We've heard them all before: "Stop, drop and roll;" "Shelter in place;" "Duck and cover." Emergency response procedures in case of fire, earthquake, hurricane, tornado and other potential disasters are well known and rehearsed — or at least they should be — in places vulnerable to these kinds of hazards.
But what are you supposed to do in the event of a cyber attack? Although a large-scale cyber attack has yet to hit American shores in a publicly disruptive way, the news of yet another major cyber attack to hit Iran, dubbed "Flame," raises the question of how the United States might deal with such an attack, or one even more damaging, should it ever arrive on our shores.
Information about what to do in the event of personal identity theft is readily available even if it's not entirely familiar. The Federal Trade Commission (FTC) even has a document (PDF) outlining what to do in case you're identity is stolen, online or otherwise. They've even created their own shorthand for how to prevent it from happening at all: "Deter. Detect. Defend."
Flame is a different malware of a different stock, however. Flame is a data-mining virus, designed to collect information from a variety of sources, including hidden passwords, recorded audio from a connected microphone and screenshots of different communications applications, according to PC World.
The virus is considered a follow-up to the Stuxnet worm, which inflicted untold damage to Iran's nuclear infrastructure, though Flame is considered even more complex than its predecessor and might be the most sophisticated cyber weapon to date. According to computer security experts, both attacks could only have been possible with "nation-state support."
In the case of an attack similar to if not more damaging than these known cyber weapons, what would an emergency response look like? If there were a cyber attack involving the nation's power grid, for example, who would be in charge? Last year, Senator Sheldon Whitehouse posed the same questions during a discussion on cyber security at the University of Rhode Island.
These are the kinds of questions that cyber security experts concerned with safeguarding civilian infrastructure are still figuring out. During that same forum attended by Whitehouse, General Keith Alexander, director of the U.S. National Security Agency and U.S. Cyber Command (NSA/CSS), described high-risk targets like the power grid as "vulnerable."
The U.S. Department of Homeland Security (DHS) has established a group, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), that is devoted to cyber security and incident response to major cyber attacks. The team also hosts a malware lab that attempts to simulate potential attackss.
The DHS also has other divisions with similar objectives, such as the National Cybersecurity and Communications Integration Center, which coordinates cyber and communications warning information, and Cybersecurity Information Sharing and Collaboration Program (CISCP), designed to share cyber information among critical infrastructure owners, among others.
Earlier this month, ICS-CERT released a notice about cyber attacks targeting the natural gas pipeline companies. These incidents were predominantely spear-fishing attacks, which include malicious attachments to targeted e-mail addresses. What the attacks were intended to accomplish, however, is still a mystery to the DHS.
Despite the fact that there is now a dedicated national security apparatus to prevent, analyze and if necessary respond to cyber attacks, a study commissioned by the Obama administration to analyze the nation's cyber-security readiness found that state and local officials are most concerned about the ability to respond to digital threats, as opposed to other disaster scenarios. Forty-five percent of officials who responded said they did not have a program in place to address these attacks should they occur, according to the National Preparedness Report. Furthermore, two-thirds of respondents claimed their security procedures and recovery plans hadn't been updated in at least two years, as reported by the New York Times.
The number of cyber-attacks on government systems reported by federal agencies increased 650 percent between 2006 and 2010, with over 41,000 reported in that year, and the trend seems to indicate that this number will only continue to increase.
Current efforts in the public and private sector seem primarily to be aimed at preventing future incidents of cyber attacks from occurring. So far, this system has managed to keep a major disruptive attack at bay. How well prepared these same entities will be in terms of emergency management planning should cyber attackers ever succeed remains to be seen.
But were that ever to happen, should a cyber attack successfully disrupt a stock exchange, the power grid or the water supply, what can the average citizen do? So far the answer to that question has not coelesced.
Credit: Getty Images