The recent data breach at the U.S. Office of Personnel Management highlights the growing risk of cyberattacks against the government, companies and individuals. Federal officials have said more than 4 million current and former federal employees were affected, and published reports indicate security-clearance information may have been stolen.
Slightly less than half of respondents to this week’s RBJ Daily Report Snap Poll say they have been a victim of a cyberattack. Nearly all say they are concerned that a major cyberattack could pose a serious threat to the economy or national security of the United States. Among them, 55 percent say they’re very concerned.
Numerous companies have been hit by hackers including Target Corp., which suffered the theft of some 40 million credit-card numbers, and JPMorgan Chase & Co., in an attack that reportedly compromised the accounts of 76 million households and 7 million small businesses.
The types of attacks have ranged widely. Among the most costly, according to the Ponemon Institute, are malicious code, denial of service attacks, Web-based attacks, and phishing and social engineering, in which computer users are manipulated into performing actions or divulging confidential information.
Some attacks are the work of individual hackers, but the White House last year accused North Korea of stealing records from Sony Pictures Entertainment and China has been the focus of suspicion in the breach at the federal personnel office. Suspected nation-state attacks have prompted debate about when hacking should be considered an act of war.
Nearly three-quarters of respondents say a large-scale cyberattack on the United States by another country should be considered an act of war.
Roughly 300 readers participated in this week’s poll, conducted June 15 and 16.
Have you or your place of work been a victim of a cyberattack?
Are you concerned that a major cyberattack could pose a serious threat to the economy or national security of the United States?
Very concerned: 55%
Somewhat concerned: 40%
Not very concerned: 5%
Not at all concerned: 0%
In your view, should a large-scale cyberattack on the United States by another country be considered an act of war?
Hard to believe it is taking this long for countries to realize there isn’t a need for tons of money, troops, artillery and bloodshed to dominate and potentially eradicate others. Cutting off access to electricity and water is enough to wreak havoc if not paralyze just about any society.
Computer attacks are criminal acts of theft—theft of real or intellectual property is a crime, not an act of war. We already have national laws covering theft and restitution. In my opinion, cyber theft is facilitated by gross lack of preparation on the part of government and industry. We need action on two fronts—technology and legal—we don’t need another reason for bulletheads to go to war.
—Wayne Donner, Rush
If aggressive business practices are an act of war, then the U.S. has perpetrated a great many of them already. How can we consider our students our enemies?
Do you consider Google or Apple or my e-mail server selling data about me without my permission a cyberattack? Do you consider ads for products for which I had been shopping magically popping up on my screen a cyberattack? Do you consider the malware that I’d bet my grandchildren’s next lunch is out there—and which no one knows where or when it will strike or whom it will strike—a cyberattack? Then yes, I’ve been attacked, and so have you.
As a country, and even worldwide, there are so many end users compared to those who fully understand and are able to manipulate and information systems. Falling into the wrong hands could be devastating worldwide, not just here.
The difficulty will be verifying that the perpetrator is indeed who we think it is. It’s still not clear to me that China was the attacker on the recent one with 100 percent certainty.
—Hal Gaffin, Fairport
If an attack is sanctioned and supported by the government of another country, it almost has to be considered an act of war. Bringing down our economy and e-commerce system, or distributing vital information to other countries, whether it be financial or other key data, is a serious concern. Protecting data (citizens’ and consumers’ data) has to be a top priority.
I was reviewing the testimony by the woman in charge of the federal agency that had all the personnel files that were hacked and I was amazed at the incompetence and malfeasance of this department head. She was told the system was inadequate and that several databases should be shut down because they were so vulnerable. She refused to do so saying that it would interfere with her “mission.” She apparently has no intention of resigning, and I would be surprised if she is even disciplined. At least Target made some small effort to prevent hacking.
Act of war? Really? How have our most recent wars turned out? Korea? Vietnam? Pakistan? Iraq? ISIS? Modern American politicians are too feckless, politically correct, and indecisive to win any “war” we enter! Hire your own computer experts, have them install the best defensive programs in your computers, and look out for yourself.
—Tom Shea, Thomas P. Shea Agency Inc.
For this very reason, we are undertaking a comprehensive security review of every aspect of our business which includes website, EHR, claims and payment procedures, and other financial transactions.
—Alan Goodfellow, CFO
I don’t understand why the U.S. government doesn’t make sure that they have the best protection for the data going into their systems. Maybe trying to hack personal info is just a test as to how to get into the system and steal much more confidential data. This should be a wakeup call to get their act together. All government entities should make sure they have rock-solid protection from these attacks, seeing how the governments want business owners and citizens to pay taxes, file income taxes, pay sales taxes, withholding taxes, etc., online instead of by mail. The people depend on the government sites to be protected. There is no excuse for what happened.
It would be great—if this situation could be resolved amicably. However, do not look for that to happen! I’d like to know if the U.S. started this!
—J.A. DePaolis, Penfield
For more comments, go to rbjdaily.com. To participate in the weekly RBJ Snap Poll, sign up for the Daily Report at staging.rbj.net/dailyreport.
6/19/15 (c) 2015 Rochester Business Journal. To obtain permission to reprint this article, call 585-546-8303 or email firstname.lastname@example.org.