America badly needs to strengthen its defenses against cyber-attacks on its critical infrastructure and cyber-espionage directed against its economy.
President Obama failed last year to persuade Congress to pass legislation that would defend the computer security of America’s electrical power grids, oil and gas pipelines, dams, and financial institutions. Last week, the President issued an executive order that permits the government to share information on real-time threats with private institutions that oversee these facilities. Imposing rules on the companies to protect this information requires congressional action.
Senate Republicans who killed last year’s measure, after the House had approved it, said it would have cost companies too much to install the needed protection. The Senate ignored testimony in favor of the bill by the FBI director and the chairman of the Joint Chiefs of Staff.
Last year, hackers carried out 198 attacks on information systems within the nation’s critical infrastructure, including pipelines and electrical grids. That number was up 52 percent from 2011.
Some attacks enabled hackers to disrupt the operations of these organizations. The potential for disaster, including death and destruction, is large.
A related threat is a long-term, sustained cyber-espionage campaign against U.S. companies and institutions, described in a National Intelligence Estimate that has not been made public. This campaign has been waged largely by China, but attacks also have come from France, Israel, and Russia.
Spies seek secrets in the fields of aerospace, automobiles, energy, finance, and military technology. Estimates of the costs of these assaults run as high as $100 billion a year.
America has allowed its defenses against cyber-assault to lag far behind its attackers’ technology. Mr. Obama has taken a step, but Congress also must act quickly. This is not a partisan issue.