Ideas. Action. Results.

9/11 Commission members: The government is unprepared for a cyber attack


Saturday, September 10, 2016

On September 11, 2001, our country suffered the most devastating day in the living memory of most Americans. Nearly 3,000 innocent people died in a few surreal, nightmarish hours.

Fifteen years later, it is important to remember that the lessons of 9/11 were not only about terrorism—they were also about how national security leaders analyze dangers on the horizon, how they alert the public to the risk, and whether we are collectively able to act before those risks manifest in devastating fashion.

Before the 9/11 attacks, experts within the government recognized the danger that al Qaeda posed, but most Americans were unaware of the threat—largely because their leaders did not do enough to explain it to them. And despite the threat awareness inside government, few imagined that an al Qaeda attack would kill thousands of Americans, or that al Qaeda would use hijacked aircraft as suicide bombs.

The 9/11 Commission—on which we served—called the government’s inability to foresee and prevent suicide hijackings a “failure of imagination.” Unfortunately, we fear that the complacency and inaction that led to 9/11 may be repeating—not in counterterrorism, but in the cyber realm.

Electronic networks are the lifeblood of modern commerce, government, finance, and even social life. The list of high-profile breaches seems unending. Chinese-government-backed hackers have stolen the plans to dozens of our most advanced weapons systems. Iran has hacked into banks, oil companies, and even a dam in suburban New York. North Korea hacked into Sony Pictures and released reams of private data.