What more to do?
Warnings such as the "Pearl Harbor" one from Mr. Panetta in October have stirred debate over further measures the United States should take to protect itself.
Congress recently grappled with legislation that would have allowed the Department of Homeland Security (DHS) to do cybersecurity testing on computer networks of companies that operate natural gas pipelines and other vital assets – and would have granted those companies protection from financial liability in the event of a cyberattack on their facilities. But lawmakers did not approve it, mainly on grounds that the business community objected to the expected high cost of the new mandates and regulations, as well as the exposure of proprietary information to government. In response, President Obama is expected to issue an executive order soon, though it won't give the federal government as much authority to conduct cyberdefense testing as the legislation would have.
Not everyone agrees on what defensive actions to take. Some see Panetta's words as hyperbole aimed mostly at preserving the defense budget. Others warn of a US policy "overreaction" in which Internet freedoms are stifled by Big Brother-style digital filters.
"As ominous as the dark side of cyberspace may be, our collective reactions to it are just as ominous – and can easily become the darkest driving force of them all should we over-react," writes Ron Deibert, a University of Toronto cyber researcher, in a recent paper titled "The Growing Dark Side of Cyberspace (... and What To Do About It)."