A cyber risk to the US

[Commentary] In a recent briefing to Congress about worldwide threats, FBI Director Robert S. Mueller III said that the danger of cyberattacks will equal or surpass the danger of terrorism “in the foreseeable future.” What makes that assessment particularly alarming is that the United States may be as unprepared to defend some of its critical computer systems as it was to protect New York and Washington against al-Qaeda before Sept. 11, 2001.

Though the Pentagon has a cybercommand, it does not cover the domestic civilian economy, including vital infrastructure systems such as the electric power grid, water supplies and the financial system. Many of the computers controlling those utilities lack adequate security measures and could be devastated by viruses launched by hostile states or even hackers. As it is, U.S. companies, from defense contractors such as Lockheed Martin to e-mail carriers such as Google, are under continual assault from China and Russia, which seek to steal industrial or national security secrets and probe for infrastructure weaknesses. Congress and the Obama administration have at least recognized the problem: Both have spent years studying it and have drawn up detailed proposals for hardening U.S. cyberdefenses. Like so much in Washington, action has been slowed by political gridlock; yet senior legislators in both parties have committed themselves to passing legislation. In fact, cyberdefense could be a signature achievement of this election year, if a few more senators can set aside partisanship and special interest appeals.