In November 2011, hackers using an IP address in Russia attacked a water plant in Illinois. The hackers were able to turn a water pump on and off so frequently that it broke. While the incident caused no other damage and did not shut down the water system, it was the first known instance of a malicious foreign attack on this nation’s critical infrastructure, and it demonstrated how vulnerable such vital services as waterworks, the electrical grid, oil and gas pipelines and the telecom system are to hackers. It also lent urgency to efforts in Congress to enact legislation to make critical industries less vulnerable to attack.
For several years, Sen. Joe Lieberman (I-Conn.), pictured at right, has been trying to pass a cybersecurity bill that would resolve issues around privacy and the sharing of information among critical industries and the Department of Homeland Security, and also require Homeland Security to establish standards and a testing program to make sure those industries are taking the needed steps to harden their operations against cyberattacks.
Lieberman and his co-sponsors, Sens. Susan Collins (R-Maine), Diane Feinstein (D-Calif.) and Jay Rockefeller (D-W.Va.), disagree, arguing that the trillions of dollars in economic losses that could be caused by a serious attack on U.S. infrastructure mean increased regulation of key industries is sorely needed.
Neither the measure’s sponsors nor the Chamber have estimated what the regulations might cost companies. A Bloomberg survey of technology managers at 172 U.S. companies and agencies earlier this year showed the managers estimated they would have to spend almost nine times more on security to be defended against 95% of cyberattacks.