Government prepares for enemy threats to key networks.
The security of Internet-based communications systems is a hot topic nowadays, as top officials increasingly worry that enemy hackers could take down key U.S. networks. A topic once framed in technical cybersecurity jargon is taking on the language of war. A four-star general, Keith B. Alexander, now presides as the first chief of the new U.S. Cyber Command. Deputy Defense Secretary William F. Lynn III outlined the threat and Pentagon countermeasures in the fall edition of Foreign Affairs. And Richard A. Clarke, who served as a cybersecurity adviser to several presidents, and a young colleague, Robert K. Knake, painted a frightening doomsday scenario in their book, Cyber War (HarperCollins, 2010).
Agencies, understandably concerned, are firming up defenses of key systems, and Congress is working on legislation that would make that job less difficult. Such key government contractors as Intel Corp. and Northrop Grumman Corp. are seizing opportunities to capitalize on the concern.
As part of a series of live events at the National Press Club on cybersecurity that our magazine has produced in cooperation with the SANS Institute, the leading trainer of cyber technicians, we recently explored the topic of cyberwar. (Intel and Northrop Grumman were among sponsors of the event.) I wanted to know how the experts would define an act of cyberwar, how vulnerable we are, and how capable of playing both offense and defense across a realm defined by digits instead of geography. Our panel of experts included Knake; Alan Paller of SANS; James A. Lewis, who directed the Center for Strategic and International Studies' Commission on Cybersecurity for the Forty-Fourth Presidency; and Shane Harris, journalist and author, once of Government Executive's staff and now working at Washingtonian.
We began by discussing an incident Lynn described of enemy action against military networks run by U.S. Central Command in the Middle East. A flash drive, inserted into a military laptop, spread malicious code through classified and unclassified systems: "a rogue program, operating silently, poised to deliver operational plans into the hands of an unknown adversary." Was this an act of war? No, our panel concluded; it was plain espionage, not serious enough to warrant what the military likes to call a "kinetic" (bombs, etc.) response.
An act of war, as Lewis said, would have to cause loss of life or serious disruption in such key network-dependent activities as banking, stock and other financial markets, or electric power generation. A successful attack on the power grid could be devastating, and, indeed, the panel confirmed that rogue actors already have inserted "logic bombs" into the networks controlling the grid. A logic bomb is hard-to-detect software code set to shut down a system at a certain time or in response to an outsider's command.
In their book, Clarke and Knake run through a hypothetical full-scale attack on key cyber systems, demonstrating that it would be as damaging as any kinetic attack short of nuclear war. Because the United States is so highly dependent on its networks, it is by definition more vulnerable than such probable antagonists as Russia and China. Still, the international economy is so interconnected, panelists said, that everyone has a lot to fear in a cyberwar, so the mutual deterrence theorem of the nuclear age might have relevance in the Information Age, at least until terrorists develop capabilities only nation-states now possess.
War between nation-states might be unlikely at the moment. But, as Knake observed, espionage remains a top concern, and not just against military networks. The ongoing theft of intellectual property from defense contractors and other important private sector institutions threatens our economic standing in the world, and thus might require that government quarterback a better, more agile defense than it has conjured to date.