Senators ramp up cyberwar rhetoric
In wake of attacks on Google, Rockefeller and Snowe say nation needs to be prepared for battle in cyberspace
Computerworld - The authors of a recently introduced U.S. Senate bill today urged the country to prepare for a cyberwar in an editorial that is likely to further dismay those who favor toning down the rhetoric stemming from the recent attacks against Google.
Sens. Jay Rockefeller (D-W.Va) and Olympia Snowe (R-Maine), who earlier this month proposed the Cybersecurity Act, today warned in the The Wall Street Journal that the country is at risk of cyberwar.
The op-ed piece (subscription required) says the U.S. needs to prepare for cyberattacks that have the potential to "disrupt or disable vital information networks" and "cause catastrophic economic loss and social havoc." It also states that national and economic security are at risk from such cyberattacks. The senators point to recent comments made by Mike McConnell, the former director of national intelligence, warning that the U.S is already in the midst of a cyberwar -- a cyberwar that it is losing.
Today's editorial appears largely designed to garner broad support for the proposed Snowe-Rockefeller bill. The bill, introduced earlier this month, seeks, among other things, to strengthen cybersecurity by fostering better partnerships between the public and private sectors. It would also create the position of a Senate-confirmed national cybersecurity adviser and would require the president to work closely with key private sector executives in the event of a cyber crisis.
The bill also calls for a public awareness campaign to make basic cybersecurity principles "as familiar as Smokey the Bear's advice for preventing forest fires," the senators wrote.
The proposed bill has its share of supporters, but the cyberwar rhetoric being used to justify the need for such measures is viewed skeptically by growing numbers of IT security professionals. Warnings about cyberwar, especially in the wake of the China-based attacks against Google and more than 30 other high-tech companies, is unnecessary overhyping of what's going, some experts say.
One of them is noted security researcher Marcus Ranum, chief security officer at Tenable Network Security Inc. In an opinion piece in U.S. News and World Report earlier this week, Ranum warned that the cyberwar rhetoric is scarier than actual war.
"Suddenly, the steady drumbeat of computer/network security has been pushed to center stage, and now our government is talking about 'cyberwar' and pointing a finger at China," Ranum wrote. "Unless you've been asleep for a decade, you ought to be worried when our government starts using the rhetoric of warfare -- especially vocabulary like 'preemptive' and 'deterrence.'"
Ranum today said that concerns about catastrophic economic losses and social havoc stemming from a cyberwar are misplaced.
"When some cyberwar pundit starts talking hellfire and damnation, you need to ask them whether their scenario is going to have the physical and psychological impact of a New Orleans flood or a 9/11," Ranum said in e-mailed comments to Computerworld. The types of disruptions that some people claim cyberwar will cause, such as large-scale power blackouts, are unlikely to result in the kind of mayhem that is being assumed, he said. Many "experience power failures sometimes lasting days -- because of winter weather -- and we don't dissolve into chaos," he said.
Ranum's views are similar to those of a growing number of other experts. James Lewis, who headed a team that developed a set of cybersecurity recommendations for President Obama, recently wrote about the issue in a blog. The nation is not in the middle of a cyberwar, Lewis stressed.
Drawing a comparison to traditional warfare, he noted that it's unlikely that a country would preemptively launch a missile strike against critical infrastructure in the U.S., because it would fear massive retaliation. The same holds true for cyberwar, said Lewis, who is a senior fellow and program director at the Center for Strategic and International Studies. "Foreign leaders will not lightly begin a war with the United States," he said. "And the risk of cyberwar is too high for frivolous or spontaneous engagement."
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts