I get one or two interview requests a week on cybersecurity lately.
The conversations always hinge on matters of absolutely no interest to the American middle class. Most popular now: “What would a cyberwar look like?”
I usually don’t answer such questions with predictions or go-alongs.
This is because the term “cyberwar” has been so abused and overused it’s effectively meaningless.
Its only utility is to rivet a reader’s attention. And while it still merits discussion there’s no capacity for conducting any kind of thoughtful debate on it in the national media. Or the halls of Congress or anywhere that’s not behind walls of secrecy.
Anyway, cybersecurity and cyberdefense, like much national security, is now almost totally split away from the interests of average people.
The American economy, which has turned on the middle class, is the foremost consideration in life. Not whether or not the CIA’s website is taken down or defense contractors and banks are invaded by hackers.
Last week, a new story arose, inspired by fear of LulzSec, which has since allegedly disbanded out of boredom.
Banks, it was said, wanted to be protected in cyberspace. Not out of any sudden realization that cybersecurity adds value and is a good thing to practice but because said banksters were worried about the cyber-paupers getting into their stuff and the scandal and momentary public embarrassment that entails.
And in this they show what can be seen when people lose all faith in corporations and government institutions. There’s no sympathy for the defense contractor or giant financial multinationals that are hacked.
If you find anything at all, it’s something closer to “they had it coming.”
Which leads into a long story on national cybersecurity from AP.
I extract the only parts worth saving, those having to do with protecting the top tier in US corporate society from cyber-ruffians. The “they’re coming for out stuff” argument dressed up as a pressing reason to develop extreme national policy.
Lynn and others also say the Pentagon must more aggressively protect the networks of defense contractors that possess valuable information about military systems and weapons’ designs. In a new pilot program, the Defense Department has begun sharing classified threat intelligence with a handful of companies to help them identify and block malicious cyber activity on their networks.
Over time, Lynn said, the program could be a model for the Homeland Security Department as it works with companies that run critical infrastructure such as power plants, the electric grid and financial systems.
[The bold-faced objective is of absolutely zero value to average Americans. No one will see any benefit, ever, on whether or not the Lockheed Martins of the US are protected from hacker breeches by the Pentagon. Lockheed Martin's financial and proprietary business interests are the only things served
Another paradox here is that Lockheed Martin has very aggressively marketed its cyber-defense arm to the US government and military. Commercials are not hard to find in which the company portrays mock cyber-attacks being warded off by their brave and canny cyber-defenders..]
At a recent Capitol Hill hearing, incoming Pentagon chief Leon Panetta, the outgoing CIA director, said the U.S. must be aggressive in offensive and defensive countermeasures.
“I’ve often said that there’s a strong likelihood that the next Pearl Harbor that we confront could very well be a cyberattack that cripples our power systems, our grid, our security systems, our financial systems, our governmental systems,” he said.
Panetta is the hero of the hunt for Osama bin Laden. But that does not mean he is a whiz-bang in all matters.
The “electronic Pearl Harbor” trope in reference to cyber-attack is now about fifteen years old.
You can do a Google search on it here.
In the first page list is something I wrote back in 1997 entitled “Electronic Pearl Harbor — Not Likely.”
A great deal has changed since them. But my title, as one of the few predictions I have ventured, remains solid.
Routinely, as one sees if one scans up the search page, are many many trivial writers declaring how “electronic Pearl Harbor” may have already happened. (Or what it would look like.)
The original Pearl Harbor, it’s worth noting, was impossible to overlook.
A cursory reading of these beware-of-electronic-Pearl-Harbor notices since the late Nineties reveals their sameness. All of them are ultimately based on the simplistic idea that unknown enemies on the other side of the world can overturn substantial portions of the US by flicking a few software switches.
This is essentially the result of two things: now way-old American national security infrastructure near psychotic paranoia over magical technological surprise that never occurs and now way-old methodology on massaging the national treasury for funding.
The other bits in the current arguments about cybersecurity and cyberwar are the warnings that the financial system could be hit.
The world economy was put in a tailspin by Wall Street financial systems in 2008. It has yet to recover.
And while Wall Street has done nicely since then, Main Street America has not. And by all accounts, no significant protections against Wall Street’s predations have been put in place in the intervening period.
The argument that the US financial system ought to be protected from electronic Pearl Harbor would, if all Americans actually knew of it, strike them as ridiculous.
It’s easily observable that people are much more interested in protection from the racket that’s the American financial system. Cyberwar and hack attacks on it, when compared to the damage inflicted by Wall Street misbehavior, are absurdly small things.