WASHINGTON -- As the U.S. Secretary of Defense, Leon Panetta delivered strong warnings about the risks of cyberattacks on the country. His conviction that a possible "cyber Pearl Harbor" may be looming has not tempered since leaving the post last year.
In fact, Panetta today said that the risk of a major cyberattack against the nation's infrastructure is "the most serious threat in the 21st century."
Speaking at the Symantec Government Symposium here Tuesday, Panetta said such an attack could "devastate our critical infrastructure and paralyze our nation." He compared the potential disruption nationally to what hurricane Sandy accomplished on the East Coast in 2012.
"We have to take steps to better defend ourselves against this threat," Panetta told an audience of government IT managers and security specialists, as well as federal contractors.
Panetta was director of the CIA from 2009 to 2011, and then became the U.S. Secretary of Defense. He left the latter post last year and is now chairman of the Panetta Institute for Public Policy, which he co-founded in 1997.
Panetta was warmly received by the audience today, especially when he spoke briefly about the killing of Al-Qaeda leader Osama bin Laden in May 2011. He was the CIA chief at the time.
The message sent by the raid on bin Laden's hideout was that "nobody attacks the United States of America and gets away with it," said Panetta, sparking applause.
But what was true for bin Laden is not true for foreign cyberattackers hitting the U.S.
Security professionals here told of the difficulty in finding and arresting cybercriminals who live in a borderless world.
Richard Downing, principal deputy chief of the computer crime and intellectual property section at the U.S. Justice Dept., said international cybercriminals are becoming more involved with organized crime, making their efforts "very resilient," or harder to stop.
Downing, speaking on a panel here, said other problems include extradition difficulties and evidence gathering, particularly in countries that have few technical capabilities and trained personnel.
The cost of cybercrime is already very high.
Catherine Lotrionte, director of the Institute for Law, Science and Global Security at Georgetown University, estimated that losses from international intellectual property theft are about $300 billion a year, or about 1% of GDP. Other nations have measured their GDP losses in the 1% to 2% range as well, she added.
Panetta spoke of a need to educate the public about the risks.
"The American people need to understand that that this is not about hacking and identity theft, it has the potential for a major attack on the United States," he said.
Patrick Thibodeau covers cloud computing and enterprise applications, outsourcing, government IT policies, data centers and IT workforce issues for Computerworld. Follow Patrick on Twitter at @DCgov or subscribe to Patrick's RSS feed . His e-mail address is firstname.lastname@example.org.