a recent act of cyberterrorism that claimed American lives or plunged the nation into economic chaos. Yet, the daily news cycle brims with accounts of rising cyber tensions. More than any past cyberattack, perhaps, Americans fear the attack that is yet to come.\u00a0
\u201cWe know all the terrorist groups are recruiting young computer specialists,\u201d said Scott White, associate professor and director of the cybersecurity program at the George Washington University. \u201cIt\u2019s no longer bombs. It\u2019s, Can you launch a cyberattack from a safe-haven country against the United States?\u201d\u00a0
In the Gallup poll, published last month, 84 percent of respondents rated cyberterrorism as a critical threat, ranking it above 10 other fears, including international terrorism, global warming, the conflict between Russia and Ukraine and Iran\u2019s nuclear program.\u00a0\u00a0
In the Pew survey, published last June, 71 percent of Americans rated \u201ccyberattacks from other countries\u201d as a major threat, ranking them above China\u2019s or Russia\u2019s power and influence, global warming and infectious disease. (Unlike Gallup, the Pew report did not specifically reference nuclear threats.)\u00a0
Fear of cyberattack cuts across party lines, which partly explains its standing as the nation\u2019s topmost fear.\u00a0\u00a0
In the Gallup poll, Republicans were slightly more likely to rate Iran\u2019s nuclear program as a critical threat than cyberterrorism. Democrats were less worried about Iran, and more worried about global warming. Yet, respondents from both parties registered equal distress over cyberterrorism.\u00a0
\u201cIt is a new thing. People are afraid of technology, particularly when they don\u2019t understand it,\u201d said James Lewis, a senior vice president of the Center for Strategic and International Studies.\u00a0\u00a0
Lewis joked, \u201cI wish Gallup would do a poll on how many people think \u2018Terminator\u2019 was a documentary.\u201d\u00a0\u00a0
Some experts, Lewis included, sense that the national fear of cyberwarfare is overblown. He puts long odds on a military cyberattack against the United States by one of its enemies.\u00a0\u00a0
The Russians or the Chinese aren\u2019t going to do a cyberattack unless they think war is imminent,\u201d he said.\u00a0\u00a0
\u201cThere are some pretty easy metrics here. Has anyone ever died? No. Has there ever been any economic or social disruption? No.\u201d\u00a0
Compromising a single government website or paralyzing the network of a single power company is one matter, cyber experts say: Bringing down America\u2019s computer networks altogether is quite another.\u00a0\u00a0
The fundamental decentralization of the internet makes it a tricky target for cyberattack, said Jason Blessing, a Jeane Kirkpatrick Visiting Research Fellow at the American Enterprise Institute.\u00a0
\u201cIt has micro-vulnerabilities, but it\u2019s near-impossible to bring down the entire thing,\u201d he said.\u00a0\u00a0
But acts of targeted cyberterrorism and cybercrime are well-documented. Some incidents suggest links to state-sponsored terror groups or even government agencies, but blame can be hard to affix.\u00a0
In 2021, cybercriminals\u00a0extorted millions of dollars\u00a0from Colonial Pipeline after jamming the company\u2019s computer networks with \u201cransomware,\u201d software that functions as a virtual kidnapper. The company preemptively shut off the gas pipeline, which stretches from New Jersey to Texas, triggering a miniature fuel crisis, complete with panic-buying and inflated prices.\u00a0
Cybersecurity experts cite several other acts of cyber-terror and cybercrime, some of them largely forgotten by the broader public.\u00a0
In 2020, U.S. officials alleged a Russian breach of computer networks for the Justice and State departments, NASA and numerous Fortune 500 companies, via compromised software. The so-called\u00a0SolarWinds hack\u00a0went undetected for months.\u00a0
In 2013, Iranian hackers attempted to\u00a0take control of the Bowman Dam, outside New York, according to federal prosecutors, part of a broader cyberterrorism campaign that breached dozens of U.S. financial institutions over many months.\u00a0\u00a0
The government of Georgia accused Russia of coordinating a series of\u00a0computer-network attacks\u00a0before and during the 2008 conflict between the two nations. Russia denied involvement. The cyberattacks disabled many government websites.\u00a0\u00a0\u00a0
Russia\u2019s 2022 invasion of Ukraine brought \u201can onslaught of Russian cyberattacks\u201d targeting the nation\u2019s power grid and government sites, according to an NPR report. Ukraine has mostly fought them off.\u00a0\u00a0
And so, it\u2019s not exactly idle speculation that these things are happening,\u201d said Richard DeMillo, a professor at Georgia Tech\u2019s School of Cybersecurity and Privacy.\u00a0\u00a0
DeMillo doesn\u2019t buy into the theory that no one has died in a cyberattack. He cites the surge in\u00a0ransomware attacks on medical centers\u00a0during the COVID-19 pandemic, with hackers seizing hospital networks and demanding money to unlock them.\u00a0\u00a0
\u201cAnd deaths have been attributed to those attacks,\u201d he said, because of delayed care.\u00a0
DeMillo said individual cybercrimes are part of a vast universe of cyberattacks and cyberespionage, involving both criminal enterprises and government agencies.\u00a0
\u201cIn total, Iran, North Korea, China and Russia are spending a trillion dollars establishing the kind of reconnaissance necessary to mount these attacks,\u201d he said. \u201cThe return on that has to be in the multiple trillions of dollars.\u201d\u00a0
DeMillo cites Russia\u2019s Internet Research Agency, which\u00a0a ProPublica report\u00a0describes as \u201ca network of paid trolls\u201d that, among other projects, allegedly attempted to influence the outcome of the 2016 election.\u00a0
Russian electoral meddling \u201cwasn\u2019t a hoax,\u201d said Lewis of CSIS. \u201cThe Russians tried. But it had zero effect.\u201d\u00a0
The ultimate fear, to some Americans, is that cyberterrorists will one day trigger a meltdown in a nuclear power plant or open the gates of a dam.\u00a0
\u201cIf I could control the Hoover Dam from a computer in Iran and, all of a sudden, at 3 o\u2019clock in the morning, I could open up the dam and empty out all the water, how many thousands of people could I kill?\u201d said White of GWU. \u201cThat\u2019s terrorism.\u201d\u00a0
Thankfully, that scenario remains unlikely.\u00a0
\u201cSomeone still has to flip an actual switch, or turn a crank,\u201d he said. \u201cThat\u2019s our buffer. We don\u2019t have absolute connectivity from the software to the hardware. But, eventually, that\u2019s going to go.\u201d\u00a0
President Joe Biden has made cybersecurity central to the National Security Strategy.\u00a0An update\u00a0last fall includes sections on \u201csecuring cyberspace\u201d and fending off ransomware attacks on regular citizens as well as cyberattacks on health systems, financial institutions and critical infrastructure.\u00a0\u00a0
\u201cThis administration has done more than any previous administration to improve cybersecurity,\u201d Lewis said. \u201cThere are key targets we need to make sure are hardened. The electrical companies that supply Washington. You don\u2019t want the power going out in a crisis. [But] overall, we\u2019re a lot less vulnerable than we were a few years ago.\u201d\u00a0
And, of course, the world faces many perils beyond cyberattack. One is nuclear war. Nuclear fears surged in the weeks after the Russian invasion of Ukraine in February 2022.\u00a0\u00a0<\/p>\n\n\n\n
<\/p>\n\n\n\n