- The Washington Times - Monday, May 3, 2010

ANALYSIS/OPINION:

Are we really in a “cyberwar?” Are unidentified enemies scheming to bring down Western civilization with a single keystroke? Or is the whole thing overblown paranoia?

In his compelling book “Cyber War,” Richard A. Clarke, former head of counterterrorism security in the Clinton and Bush administrations, argues with great force that our electrical grid and banking systems are vulnerable to a cyber-attack coming from a hostile state. A cyber-attack could disable trains, Mr. Clarke says. “It could blow up pipelines … [or] damage electrical power grids. … It could confuse financial records, so that we would not know who owned what.”

Mr. Clarke asserts that cyber-attacks can come from an enemy country - or from a lone hacker. It’s easy to learn to be a hacker. My Google search for the term yielded 70.7 million hits in 0.28 seconds. Malicious code may infect a computer via a security flaw in a Web browser or could be distributed through secret back doors built into computer hardware at the point of manufacture. And though the government has instituted security measures to protect military and intelligence networks, Mr. Clarke frets that not enough is being done to protect the private sector, which accesses the Internet with Windows-based software especially vulnerable to attack.

“The Pentagon is all over this,” he says. It has appointed a four-star general to run a fiefdom called Cyber Command, the job of which is to defend the Pentagon. Says Mr. Clarke, “Now, who’s defending us? Who’s defending those pipelines and the railroads and the banks?”

Director of National Intelligence (DNI) Dennis C. Blair echoes Mr. Clarke’s assessment, testifying to Congress that the country’s defenses “are not strong enough.” Piling on was Mr. Blair’s predecessor as DNI, Michael McConnell, who argued in a Washington Post column that the “United States is fighting a cyber-war today, and we are losing.” Mr. McConnell called for a Cold War-style policy of massive retaliation against any cyber-attacker - that is to say, any cyber-attacker it could identify.

All quite alarming, if true. The problem is that the Obama administration disagrees with Mr. Clarke’s assessment. Howard A. Schmidt, Mr. Obama’s recently appointed cyberczar, said recently, “There is no cyberwar. … I think that is a terrible metaphor, and I think that is a terrible concept.” Mr. Schmidt completely rules out a successful attack on the electrical grid. “As for getting into the power grid,” Mr. Schmidt says, “I can’t see that that’s realistic.” Mr. Schmidt said Mr. Obama has no plans to re-engineer the Internet. Last we checked, the president favored global Internet freedom.

Georgetown’s Evgeny Morozov, one of the most prolific commentators around on Internet issues, believes that Mr. Clarke’s talk of a cyberwar and cybernukes is “science fiction” and suggests that cyberwar has emerged as the new favorite plank of self-interested security consultants on the right.

So which is it? Are we at war or not at war? Is cyberwar part of someone’s political agenda? Is the call to arms promotional activity coming from former government officials now in the business of security consulting?

Maybe so. But Richard Clarke was the Paul Revere of the Sept. 11 attacks. In an Aug. 6, 2001 memo titled “Bin Laden Determined To Strike in U.S.,” he sounded an early alarm. His track record entitles him to no little credence.

If a geek hacks into our electrical grid, it may not be war unless we identify the culprit as a state and not an amateur hacker. It would be nice to have a strategy for the private sector. Or should we just hold hands and sing Kumbaya - until the lights go out?

James D. Zirin, a lawyer in New York, is a member of the Council on Foreign Relations and co-host of the cable television program “Digital Age.”


Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.

 

Click to Read More and View Comments

Click to Hide