Recent reports of cyber attacks on Google and other American companies have raised concerns about protecting the critical infrastructure of a company or a country against a coordinated, targeted cyber attack. The recent cyber attack on Google used exploits targeting zero-day client side vulnerabilities to insert a backdoor trojan called HydraQ into the corporate networks. The attack has drawn much attention to the viability of the United States’ critical infrastructure to ward off similar attacks in the future, perhaps on a broader scale. The concern around this issue is warranted, justified and echoed throughout the industry.
It is important to bear in mind that there are steps that can be taken right now by Congress – steps that have the support and involvement of the cyber security industry and other private sectors -- to address some of these concerns and further secure the United States’ critical infrastructure: