BREAK IN TRANSCRIPT
Mr. COONS. I very much thank Senator Blunt. Thank you for helping to contribute to the bipartisan, positive tone of our deliberations. I thank my friend, the Senator from Rhode Island, for his leadership both in today's colloquy and in pulling together the language and partners, and Senator Mikulski, who started off our conversation today by reminding us as Senator Blunt has that it was a terrible storm in this area that knocked out power for a couple of days that gave a bracing reminder to the community around Washington, DC, just how much we rely in this modern economy of ours, on continuous, uninterrupted power.
That storm was an act of God. That storm was a random meteorological event. But as all of us have spoken--Senator Blumenthal also commented on this--we know as Members of the Senate that there are daily efforts at attacks on the United States far more devastating, far more far-reaching than that transitory storm. For us not to act, for us to fail to act in a bipartisan, thoughtful, and responsible way would be the worst sort of dereliction of duty.
All of us have been in secure briefings with folks from four-star and three-letter agencies with the most central roles in our intelligence community, in our national security agencies. But this is not something that only those of us in the Congress know or only those in the higher reaches of executive branch leadership know. This is now broadly, publicly well known. The water is rising, the storms are coming, and we need to incentivize the private sector that is responsible for running most of our essential infrastructure to man the barricades, to fill the sandbags, and to take on the responsibility in a thoughtful, balanced, and responsible way of preparing for the wave of highly effective cyber-attacks that are currently underway and that will crescendo soon.
We have heard public comments that are remarkable. The Chairman of the Joint Chiefs, General Dempsey, has said an effective cyber-attack could literally stop society in its tracks. As Senator Blunt mentioned, as a county executive I was responsible for emergency response, and all over this country cities, counties, and States are trying to understand how to prepare for the consequences of a cyber-attack.
We are not talking about trying to craft legislation that would deal with every possible cyber harm, every possible cyber crime. We are talking about those few incidents that would be likely driven by a nation state or by a terribly advanced and sophisticated terrorist group that would strike at the very heart of what makes our modern society vibrant and that would have mass casualty consequences, dramatic impact on our economy, or wipe out whole sectors for days or weeks, such as a failure of the power grid.
This is not exotic. We just had another public hearing on the Energy and Natural Resources Committee and were warned yet again of what the Department of Homeland Security documented back in 2007 in their Aurora exercise, that our power grid, nationally interconnected, vital to the modern economy, is fragile, is vulnerable to cyber-attacks. We have seen this unfold overseas. The small Baltic nation of Estonia was the victim of a comprehensive cyber-attack. They saw also in 2007 banks, media outlets, government entities that collapsed, bank cards, mobile phones, government services over a 3-week period completely shut down.
Is there a real threat? Absolutely. Are we doing enough to face it? I don't think so. I don't think we have yet done enough. There is legislation that has been brought forward by a whole group of Senators led by Senators Lieberman and Collins that I hope this body will turn to in the days ahead and find ways to balance. As Senator Blumenthal said previously, we live in a country where we must continue to respect the powerful, passionate commitment to individual privacy and civil liberties. But I think we can, with narrowly targeted, appropriately crafted legislation that incentivizes and encourages the private sector, take on the role, appropriately informed by those from throughout Federal Government, to strengthen their defenses against these coming attacks. I don't think we have to make a choice between privacy and security and I do think we can give the private sector the tools to make our country safe and strong.
But those who view new cyber regulations as onerous, as burdensome, as overly expensive for the private sector, as threatening needlessly our privacy, have an obligation to come forward with a credible alternative before it is too late.
Today we are, frankly, leaving our country wide open to attack. As we recently heard in floor speeches by both Senator Blumenthal and Senator Whitehouse, when private sector companies, even the most technically sophisticated, are contacted by our government and told they have been the victim of a successful intrusion and attack, in nearly 90 percent of the cases they were utterly unaware. We need to strengthen information sharing. We need to develop robust standards of defense. We need to help invest in building up the infrastructure protection of this country, and it is the most vital thing I can think of that this country could turn to.
Let me close with this for my moment, if I could. I had a chance to have lunch last week with Senator Daniel Inouye. That was for me a great honor, a chance to sit with him and visit and ask his advice. He made one comment to me in closing. He is the only Member of this body who was at Pearl Harbor. He shared with me that in his view the next Pearl Harbor, the next unexpected massive attack that could hurt the United States, will come from cyber. It is our obligation to take that lesson seriously and to legislate in a bipartisan, thoughtful but swift and effective way.
So, I say to Senator Whitehouse, I am grateful for his leadership of our efforts in this regard.
BREAK IN TRANSCRIPT