There is a 50 percent chance that the next time al Qaeda terrorists strike the
United States, their attack will include a cyberattack, Rep. Lamar Smith
In closed-door briefings for members of Congress, Smith said officials from federal law enforcement and intelligence-gathering agencies disclosed that al Qaeda operatives have been exploring U.S. Web sites and probing the electronic infrastructure of American companies in search of ways to disable power and water supplies, disrupt phone service and damage other parts of the critical infrastructure.
A successful cyberattack could cause billions of dollars in damage and lead to thousands of deaths, Smith told a gathering of congressional staffers and technology industry representatives July 23.
Al Qaeda members seem especially interested in how they might disable the systems that provide electricity to California, Smith said. If it were to succeed, hospitals could be left powerless, causing patients to die, and commerce and much other activity would come to a halt, causing billions of dollars of economic damage.
Such a cyberattack could be used to dramatically increase the damage done by a physical attack, said Smith, who is chairman of the House Judiciary Committee's Crime, Terrorism and Homeland Security Subcommittee.
About 90 percent of the nation's critical infrastructure is privately owned, and much of it remains vulnerable to cyberattacks, according to the Business Software Alliance, a technology industry association.
A June survey by the BSA showed that 74 percent of the technology professionals asked thought it was "nearly certain" that there will be a cyberattack against American financial institutions in the next 12 months. Respondents said that attacks also are likely against communications systems, transportation infrastructure, water systems, dams and power plants, the survey concluded.
Fifty-nine percent of those surveyed said they expect a major cyberattack against the federal government in the next 12 months. And they said there is a gap between the likelihood of an attack and the government's ability to respond to it. The findings prompted BSA president Robert Holleyman to call for creation of a Cyber Security Agency within the Homeland Security Department.
In Congress, the House this month passed Smith's Cyber Security Enhancement Act, but the bill focus more on catching, prosecuting and punishing cybercriminals than on strengthening systems to withstand cyberattacks.