The Washington Post

Cyberattack on Mideast energy firms was biggest yet, Panetta says

Defense Secretary Leon E. Panetta did not say who was believed to be behind the so-called Shamoon virus. (Thierry Charlier/AFP/Getty Images)

A computer virus that wiped crucial business data from tens of thousands of computers at Middle Eastern energy companies over the summer marked the most destructive cyberattack on the private sector to date, Defense Secretary Leon E. Panetta said Thursday night in a major speech intended to warn of the growing perils in cyberspace.

Panetta did not say who was believed to be behind the so-called Shamoon virus. But he said the malware, which rendered permanently inoperable more than 30,000 computers at the Saudi Arabian state oil company Aramco and did similar damage to the systems of Ras Gas in Qatar, represented a “significant escalation of the cyberthreat.”

Such attacks have “renewed concerns about still more destructive scenarios that could unfold” against the United States, he said in an address to business executives in New York. He asked them to “imagine the impact an attack like this would have on your company.”

Panetta’s remarks on the Middle East incidents were the first from any administration official acknowledging them. In the attack on Aramco, the virus replaced crucial system files with an image of a burning U.S. flag, he said. It also overwrote the files with “garbage” data, he said.

The Middle East cyber-incidents have prompted great concern inside national security agencies, with the military’s Cyber Command adding personnel to monitor for the possibility of follow-on attacks. U.S. intelligence and Middle Eastern diplomats have said they believe Iran carried out those attacks in retaliation for a Western oil embargo against Tehran, but other experts have expressed skepticism.

“It’s clear a number of state actors have grown their cyber-capabilities in recent years,” said a senior defense official who was not authorized to speak for the record. “We’re concerned about Russia and China, and we’re concerned about growing Iranian capabilities as well.”

Although there has been debate over the roles of various government agencies in cyberspace, Panetta made clear that it would be the Defense Department’s responsibility to defend the nation in that realm.

Under new rules of engagement for cyberwarfare, he said, the Pentagon’s role would extend to defending private-sector computers against a major attack. The conditions under which the rules would trigger a response are stringent, and must rise to the level of an “armed attack” that threatens significant physical destruction or loss of life, senior defense officials said.

Those cyber-rules, which represent the most comprehensive revision in seven years, are being finalized now, Panetta said. For the first time, military cyber-specialists would be able to immediately block malware outside the Pentagon’s networks in an effort to defend the private sector against an imminent, significant physical attack, The Post has reported. At present, such action requires special permission from the president.

Panetta said that “foreign cyber-actors are probing America’s critical infrastructure networks. They are targeting the computer control systems that operate chemical, electricity and water plants” and transportation systems. He said the government knows of “specific instances where intruders have successfully gained access to these control systems” and that the intruders are trying to create advanced tools to attack the systems to cause panic, destruction and death.

Panetta outlined destructive scenarios that worry U.S. officials: an aggressor nation or extremist group gaining control of critical switches in order to derail trains loaded with passengers or lethal chemicals; contamination of the water supply, or a shutdown of the power grid across large parts of the country.

The most destructive attack, he said, would be one launched against several critical systems at once in combination with a physical attack on the country.

“The collective result,” he said, “could be a ‘cyber-Pearl Harbor’: an attack that would cause physical destruction and loss of life, paralyze and shock the nation, and create a profound new sense of vulnerability.”

Panetta also issued a warning to would-be attackers, saying the Pentagon is better able now to identify who is behind an attack. “Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for actions that harm America or its interests,” he said.

The department has also developed the capability to conduct operations to counter threats to national security in cyberspace, he said, and would do so in accordance with international law.

Taking offensive action would be the role of the Cyber Command, launched in 2010. Panetta noted that the Pentagon is looking at ways to strengthen the organization, including streamlining its chain of command. A recommendation by senior military leaders to elevate it to full unified command status is under review, officials said.

Panetta, addressing the Business Executives for National Security, said cyber is now a major topic in nearly all his bilateral meetings with foreign counterparts, including in China a few weeks ago. China, which the United States has accused of being a top actor in cyber-economic espionage, is rapidly improving its capabilities, he said.

He reiterated the administration’s call for legislation to establish routine cyber-information sharing between the public and private sectors, and to set security standards for companies.

“This is a pre-9/11 moment,” Panetta said, in a somber reference to missed signs of the 2001 terrorist attacks on the United States. “The attackers are plotting.” He appealed to Congress and the private sector to join the government in improving the nation’s defenses to prevent a catastrophic cyber attack.

Ellen Nakashima is a national security reporter for The Washington Post. She focuses on issues relating to intelligence, technology and civil liberties.



Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments

Sign up for email updates from the "Confronting the Caliphate" series.

You have signed up for the "Confronting the Caliphate" series.

Thank you for signing up
You'll receive e-mail when new stories are published in this series.
Most Read



Success! Check your inbox for details.

See all newsletters

Your Three. Videos curated for you.
Play Videos
Be a man and cry
Deaf banjo player teaches thousands
Sleep advice you won't find in baby books
Play Videos
Drawing as an act of defiance
A flood of refugees from Syria but only a trickle to America
Chicago's tacos, four ways
Play Videos
What you need to know about filming the police
What you need to know about trans fats
Syrian refugee: 'I’m committed to the power of music'
Play Videos
Riding the X2 with D.C.'s most famous rapper
Full disclosure: 3 bedrooms, 2 baths, 1 ghoul
Europe's migrant crisis, explained

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.