Cyberwar: What Does it Mean and What Could It Bring?
“40 Million Cards, Swiped” was the headline in the New York Times announcing the theft from Target of 40 million customers’ credit card purchase records. The article continued with the reminder these hackers were relatively small timers compared with the theft in 2007 of 90 million card records from T. J. Maxx and 130 million in 2009 from the card processor Heartland Payment Systems. Like many other U. S. Target store customers from November 27 through December 15, I’m checking each morning the online account of the credit card we use to see if an uninvited guest has appropriated some of our credit.
A few days earlier a friend, who like me is interested in national security issues, had reminded me of a review in the April 2012 issue of Smithsonian magazine of Richard Clarke and Robert Knake’s book Cyber War. Clarke has worked in security and counterterrorism offices under Presidents Reagan, Bush I, Bush II, and Clinton who appointed him National Coordinator for Security, Infrastructure Protection, and Counterterrorism. Knake was an international affairs fellow at the Council on Foreign Relations and has a master’s degree in international security studies from Harvard. Their book reviewers think they know what they’re talking about.
“The book’s central argument,” the Smithsonian says, “is that, while the United States has developed the capability to conduct an offensive cyberwar, we have virtually no defense against cyber attacks that he [Clarke] says are targeting us now, and will be in the future.” In September 2001 Clarke warned the Bush II White House that Al Qaeda was planning to attack the U. S.; he was ignored with the consequences we all learned of on September 11.
Clarke discusses the reality of cyberwar. In 2007 Israel disabled Syrian antiaircraft weapons before they attacked a Syrian nuclear weapons plant, and in 2008 the Russians immobilized Georgian government computers in advance of its attack on that country. (My wife and I were on a ship in the Black Sea at that time and can attest there was no internet access for 24-hours.) In 2009 North Korea disrupted U. S. and South Korean government computers after its nuclear missile test launch. Clarke discusses in detail the famous cyberworm, Stuxnet, that the U. S. (according to Clarke) used in 2010 to take over and crash the Iranian gas centrifuges separating nuclear bomb-grade uranium-235 isotopes from U-238 isotopes, thus interrupting Iran’s weapon development.
Many American companies in the defense, technology, and medical industries have suffered attacks and probable theft of their intellectual property from the Chinese and other foreign countries. Clarke and recent disclosures confirm that the U. S. has been active in hacking for military and diplomatic purposes at least.
So, in this pervasive environment of private and governmental hacking, why isn’t our government working at emergency speed (and Clarke thinks it is an emergency) to develop the technology to thwart this threat? Maybe more dollars from our F-35 and naval shipbuilding and the hundreds of military bases we maintain around the world should be diverted for this purpose. Clarke talks about the Armageddon effect on our nation and military operations of a massive shutdown of the systems in our banking, utilities, telecommunication, and governmental institutions. Without these systems our F-35’s and other aircraft won’t fly and our Navy vessels won’t know what to shoot at. These are questions I think we should be asking our Congresspersons and President. Our defense budget is about more than protecting jobs in the military equipment industry.