Countries such as Iran are motivated to conduct such attacks, in retaliation actually.
Perhaps old news around here, even though Panetta is in-fact requesting new legislation from congress and the sentate, isn't the message wise and current that "we would be much better served if we accepted that prevention eventually fails, so we need detection, response, and containment for the incidents that will occur." as Richard Bejtlich has argued in his security blog?
Incidentally, Richard has also written a Top 10 list of the best ways to stir up the security pot (http://taosecurity.blogspot.nl/2012/09/top-ten-ways-to-stir-cyber-pot.html):
If you want to start a debate/argument/flamewar in security, pick any of the following.
"Full disclosure" vs "responsible disclosure" vs whatever else
Threat intelligence sharing
Value of security certifications
Advanced-ness, Persistence-ness, Threat-ness, Chinese-ness of APT
Reality of "cyberwar"
"Builders vs Breakers"
"Security is an engineering problem," i.e., "building a new Internet is the answer."
"Return on security investment"
Security by mandate or legislation or regulation
But seriously folks, time do change, don't they? (Even in the technology sector) Currently the congress is preoccupied with the failure of US security threats in Benghazi, while maybe Leon isn't getting the press his recent message deserves?