Cyberwar's first casualty: Your privacy

Contents

• Global threats: Are we focusing on the wrong things?
• Navigating the fog of cyber war
• Software: The eternal battlefield
• The grid: Likely target?
• Cyberwar's first casualty: Your privacy
• A short history of hacks, worms and cyberterror

Computerworld - The first casualty of war, the Greek playwright Aeschylus said, is the truth. But when it comes to cyberwarfare, the first casualty will more likely be your privacy.

And unlike in past wars, the government itself may not do the snooping. Instead, it will most likely let private industry do the dirty work, essentially outsourcing cyber intelligence gathering.

In warfare, information is one of the most important weapons in a government's arsenal. No matter the physical weaponry, the key to victory is an understanding of the enemy's intentions and who and where he is. I've been reading Caesar, Life of a Colossus, by Adrian Goldsworthy, and was struck by how important gathering information about the movements of his enemies was to Caesar's conquest of Gaul. Look at any war, and you'll generally find that the victor had better intelligence.

As we've seen, though, intelligence gathering is frequently subject to abuse. During the Cold War, the CIA and FBI regularly violated the rights of citizens. More recently, the Patriot Act gave legal cover to government prying, and the National Security Agency carried out covert wiretapping without seeking the proper warrants.

The intelligence that will be gathered in the coming generation of cyberwarfare will dwarf anything that came before, in the breadth of information acquired, the ease with which it is gathered, and the number of people caught in the net. In past wars, a fair number of innocent people had their privacy invaded. In tomorrow's cyberwar, it'll be virtually everyone.

Cyberwarfare is fought online; its geography is virtual, and you're part of it. In physical wars, armies scout the countryside. In cyberwars, they'll scout the Internet.

The Internet is made up not just of wires, routers and servers; it's made up of the data crossing it. Those who fight cyberwars will mine vast amounts of data in an attempt to find nuggets of information. They'll look for patterns of use and relationships that otherwise would escape notice.

To find those patterns and information requires massive and constant data gathering, on a scale likely not being done by the government. Constantly gathering that kind of information would probably be illegal.

That's why you'll see government outsourcing its intelligence gathering to companies that already do the work legally -- and primarily that means Google.

I'm not saying that Google will purposefully gather information for the federal government. Instead, the government will legally tap into Google's already in-place information gathering, by issuing subpoenas on a regular basis.