Thursday, July 08, 2010

"CyberWar"? Nope. It's BS

Schneier is a recognized security expert.

There's a power struggle going on in the U.S. government right now. It's about who is in charge of cyber security, and how much control the government will exert over civilian networks. And by beating the drums of war, the military is coming out on top...

General Keith Alexander, the current commander of the U.S. Cyber Command, hypes it every chance he gets. This isn't just rhetoric of a few over-eager government officials and headline writers; the entire national debate on cyberwar is plagued with exaggerations and hyperbole.

Googling those names and terms -- as well as "cyber Pearl Harbor," "cyber Katrina," and even "cyber Armageddon" -- gives some idea how pervasive these memes are. Prefix "cyber" to something scary, and you end up with something really scary.

Sure. It's like "Y2K"!! Run for the Hills!!! We're all gonna DIE!!


Anonymous said...

Lol. I met Schneier a few weeks ago while attending a conference in Tallinn. Also, he held a talk regarding this topics.

His point is not that cyberwar is bullshit, but that the definition is not clear, and that the term is used too broadly. Mostly a question of semantics.

At the same time, he does recognize the developments in this field, and encourages the government and military to continue working on these issues.

The fact that cyberwar is hyped, which he also discusses, is absolutely true. That does not mean however that it is bullshit, and that it should be ignored.

Anonymous said...

The question is two-fold:

1. Do you think organizations outside of the US, be they other countries or a collection of various people attempting to break into US computer systems, be they public or private, with the intent of stealing information and/or causing damage?

2. Do you think any country or group of people (i.e. terrorists) that we are engaged in military actions against would attempt to disrupt our computer systems and various infrastructures?

I would argue that the answer to both questions is "yes". We can then engage in this silly game or words, i.e. using the term "war" when we have not declared war on anybody, or we can sit down and decide how to look at the problem that is very real and decide how best to handle the situation.

Dad29 said...

Well, yah.

But if some foreign entity wanted to KO 'cyber,' they could use an airburst and take down everything electrical and electronic in a large region.

The question, I think, is whether there are VERY significant 'cutoff' points in the 'net, or whether it's so decentralized that any DOS-type attack would be only partially successful.

Hardening military and utility 'net sites should be priority one (and likely, State and muni.)

As to consumer stuff? Nope. Not that critical.