After the September 11, 2001 terrorist attacks, many blamed the country’s failure to detect these threats on a “lack of imagination.” In response, the government did the logical thing: hired a group of science fiction writers to brainstorm potential ways to protect the country from national security breaches.
Okay, so maybe it wasn’t the logical thing. The committee was called Sigma, and Christopher Kelly, a member of Homeland Security’s Science and Technology division, justified their hiring by saying that “Fifty years ago, science-fiction writers told us about flying cars and a wireless handheld communicator. Although flying cars haven’t evolved, cellphones today are a way of life…. science-fiction writers clearly inform the debate.” While Sigma hasn’t come up with anything ground-breaking yet (among their ideas were “material that becomes armor when struck with a bullet; an antibiotic that cures martyrdom; a satellite that beams solar energy to earth; and mind-reading helmets for bomb-sniffing dogs”), perhaps the government was on to something when they decided to look towards a more futuristic angle for defense. Fast forward to the present day, and we’ve seen that cyberwarfare, a decidedly 21st century method of attack, has come to the forefront of national security concerns.
So what is cyberwarfare? The definition given by Wikipedia is “politically motivated hacking to conduct sabotage and espionage.” Now how is that applicable or dangerous to our lives?
At this point, almost everything is run on a computer grid; government functions, defense operations, companies, etc. Cyberwarfare has the potential to destroy several vital functions; while it hasn’t happened yet, many worry that cyberattacks could be use to crash the stock market and stop it from operating, take down major water lines, even seize control of air or railroad traffic or cause a nuclear meltdown. In an article by the Wall Street Journal, Stephen Flynn from Northeastern University described this potential disastrous situation: “When transformers fail, so too will water distribution, waste management, transportation, communications and many emergency and government services. Giving the average of twelve month lead that is required to replace a damaged transformer… if we had a mass damage of that scale… the economic and society disruption would be enormous.” In 2009, the Air Traffic Control system was hacked and personal information was stolen; while the attackers did not gain control of the planes themselves, penetrating the servers is still something to be worried about. Hackers in 2012 attacked a company that deals with over 60% of the oil and gas pipelines in North America. The hackers managed to steal several program files.
Outside of America, the problem is just as serious; a firm in South Korea called SK Communications was targeted, and the private information of almost 35 million people may have been stolen. An al Qaeda operative ominously proclaimed that America and its allies should be subjected to “electronic jihad” and compared the weaknesses in America’s technological infrastructure as similar to those in America’s security before the 9/11 attacks.
Certainly, America is not blameless for these attacks; we have used cyberwarfare and cyberattacks before, for example, in the case of Iran’s Stuxnet virus. Stuxnet was a virus created by the United States and Israel that infiltrated Iran’s nuclear program in 2010 and targeted Siemens equipment, which was what uranium was being enriched with in Iran. The virus, depending on the estimate, delayed Iran’s nuclear program by a few weeks to a few years.
So the question is: What can we do about it?
This is a rather complex question, especially as I have no background in creating code or hacking. But there are a few steps America should attempt to take to strengthen its defenses.
1. Hire hackers.
This may seem counterintuitive; why hire hackers if that’s exactly what you want to avoid? In order to protect us from cyberattacks, the government and businesses need to find out where their weaknesses are, and there is no better way to do this than to get hackers to find them. Google has used this approach to make its Google Chrome browser more secure, and it was relatively cheap; all they had to do was offer a moderate cash prize for anyone who could detect a major flaw or get through Chrome’s defenses.
2. Expand the STEM (science/technology/engineering/mathematics) fields.
The best way to make sure we are secure in the cyber realm is by making sure there are enough people educated in the fields that would primarily contribute to this security. Many schemes have been proposed, including incentives for people to get STEM education in college rather than humanities, or even granting visas to any immigrants who agree to get an education in the STEM field and then either start a business or get a job in it.
3. Improve our relationship with China.
This is definitely easier said than done! It is estimated in a report by Mandiant, a US cybersecurity firm, published in February 2013, that China is the source of almost 90% of cyberattacks against America. A group based in China called Ghostnet has been conducting attacks against many countries, including the United States. It’s difficult to say how we can really improve relationships with the country, but we should certainly focus on it. The Obama administration has decided to do this through the “Asia pivot”, which may actually be a bad idea as it could potentially aggravate China even further. The Asia pivot and its components could definitely use at least a thorough re analyzation before being carried out, just to ensure they don’t aggravate the possibility of even more cyberwarfare.
A number of other steps must be taken, including stricter measures taken by companies and more money directed to building up cybersecurity measures, but they would all take too long to discuss; we do need to be careful though, as the protection from cyberwarfare could potentially lead to internet censorship (Senator Joe Lieberman has proposed a bill called “Protecting Cyberspace as a National Asset Act of 2010,” also known as “kill switch bill” which would give the president emergency power over parts of the internet). We may not need any mind-reading helmets for bomb-sniffing dogs anytime soon – but we do need to make sure the internet, and ultimately the entire country, is safe and secure.