http://www.reuters.com/article/2011/10/26/us-japan-economy-hackers-idUSTRE79P2VK20111026

These kind of attacks makes me thing we need a different approach to network security for sensitive locations.  Do we need an internet 3, for just trusted hosts? Or maybe be more selective on what machines need to be connected to the wide world and what does not.  In reality you can’t hack what you can’t get to.  If they had a small email system with maybe some sort of BlackBerry system, that could only send out mail to internal users?

Just a rough thought.

http://news.cnet.com/8301-27080_3-20121681-245/u.s-rejected-cyberattack-on-libya-report-says/

This is also something that will happen soon, and I am not sure it if will be the US on the sending or receiving end.  Critical systems should be on air gap networks, completely cut off no USB keys, laptops, no no no.  Updating may be necessary but that risk needs to be tightly managed.