WASHINGTON — The Obama administration simulated a cyber attack on New York City’s power supply in a Senate demonstration aimed at winning support for legislation to boost the nation’s computer defenses.
Senators from both parties gathered behind closed doors in the Capitol Wednesday for the classified briefing attended by Homeland Security Secretary Janet Napolitano, FBI Director Robert Mueller and other administration officials.
The mock attack on the city during a summer heat wave was “very compelling,” said Sen. Susan Collins, R-Maine, who is co-sponsoring a cybersecurity bill supported by President Barack Obama. “It illustrated the problem and why legislation is desperately needed,” she said as she left the briefing.
Lawmakers are debating cybersecurity legislation following assaults last year on companies including New York-based Citigroup and Bethesda, Md.-based Lockheed Martin Corp., the world’s largest defense company.
The attacks have increased concern that computer networks operated by U.S. banks, power grids and telecommunications firms may be vulnerable to hacking or viruses that may cause loss of life or inflict widespread economic harm.
The Obama administration is backing a Senate measure introduced Feb. 14 by Ms. Collins and Sen. Joe Lieberman, I-Conn., that would direct the Homeland Security Department to set cybersecurity regulations for companies deemed critical to U.S. national and economic security.
A competing Senate bill from eight Republicans including Arizona’s John McCain and Texas’ Kay Bailey Hutchison would avoid new rules, while promoting information sharing through incentives such as protection from lawsuits. Rep. Mary Bono Mack, R-Calif., is preparing to introduce similar House legislation..
A cyber attack leaving New York without power for a prolonged time could have “disastrous” effects, potentially severing communications, crashing life-saving medical equipment and destroying networks that run financial institutions, said Lawrence Ponemon, chairman of the Ponemon Institute a research firm based in Traverse City, Mich. “I would project that you would have literally thousands of people dying,” he said in an interview.
A blackout that swept parts of North America in August 2003 left 50 million people in the dark for as long as four days. Hackers could cause blackouts “on the order of nine to 18 months” by disabling critical systems such as transformers, said Joe Weiss, managing director of Applied Control Solutions, a Cupertino, Calif.-based security consulting company.