Defense Secretary Leon Panetta has warned that the US could launch a “pre-emptive” strike in the face of an imminent cyber attack against it, whilst stressing the need for action to bolster the nation’s defenses against any such attack.

In what is said to be the first speech by a US defense secretary addressing cybersecurity, Panetta scolded officials for the political gridlock in Washington, which he claims has put the skids on any cybersecurity legislation. Panetta also pulled no punches whilst lamenting America’s private sector, accusing it of under-investment in the cybersecurity sector.

Panetta said that the administration was considering a presidential executive order because they were fed up of “waiting for Congress to act.”

The defense secretary revealed that the country was already under attack by unnamed foreign actors, whom he said were targeting computer systems that control electricity, water, chemical and transportation facilities in the US.

“We know of specific instances where intruders have successfully gained access to these control systems. We also know that they are seeking to create advanced tools to attack these systems and cause panic, and destruction, and even the loss of life,” railed Panetta.

US is Vulnerable

Panetta said that among the deadly implications, aggressors could hack US computer systems to contaminate water supplies, shut off power grids or even derail trains.

He added that while awareness of the cybersecurity threat had grown within America’s private sector, “few companies have even invested in basic cybersecurity measures.”

The defense secretary pointed to the recent cyber attack on ARAMCO, the Saudi Arabian state oil company, whose computer network had to be shut down for several days after apparently being hit by the mysterious Shamoon virus.

Panetta said that Shamoon was so sophisticated that it managed to render more than 30,000 of ARAMCO’s computers useless, replacing thousands of essential files with the image of a burning Star and Stripes flag.

“Shamoon was probably the most destructive attack that the private sector has seen to date,” said Panetta.

Another concern for Panetta was the recent DDoS attacks on a number of US banks, which disrupted and delayed services for thousands of customers using online banking.

Panetta’s Paranoia

While concerns have been raised about the cyber espionage capabilities of countries such as China, Iran and Russia several times in the past, Panetta stressed that identifying cyberattackers is actually incredibly difficult – meaning that the US would be uncertain about whom to retaliate against in the event of any attack.

However, Panetta says that the US’s cyber forensics ability has come a long way in recent years, and warns any potential aggressors that the country has the capacity to identify them and hold them accountable for their actions. He added that the Pentagon had already taken steps to alter its ‘rules of engagement’ in cyberspace, and that these would be finalized soon.

The Department of Defense has a mission to defend the US, says Panetta. He insisted that they would be ready to retaliate in the event of any attack, or even launch a pre-emptive strike should concrete evidence of a threat emerged.

“If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us.”