Dear Journalists: There Is No Cyberwar
from the period dept
At the beginning of April, we noted that director of national intelligence, Michael McConnell, who’s now consulting for some firms that would profit greatly from a re-architecting of the internet, is going around pushing a ridiculous moral panic about “cyberwar” and how we basically need to break the internet and get rid of all privacy and anonymity. Forget your civil liberties, there’s money to be made in scaring people. While even the US “cybersecurity” czar tried to throw some cold water on these claims, the press sure does love bogus “cyberwar” stories, despite the lack of proof that there is any such thing or that it could do any real damage.
It’s being helped along, of course, by another former government official, Richard Clarke, who is selling a new book all about “Cyberwar” (in fact, that’s the title), leading to all sorts of news stories about how the US is at risk in this “cyberwar.”
The problem, of course, is the same as we described back in March: the people playing up the whole “cyberwar” threat are simply lumping together basic vandalism — the kind done by script kiddies, as if it’s part of a war. If that’s the definition of a “war,” you can find it going on around the country, anywhere there are kids and spray paint. Thankfully, Tom Lee has written a scathing critique of dumb journalistic coverage of this whole “cyberwar” crap:
The piece starts out by discussing Russian vandals’ successful efforts to screw with the Georgian government?s website — something that can be plausibly done by a disaffected teenager — then jumps rapidly to “monkey[ing] with GPS” which involves, you know, satellites, or at least skill at building, concealing and fortifying radio transmitters; and, if anything other than a braindead denial of service, would also require the discovery of a novel attack on the system’s design. These things are much harder than checking to see if the recently-launched website of a small ex-Soviet country is running slightly outdated software that someone else has written an exploit for….
Disrupting the operation of a website is very different from disrupting the operation of the internet, which is very different from interfering with military communication systems, which is very different from interfering with military battlefield communication systems, which is very different from being susceptible to the interception of digital communications. But all of these things are just jammed together, mindlessly.
What kinds of electronic attack are possible? To what extent are our defense systems susceptible to them — in particular, are those systems at all tangled up with the internet? If not, what economic consequences could plausibly be inflicted on our country by disruption of the internet, and how do they compare to the historical example of, say, a blockade? If an online attack originates from overseas, what countermeasures are available? And do we have a protocol in place with the major backbone operators to implement them?
None of these questions are asked or answered. Blah blah blah cyber. That’s it, over and over.
Welcome to the next moral panic that’s more about taking away your rights in an attempt to make some ex-politicians rich.