AMU Cyber & AI Cybercrime Homeland Security Opinion Privacy

Reacting to Potential Attacks

By William Tucker
Chief Correspondent for In Homeland Security

wall-street-nyseLast week several computer-related glitches hit United Airlines, the New York Stock Exchange, and the Wall Street Journal prompting many to speculate that these entities were the subject of a cyber attack. All three were able to resume normal operations later in the day and each went on to state that they faced several issues that weren’t related to an attack. Officials from the Department of Homeland Security went on to publicly back these statements; however some, including members of congress, remain skeptical of the press releases.

During the course of this uncertainly, public statements from experts and layman alike were actively discussing the possibility of a cyber attack almost immediately following the initial media reports. With the prevalence of discussion in the public sphere of the threats presented to the general public from cyber attacks – whether state-sponsored or otherwise – it is no surprise that these issues on Wednesday fell under suspicion so quickly. Truth be told, these institutions have been targeted frequently, further adding to the early snap analysis, that, at this moment, appears to be false. That said, it is still possible that some bad actors had a hand in some of Wednesday’s widespread misfortunes.

The public jumped on the possibility of an attack quickly, but they weren’t alone. U.S. government agencies, likely concerned with the possibility of an attack, or at the very least a disruption to U.S. infrastructure, did reach out to the affected parties. This is important, whether it was an attack or not doesn’t change the need to respond. What does change is how the response takes shape. This depends on evidence, or at least suspicious circumstances that require further investigation. It is vital to treat potential attacks as the real thing otherwise evidence can be lost and the delay in getting the right agencies and people in place can further impact the entities most directly affected.

Of course, there is the aspect of national security threats that can emanate from a cyber attack. This isn’t to say that each network hack or infrastructure threat should be met with a physical response, rather that some attacks carry greater weight than others and have to be categorized carefully. Additionally, the culprit behind the attack may not be readily identified, and inaccurate accusations can exacerbate an already tense situation.

In essence, the public nor the government overreacted to Wednesday’s cyber anomalies when there was, and still is, talk of an attack. As with man-made or natural disasters it’s not uncommon to see the same agencies playing the role of first responder. Regardless of the cause of the incident, many of the same issues will be present, but the biggest difference between the two will be the collection of evidence, how that evidence is used, and what it’s used for. With that noted, we don’t always know what to categorize each cyber anomaly or disaster until the investigation begins, thus it’s often treated as an attack until proven otherwise. With this in mind we can expect that the government isn’t necessarily overreacting, rather taking an approach that will ensure they are best prepared to handle whatever the ensuing investigation uncovers.

Comments are closed.