Essays in the Category "Cyberwar and Cyberterrorism"
Page 3 of 4
Militarizing Cyberspace Will Do More Harm Than Good
We’re in the early years of a cyberwar arms race. It’s expensive, it’s destabilising and it threatens the very fabric of the internet we use every day. Cyberwar treaties, as imperfect as they might be, are the only way to contain the threat.
If you read the press and listen to government leaders, we’re already in the middle of a cyberwar. By any normal definition of the word ‘war’, this is ridiculous. But the definition of cyberwar has been expanded to include government-sponsored espionage, potential terrorist attacks in cyberspace, large-scale criminal fraud and even hacker kids attacking government networks and critical infrastructure. This definition is being pushed by the military and government contractors, both of which are gaining power and making money from cyberwar fears…
Fear Pays the Bills, but Accounts Must Be Settled
A lot of the debate around President Obama’s cybersecurity initiative center on how much of a burden it would be on industry, and how that should be financed. As important as that debate is, it obscures some of the larger issues surrounding cyberwar, cyberterrorism, and cybersecurity in general.
It’s difficult to have any serious policy discussion amongst the fear mongering. Secretary Panetta’s recent comments are just the latest; search the Internet for “cyber 9/11,” “cyber Peal-Harbor,” “cyber Katrina,” or—my favorite—”cyber Armageddon.”
There’s an enormous amount of money and power that results from pushing cyberwar and cyberterrorism: power within the military, the Department of Homeland Security, and the Justice Department; and lucrative government contracts supporting those organizations. As long as cyber remains a prefix that scares, it’ll continue to be used as a bugaboo…
Debate Club: An International Cyberwar Treaty Is the Only Way to Stem the Threat
We’re in the early years of a cyberwar arms race. It’s expensive, it’s destabilizing, and it threatens the very fabric of the Internet we use every day. Cyberwar treaties, as imperfect as they might be, are the only way to contain the threat.
If you read the press and listen to government leaders, we’re already in the middle of a cyberwar. By any normal definition of the word “war,” this is ridiculous. But the definition of cyberwar has been expanded to include government-sponsored espionage, potential terrorist attacks in cyberspace, large-scale criminal fraud, and even hacker kids attacking government networks and critical infrastructure. This definition is being pushed both by the military and by government contractors, who are gaining power and making money on cyberwar fear…
It Will Soon Be Too Late to Stop the Cyberwars
The world is gearing up for cyberwar. The US Cyber Command became operational in November. Nato has enshrined cyber security among its new strategic priorities. The head of Britain’s armed forces said recently that boosting cyber capability is now a huge priority for the UK. And we know China is already engaged in broad cyber espionage attacks against the west. So how can we control a burgeoning cyber arms race?
We may already have seen early versions of cyberwars in Estonia and Georgia, possibly perpetrated by Russia. It’s hard to know for certain, not only because such attacks are often impossible to trace, but because we have no clear definitions of what a cyberwar actually is…
3 Reasons to Kill the Internet Kill Switch Idea
Last month, Sen. Joe Lieberman, I-Conn., introduced a bill that might—we’re not really sure—give the president the authority to shut down all or portions of the Internet in the event of an emergency. It’s not a new idea. Sens. Jay Rockefeller, D-W.Va., and Olympia Snowe, R-Maine, proposed the same thing last year, and some argue that the president can already do something like this. If this or a similar bill ever passes, the details will change considerably and repeatedly. So let’s talk about the idea of an Internet kill switch in general.
It’s a bad one…
Threat of "Cyberwar" Has Been Hugely Hyped
There’s a power struggle going on in the U.S. government right now.
It’s about who is in charge of cyber security, and how much control the government will exert over civilian networks. And by beating the drums of war, the military is coming out on top.
“The United States is fighting a cyberwar today, and we are losing,” said former NSA director—and current cyberwar contractor—Mike McConnell. “Cyber 9/11 has happened over the last ten years, but it happened slowly so we don’t see it,” said former National Cyber Security Division director Amit Yoran. Richard Clarke, whom Yoran replaced, wrote an entire …
So-called Cyberattack Was Overblown
To hear the media tell it, the United States suffered a major cyberattack last week. Stories were everywhere. “Cyber Blitz hits U.S., Korea” was the headline in Thursday’s Wall Street Journal. North Korea was blamed.
Where were you when North Korea attacked America? Did you feel the fury of North Korea’s armies? Were you fearful for your country? Or did your resolve strengthen, knowing that we would defend our homeland bravely and valiantly?
My guess is that you didn’t even notice, that – if you didn’t open a newspaper or read a news website – you had no idea anything was happening. Sure, a few government websites were knocked out, but that’s not alarming or even uncommon. Other government websites were attacked but defended themselves, the sort of thing that happens all the time. If this is what an international cyberattack looks like, it hardly seems worth worrying about at all…
Chinese Cyberattacks: Myth or Menace?
This essay appeared as the second half of a point/counterpoint with Marcus Ranum. Marcus’s half is here.
The popular media narrative is that there is a coordinated attempt by the Chinese government to hack into U.S. computers—military, government, corporate—and steal secrets. The truth is a lot more complicated.
There certainly is a lot of hacking coming out of China. Any company that does security monitoring sees it all the time. Of course, they can’t prove that it comes out of China. But the majority of servers used in the attacks are located in China, using DNS bouncers that can only be registered by people literate in Chinese. The hacker websites where different hackers and hacker groups brag about their exploits and sell hacker tools and how-to videos are written in Chinese. Technically, it’s possible all the attackers are from, say, Canada and trying to disguise themselves, but it seems pretty unlikely…
The Truth About Chinese Hackers
The scoop: Last week, Rep. Frank Wolf, a Virginia Republican, said four of his government computers had been hacked by sources working out of China. Bruce Schneier, an internationally renowned security technologist, gives us his take on what went down.
The popular media concept is that there is a coordinated attempt by the Chinese government to hack into U.S. computers—military, government corporate—and steal secrets. The truth is a lot more complicated.
There certainly is a lot of hacking coming out of China. Any company that does security monitoring sees it all the time…
America's Dilemma: Close Security Holes, or Exploit Them Ourselves
On April 27, 2007, Estonia was attacked in cyberspace. Following a diplomatic incident with Russia about the relocation of a Soviet World War II memorial, the networks of many Estonian organizations, including the Estonian parliament, banks, ministries, newspapers and broadcasters, were attacked and—in many cases—shut down. Estonia was quick to blame Russia, which was equally quick to deny any involvement.
It was hyped as the first cyberwar: Russia attacking Estonia in cyberspace. But nearly a year later, evidence that the Russian government was involved in the denial-of-service attacks still hasn’t emerged. Though Russian hackers were indisputably the major instigators of the attack, the only individuals …
Sidebar photo of Bruce Schneier by Joe MacInnis.