Corporate fearmongers are eager to make a fortune from the phony threat of cyber-terror
Just as the war on terror is winding down, a so-called cyber war is spinning up. How very fortunate for government contractors like BAE Systems.
Historically, we would call attempts by foreign countries to acquire information from American government and industry "espionage." The problem is that spies aren't all that scary. But cyber war? It's a perfectly meaningless phrase to frighten a perfectly credulous government. When contractors really want to tighten their coils, they make "cyber" the prefix to "terror."
In Richard Clarke's transcendently self-serving Cyber War, he offers up horror and horror that will result from cyber war. My particular favorite: "We know the plans for the new F-35 fighter were stolen by hack into a defense contractor. What if the hacker also added to the plans, perhaps a hidden program that causes the aircraft to malfunction in the air when it received a certain command that could be radioed in from an enemy fighter?" Yes, that would be a terrible thing indeed. But there's zero evidence of such a feat. Of course, in cyber warfare scare circles, that's not a problem. "Logic bombs like that can be hidden in the millions of lines of code on the F-35, or in the many pieces of firmware and computer hardware that run the aircraft," Clarke writes. See, maybe it has happened, but we don't know it. Even televangelists aren't this brazen.
Cyber war will always get worse and will always be capable of anything. What if North Korea penetrates the power grid and turns off the east coast? Well, yeah, why not? That scenario is perfect because it lets us live out the remake of Red Dawn and Hurricane Katrina at the same time. Cyber warfare is great because anyone can play. I'll give it a go: "What if hackers penetrate the wireless infrastructure and insert code into smartphones that causes them to overheat and eventually explode in our pockets and purses?" No, you argue, that seems farfetched. "Ah," I reply, "Consider that nobody runs antivirus software on their smartphones. Do you have McAfee on your iPhone? I didn't think so. Have you heard of phones overheating and exploding? It's happened, and it's not pretty. Cyber warfare is real and it can harm you — and your children."
The only thing that would make my scenario even better is if I were a consultant who made a fortune from cyber security. Like Richard Clarke! The real beauty of Clarke's book is that he is the chairman of Good Harbor, a cyber security consultancy, which makes him the direct beneficiary of his fear mongering. Cyber warfare is the ellipsis of terrorism. "Hackers might get in... and then cruise liners will sink and planes will fall from the sky." Don't worry yourself about the middle part. Booz Allen Hamilton has it all figured out, and will make sure it doesn't happen. But it's going to cost you.
It seems clear that the bulk of "cyber security" is just sensible information technology policies. The IT departments responsible for government and industry should be proactive in monitoring network traffic. Computers should be well defended with effective firewalls and virus protection. SIPRNET and JWICS terminals should disable USB ports and drives for writable media. These precautions should be taken for the same reason that we lock the front door before leaving for work — to do otherwise is to invite trouble. And if you have the plans to the F-35 on your hard drive, and someone steals it, you should lose your government contracts.
Yes, there are bad people trying very hard to wreak havoc with computers, or gain permanent access to state secrets, or steal fortunes from the financial industry. But that has been the case since we were writing on papyrus scrolls — only we used to call it "sabotage" and "espionage." As for people who rob from banks, in the days of yore they were called "bank robbers." The principles are the same; only the methods are different. In the distant future, when the internet is but a quaint memory and no more relevant than the telegraph, and we're injecting vials of nanotechnology into our bloodstreams and flying to work on holographic horses, it's a safe bet that someone, somewhere, will work hard to disrupt our holograms and cause our nanites to clot and induce cardiac arrest. Should we go ahead and declare the nano war now? Are we prepared for the nano-9/11?
Other stories from this topic:
- The Bullpen: America's embarrassingly redundant and entangled cyber security complex
- Burning Question: Will Aaron Swartz's suicide spark copyright reform?
- Instant Guide: Operation Red October: The top-secret global espionage campaign that's been running for five years