Rhetoric of Cyber War Breeds Fear—and More Cyber War

By Bruce Schneier
The Irish Times
March 14, 2013

Americans have a weird relationship with the word “war”. We hate using it to describe actual wars but we love using it in a rhetorical context. We had the war on poverty, the war on crime, the war on drugs and the war on terror.

One of the big “wars” we’re talking about now is cyber war and, in this case, the word is dangerous. It is both a rhetorical war as well as something with elements of actual combat. The word also confuses the political debate about how to deal with cyber security.

The danger is that words frame the debate. If we use the rhetoric of war, we invoke feelings of fear and helplessness. We understand that this is something nations do to each other and that it’s not “normal” time when we’re at war.

We accept a different set of security solutions, one that more easily ignores freedoms and liberties.

We are more willing to let the military take over our internet infrastructure and spy on our citizens.

On the other hand, if we use the rhetoric of peacetime espionage we think more about the rule of law and allow a much more limited role for the military.

Attacks from China

If you have been paying attention to the press recently, you might think China just started a cyber war, attacking everyone in cyberspace.

First the New York Times announced it was the victim of a sophisticated cyber attack from China, one intended to obtain the names of Chinese nationals co-operating with the press.

Then the security firm Mandiant released a report naming a particular Chinese military unit as the source of a large number of cyber attacks against targets around the world.

Meanwhile, US president Barack Obama has signed a new cyber-security directive, citing threats from China as one of the motivations behind this action.

First, we need to understand that there is no cyber war going on. We are not nations at war and claiming otherwise is destabilising. This is all espionage, something that has been going on between nations ever since nations were invented—and the US is giving as good as it’s getting.

Seymour Hersh has written in the New Yorker magazine about US military operations in China.

Meanwhile, the US Cyber Command recently announced that it is expanding from 900 people to almost 5,000, while the National Security Agency is building a massive new data centre in Utah. I’m sure China is just as fearful of the US as the US is of China.

While there are certainly a lot of state-sponsored cyber attacks emanating from China, it is not really news.

We in the security industry have been writing about Chinese cyber attacks for years, in earnest since the mid-2000s. Certainly, internet-enabled espionage has been going on ever since there was an internet.

GhostNet

In 2010, Google announced it was the victim of a sophisticated series of cyber attacks from China.

As with the attacks against the New York Times, the hackers were looking for particular people—in this case, human rights activists. Like the others, this attack was directed at more than one company.

At least 20 other large companies were targeted as well: internet and technological companies, media companies and traditional companies.

In 2009, security researchers discovered a very sophisticated surveillance network they called GhostNet. They found it during an audit of the Dalai Lama’s computers.

When they unravelled the command and control network, they found it was operating against high-value political, economic and media targets in 103 countries.

While there is no direct evidence that the Chinese were behind this, the list of targets read like a Who’s Who of targets on whom China wants to spy.

The Chinese may deny particular incidents but they make no secret about their general policies.

They have been writing about their doctrine of domination in cyberspace for even longer. From our perspective there is not much new in the revelations of the past month. Still, the increasingly hostile war rhetoric and sabre-rattling is worrisome.

We are in the early years of a cyber war arms race. Arms races are fuelled by two things: ignorance and fear.

We don’t know about the enemy’s capabilities and we’re afraid they’re greater than our own.

So we spend more on weaponry, then even more. The other side does the same and the result is both dangerous and destabilising.

Profitable

On the other hand, it’s very profitable—for some.

There is an enormous amount of money and power that results from escalating a cyber war arms race: power for the military, power for law enforcement and power for the large government contractors that support these organisations.

These are the people pounding the drums of cyber war and making news headlines warning us of a cyber 9/11, a cyber Pearl Harbour or—my favourite —a cyber Armageddon.

As long as “cyber” remains a prefix that scares, it will continue to be used as a tool to influence policy.

earlier essay: Our Security Models Will Never Work—No Matter What We Do
later essay: The Internet Is a Surveillance State
categories: Cyberwar and Cyberterrorism
back to Essays and Op Eds

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..