In a prominent lead opinion piece on June 15, 2011 in the Wall Street Journal, Richard Clarke, former Chair of the federal government's Counter-terrorism Security Group in the Clinton and George W. Bush administrations, makes the case that the Chinese government is actively involved in cyber attacks on U.S. businesses. Mr. Clarke also notes prior threats that have been identified to the power grid.
Mr. Clarke, to be sure, is a controversial figure, but he has not been hesitant to criticize even administrations in which he served on matters involving national security. Mr. Clarke observes: "Congress hasn't passed a single piece of significant cyber security legislation." Noting the muted response of governmental officials to issues in the face of Chinese government denials, Mr. Clarke states that if explosives were found in our infrastructure, a strong response could be expected, but if "the explosive is a digital bomb that could do even more damage, our response is apparently muted—especially from our government."
Mr. Clarke's concerns are not limited to the power grid infrastructure or the defense industry. He notes that cyber criminals tend to go after banks and credit card companies, not defense contractors.
Mr. Clarke's thoughts represent a cautionary tale for all companies dependent upon information technology -- which would probably include most companies. At this point, do not assume that the government is going to protect you. Be sure your defenses are up and that you have plans in place in the event of a breach.