Defining, Evaluating, Preparing for and Responding to a Cyber Pearl Harbor

TL;DR

This paper explores the concept of a 'cyber Pearl Harbor' by analyzing its historical meaning, proposing a framework based on three aspects of the original attack, and applying it to current cyber threats for better preparedness.

Contribution

It introduces a novel framework for understanding and evaluating cyber Pearl Harbor scenarios by decomposing the concept into three key aspects of the historical event.

Findings

The framework helps assess current cyber threats against the Pearl Harbor analogy.

It provides guidance for preparing and responding to large-scale cyber attacks.

The analysis highlights gaps in current cybersecurity measures for potential cyber Pearl Harbor events.

Abstract

Despite not having a clear meaning, public perception and awareness makes the term cyber Pearl Harbor an important part of the public discourse. This paper considers what the term has meant and proposes its decomposition based on three different aspects of the historical Pearl Harbor attack, allowing the lessons from Pearl Harbor to be applied to threats and subjects that may not align with all aspects of the 1941 attack. Using these three definitions, prior attacks and current threats are assessed and preparation for and response to cyber Pearl Harbor events is discussed.