Pentagon: If You Don't Let The US Gov't Spy On Your Network, You Place American Lives At Risk

from the moral-panics? dept

The whole "cyberterorrism" fear mongering is being taken to even more extreme levels. At the Strategic Command Cyber Symposium, William Lynn III, the deputy defense secretary apparently told the audience that companies who operate critical infrastructure need to let the US install monitoring equipment or it puts everyone at risk. The NSA has apparently developed a monitoring system called Einstein (I wonder if they paid the license fee), and want to let companies "opt-in" to installing the gov't's system on their own systems, or face the "wild west" and put everyone at risk. This sounds like blatant fear mongering to let the government tap into all sorts of private infrastructure systems. After all, the government has shown, time and time again, that once it gets access to information, it doesn't take those whole "oversight" or "privacy rights" issues particularly seriously.

Filed Under: cyberwar, einstein, government, monitoring, networks

More Companies Looking To Cash In On So-Called 'Cyber War'; Press Buys Questionable Claims

from the fact-checks? dept

We've been discussing the manufactured buzz around the concept of a "cyberwar," despite the lack of any real evidence of anything beyond some typical espionage efforts with a bit of vandalism thrown in for color. However, for the companies building up the buzz, it's proving to be quite profitable, and it appears others are rushing to get in on the gravy train -- and they're using the unquestioning press to push the claim along. Take, for example, this Reuters article, that is all about how British aerospace/defense contractor giant BAE is now trying to cash in on the US government's new obsession with "cyberwar." The article opens in a cinematic fashion:

Threats to sensitive computer networks lurk everywhere and with a few mouse clicks, organized criminals and hackers could shut down vital networks that run the U.S. government, industry and military.

Source for that? None. Details? None. Evidence? None. Explanation for why vital networks that run the U.S. government and military are connected to the open internet? None. Explanation for why if all it takes is a few mouse clicks, no one has actually taken down these networks yet? None. In fact, that opening is never revisited or explained. Instead, it's taken for granted along with what's effectively a press release for BAE's new "cyber center" in (of course) Washington DC. If this keeps up, perhaps Techdirt will need to open a "cyberwar" division just to cash in on this hype.

Filed Under: cyberwar, politicians, press
Companies: bae

Still Don't Know What Cyberwar Is... But The US Has A Cyberwar General Now

from the that-ought-to-help dept

It's still not clear that anyone really knows what a cyberwar is, beyond a way for some gov't contractors to scare up hundreds of millions of dollars, but Slashdot points us to the news that the US has now appointed its first "cyberwar general." The report also notes that "the US Air Force disclosed that some 30,000 of its troops had been re-assigned from technical support "to the frontlines of cyber warfare". I recently heard an interview with the head of the US Air Force academy, where he repeatedly noted that the Air Force was in charge of "cyber" warfare as well. And yet, we still haven't seen any details about what this cyberwarfare threat is. We just keep hearing amorphous claims about hacking attacks that are clearly annoying, but hardly to the level of "warfare." All of this seems to be an attempt to build up malicious computer hacking to make it seem like a bigger "threat" than it really is.

Filed Under: cyberwar, general, politicians

Now That We're All Afraid Of A Cyberwar, The Gov't Starts Legislating

from the well-that'll-fix-things dept

We've discussed the overhyped moral panic around the concept of a cyberwar, and how the term is abused -- potentially just as a way for government contractors to get hundreds of millions in easy government contracts. And, it looks like that process has only just begun. Senator Joe Lieberman is apparently about to unveil a "Cybersecurity" bill that doesn't seem to attack any real issue in making the government more secure. Instead, it looks like it really just seeks to limit competition in what government agencies can purchase. In other words, it'll just make things more expensive for the government, while probably not doing much to make anything or anyone more secure.

Filed Under: cyberterrorism, cyberwar, politicians

Pushing Cyberwar Moral Panic Apparently Quite Profitable For Booz Allen

from the spreading-fear-for-money dept

A few months ago, people began questioning the difference between reality and rhetoric when it came to the "threat" of "cyberwar." Many of the claims were clearly exaggerated with people purposely confusing script kiddies doing basic vandalism with some sort of organized "war" or threat. One of the folks, who has been given the most attention for playing up this threat, is former director of national intelligence, Michael McConnell, who just happens to have scored a job as a top exec at Booz Allen. So it seems worth noting that Booz Allen has racked up over $400 million in gov't contracts in just the past few weeks. Of course, most of the press that McConnell has been able to get about this issue plays up his former gov't role, but plays down the fact that his new job seems to be scaring the gov't into shoveling truckloads of cash to Booz Allen, no matter how serious the "threat" really is.

Filed Under: cyberterrorism, cyberwar, michael mcconnell, moral panic, politicians
Companies: booz allen

Dear Journalists: There Is No Cyberwar

from the period dept

At the beginning of April, we noted that director of national intelligence, Michael McConnell, who's now consulting for some firms that would profit greatly from a re-architecting of the internet, is going around pushing a ridiculous moral panic about "cyberwar" and how we basically need to break the internet and get rid of all privacy and anonymity. Forget your civil liberties, there's money to be made in scaring people. While even the US "cybersecurity" czar tried to throw some cold water on these claims, the press sure does love bogus "cyberwar" stories, despite the lack of proof that there is any such thing or that it could do any real damage.

It's being helped along, of course, by another former government official, Richard Clarke, who is selling a new book all about "Cyberwar" (in fact, that's the title), leading to all sorts of news stories about how the US is at risk in this "cyberwar."

The problem, of course, is the same as we described back in March: the people playing up the whole "cyberwar" threat are simply lumping together basic vandalism -- the kind done by script kiddies, as if it's part of a war. If that's the definition of a "war," you can find it going on around the country, anywhere there are kids and spray paint. Thankfully, Tom Lee has written a scathing critique of dumb journalistic coverage of this whole "cyberwar" crap:

The piece starts out by discussing Russian vandals' successful efforts to screw with the Georgian government’s website -- something that can be plausibly done by a disaffected teenager -- then jumps rapidly to "monkey[ing] with GPS" which involves, you know, satellites, or at least skill at building, concealing and fortifying radio transmitters; and, if anything other than a braindead denial of service, would also require the discovery of a novel attack on the system's design. These things are much harder than checking to see if the recently-launched website of a small ex-Soviet country is running slightly outdated software that someone else has written an exploit for....

Disrupting the operation of a website is very different from disrupting the operation of the internet, which is very different from interfering with military communication systems, which is very different from interfering with military battlefield communication systems, which is very different from being susceptible to the interception of digital communications. But all of these things are just jammed together, mindlessly.

What kinds of electronic attack are possible? To what extent are our defense systems susceptible to them -- in particular, are those systems at all tangled up with the internet? If not, what economic consequences could plausibly be inflicted on our country by disruption of the internet, and how do they compare to the historical example of, say, a blockade? If an online attack originates from overseas, what countermeasures are available? And do we have a protocol in place with the major backbone operators to implement them?

None of these questions are asked or answered. Blah blah blah cyber. That's it, over and over.

Welcome to the next moral panic that's more about taking away your rights in an attempt to make some ex-politicians rich.

Filed Under: cybersecurity, cyberwar, michael mcconnell, moral panic

White House Cyber Security Guy: There Is No Cyberwar

from the now-if-only-the-rest-of-the-press-would-recognize-this dept

We recently wrote how some special interests have been playing up the idea that there's some sort of cyberwar going on that the US is losing. Of course, there have been similar claims going back for a decade, without anything to support it. Are there state-supported hackers breaking into computers of other countries? Absolutely. Does that reach the level of "cyberwar"? Not at all. At best its a bit of espionage and maybe a tiny bit of sabotage, but escalating it to the cyberwar level only is good for companies trying to sell "solutions." Thankfully, it sounds like there's actually some sanity in the White House over this, as the top cybersecurity adviser to the president, Howard Schmidt, is playing down the whole "cyberwar" rhetoric in an interview with Wired:

"There is no cyberwar," Schmidt told Wired.com in a sit-down interview Wednesday at the RSA Security Conference in San Francisco.

"I think that is a terrible metaphor and I think that is a terrible concept," Schmidt said. "There are no winners in that environment."

Instead, Schmidt seems to be focused on the real issue: espionage. Hopefully, Schmidt's view prevails, and other politicians aren't swept into the moral panic around a non-existent "cyberwar."

Filed Under: cyberwar, howard schmidt, security

Cyberwar Or Moral Panic? Beware Of Ex-Politicians Screaming About Cyberthreats

from the let-it-go dept

For years and years we've been hearing about the supposed threats of "cyberwar" and "cyberterrosism." For nearly a decade we've questioned whether this was all hype, and the story hasn't changed. Sure, there are hackers and those who look to break into systems, but the real risks and overall threats still seem fairly minimal. But that's not enough for some people. Wired's Ryan Singel has a long, but excellent look at how former director of national intelligence (now consultant) Michael McConnell appears to be trying to build up a giant moral panic about this ill-defined threat, with the goal of basically ripping out the guts of today's internet to recreate it with almost no privacy at all. He recently claimed:

We need to re-engineer the Internet to make attribution, geo-location, intelligence analysis and impact assessment -- who did it, from where, why and what was the result -- more manageable

In other words, we need to be able to spy on everyone. To build up this moral panic, McConnell isn't even just getting the press to write articles for him -- he's doing it himself. The Washington Post recently gave him op-ed space to ridiculously claim that the recent hack on Google showed we're "losing the cyberwar." Yet, as Singel points out, that was entirely different. It wasn't warfare, it was espionage. McConnell also played up some bogus threats, such as some old viruses and botnets that are hardly part of some dangerous "cyberwar."

Singel then goes on to connect McConnell's efforts with various other political proposals lately -- suggesting that the government is moving towards more control of the internet and more monitoring. At times, unfortunately, the piece feels like it slips a bit into conspiracy theory territory -- but McConnell's efforts certainly appear questionable. He's pushing a bogus "threat" and he works for a company that could profit tremendously from any "response" to such a threat. That seems like a massive conflict of interest that a lot of people are ignoring.

Filed Under: cyberterrorism, cyberwar, michael mcconnell, moral panic, politicians

In A World Of Global Commerce... Does Gov't Cyber Espionage Get In The Way Of Business?

from the changing-times dept

Back in 2001 there were a series of hyped up articles about how the Chinese were hacking American websites. People later realized that there was a lot more hype than substance to those articles (which, it was later discovered, were kicked off by a writer who eventually was accused of making up many stories written for a variety of mainstream press publications). However, the latest news suggests that folks in the Chinese military may have actually hacked into a defense department computer, leading to all the standard talk of "cyberwar." Of course, once again, the important details were missing. It's not clear the hack attacks actually did anything serious or accessed any important data.

A more important point may be that these types of attacks can be quite counter-productive. A recent report in Germany also had found that the Chinese military had at least tried to hack into gov't computers there -- and it's simply hurting the ability of Chinese tech firms to sell their goods abroad. In other words, while it may be true that the Chinese military may be trying to hack into computers of various governmental agencies around the world, doing so could actually end up causing quite a bit more pain to the Chinese economy. That hardly seems productive.

Filed Under: china, cyberwar, hacking, pentagon