“A cyber attack on the World Trade Center would be 10 times more financially damaging than the 2001 attack.” Data breaches like the ones at Target, JP Morgan, and Home Depot have recently been all over the news and are usually organized by hackers working towards financial gain. But there is cyber war happening with military and political objectives with potentially far more damaging results. Cyber terrorists and militaries have already developed technologies that are able to hack into important data systems, destroy critical infrastructure, and take down crucial things like power grids and financial systems. If this does not scare you, you should know that there are almost no direct laws that deal with the ramifications of cyber attacks, the contractors who built the failing technology, or innocent bystanders.
On this episode of Digital Detectives, Sharon Nelson and John Simek interview cybersecurity expert David Bodenheimer about the effects of cyber attacks, whether they are likely to proliferate, the connection between the private sector and government defense, and the legal risks to contractors and bystanders. Bodenheimer first explains how economic cyber crimes are different than cyber war, and gives some examples like the US cyber security threat in 2009, the 2007 cyberattacks on Estonia, and Stuxnet, a computer worm that destroyed many control systems in Iranian nuclear plants. He explains that there is a global cyber race and, in a few years, no self-respecting military will be without cyber attack capabilities. Unfortunately, there are no international treaties or laws that directly govern cyber weapons and war. Bodenheimer also discusses US laws that federal agencies and contractors could face to account for damages. These could include the DHS SAFETY Act, Public Law 85-804, and various legislative proposals, but there is no clean fit.
David Bodenheimer is a Government Contracts partner and litigator heading Crowell & Moring’s Homeland Security practice. David has 32 years of experience in doing business with the government. He has represented Fortune 500 companies in cyber disputes with federal agencies, advised on security compliance and cloud standards, and handled a broad spectrum of cybersecurity and privacy issues in the public sector.
Special thanks to our sponsor, Digital WarRoom.