Two weeks ago, some 30,000 systems at South Korean banks and broadcasters were wiped out in a coordinated attack – it might have come from North Korea, but investigators are still chasing basic details. “We judge that there is a remote chance of a major cyber attack against U.S. critical infrastructure systems during the next two years that would result in long-term, wide-scale disruption of services,” wrote U.S. Director of National Intelligence James Clapper. .“Our critical infrastructures are all identifiable: they’ve been probed, and they’ve been mapped,” said Frank Cilluffo, Director of the Homeland Security Policy Institute at George Washington University last week in testimony before the House Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. Last month security firm Mandiant fingered the Chinese People’s Liberation Army as brazenly running cyber operations out of a 12-story building in Shanghai – alleging this “APT1″ unit is one of dozens of hacking outfits run by the Chinese military. Iran is believed to be behind persistent denial-of-service attacks against Bank of America, JPMorgan Chase, Citi, and U.S. government sites during 2011 and 2012, as well as a destructive attack against Saudi Aramco and Qatar’s RasGas last year where malware wiped out more than 30,000 workstations. Where denial-of-service and outright destructive attacks might be a digital form of sabre-rattling for some regimes– or make for great movie plots– cyber espionage is the bread and butter of much state-sponsored online action.