Nerves are still raw over Tuesday’s terrorist attacks in Brussels. Our nation’s great national security debate is focused on the specter of violence posed by the Islamic State. But the indictment handed up yesterday by the Justice Department makes clear that ISIS is not the only threat to our safety and way of life. Another war with grave potential impacts is being waged in cyberspace.
The indictment charged seven Iranian hackers with a wave of attacks in 2011 on major U.S. banks and a small dam in Rye. Those hacks were thought to be in response to an American cyberattack on Iran’s main nuclear enrichment plant in 2010.
The list goes on. In 2014, the Obama administration indicted five Chinese military members for allegedly stealing data from U.S. corporations. Last year, it levied new economic sanctions on North Korean government agencies and officials after a cyberattack on Sony Pictures.
The indictments are not likely to lead to trials. That’s OK. Calling out wrongdoing is better than keeping it secret, and it makes travel more difficult for perpetrators who face arrest if they venture outside their homelands. But we also must be prepared for retaliatory actions by Iran and others, who could name alleged American hackers.
More important, our governments and other institutions must tighten their cyber defenses to reduce vulnerability. The attack on the dam was particularly worrisome because hackers accessed its computer controls. Imagine the devastating implications of an attack targeting larger and more critical infrastructure, such as the electric grid.
In the war against terror, bombs and guns are not the only weapons against which we must defend. — The editorial board