Senators ramp up cyberwar rhetoric
In wake of attacks on Google, Rockefeller and Snowe say nation needs to be prepared for battle in cyberspace
Computerworld - The authors of a recently introduced U.S. Senate bill today urged the country to prepare for a cyberwar in an editorial that is likely to further dismay those who favor toning down the rhetoric stemming from the recent attacks against Google.
Sens. Jay Rockefeller (D-W.Va) and Olympia Snowe (R-Maine), who earlier this month proposed the Cybersecurity Act, today warned in the The Wall Street Journal that the country is at risk of cyberwar.
The op-ed piece (subscription required) says the U.S. needs to prepare for cyberattacks that have the potential to "disrupt or disable vital information networks" and "cause catastrophic economic loss and social havoc." It also states that national and economic security are at risk from such cyberattacks. The senators point to recent comments made by Mike McConnell, the former director of national intelligence, warning that the U.S is already in the midst of a cyberwar -- a cyberwar that it is losing.
Today's editorial appears largely designed to garner broad support for the proposed Snowe-Rockefeller bill. The bill, introduced earlier this month, seeks, among other things, to strengthen cybersecurity by fostering better partnerships between the public and private sectors. It would also create the position of a Senate-confirmed national cybersecurity adviser and would require the president to work closely with key private sector executives in the event of a cyber crisis.
The bill also calls for a public awareness campaign to make basic cybersecurity principles "as familiar as Smokey the Bear's advice for preventing forest fires," the senators wrote.
The proposed bill has its share of supporters, but the cyberwar rhetoric being used to justify the need for such measures is viewed skeptically by growing numbers of IT security professionals. Warnings about cyberwar, especially in the wake of the China-based attacks against Google and more than 30 other high-tech companies, is unnecessary overhyping of what's going, some experts say.
One of them is noted security researcher Marcus Ranum, chief security officer at Tenable Network Security Inc. In an opinion piece in U.S. News and World Report earlier this week, Ranum warned that the cyberwar rhetoric is scarier than actual war.
"Suddenly, the steady drumbeat of computer/network security has been pushed to center stage, and now our government is talking about 'cyberwar' and pointing a finger at China," Ranum wrote. "Unless you've been asleep for a decade, you ought to be worried when our government starts using the rhetoric of warfare -- especially vocabulary like 'preemptive' and 'deterrence.'"
Ranum today said that concerns about catastrophic economic losses and social havoc stemming from a cyberwar are misplaced.
"When some cyberwar pundit starts talking hellfire and damnation, you need to ask them whether their scenario is going to have the physical and psychological impact of a New Orleans flood or a 9/11," Ranum said in e-mailed comments to Computerworld. The types of disruptions that some people claim cyberwar will cause, such as large-scale power blackouts, are unlikely to result in the kind of mayhem that is being assumed, he said. Many "experience power failures sometimes lasting days -- because of winter weather -- and we don't dissolve into chaos," he said.
Ranum's views are similar to those of a growing number of other experts. James Lewis, who headed a team that developed a set of cybersecurity recommendations for President Obama, recently wrote about the issue in a blog. The nation is not in the middle of a cyberwar, Lewis stressed.
Drawing a comparison to traditional warfare, he noted that it's unlikely that a country would preemptively launch a missile strike against critical infrastructure in the U.S., because it would fear massive retaliation. The same holds true for cyberwar, said Lewis, who is a senior fellow and program director at the Center for Strategic and International Studies. "Foreign leaders will not lightly begin a war with the United States," he said. "And the risk of cyberwar is too high for frivolous or spontaneous engagement."
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Gartner Report: A Guide to Gartner's Enterprise Mobile Security Self-Assessment Gartner introduces a model and a Toolkit intended to help mobility and security IT leaders assess their enterprise mobility programs from a security...
- Gartner Report: Containing Mobile Security Risks With the 80/20 Rule IT planners can deliver better mobile protection with higher user satisfaction by segmenting users into risk groups before committing to specific management or...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts