If a top intelligence expert said America was not prepared for war and, indeed, that if we went to war “we would lose,” that would worry you, wouldn’t it? Start worrying.
The expert is Mike McConnell, who served as director of the National Security Agency under President Clinton and as director of national intelligence under President Bush. He was referring not to a conventional war, a guerrilla war, or an insurgency. He was referring to a cyberwar. But understand: Cyberwar does not mean fun and video games. McConnell told a Senate committee last week that the risk we face from cyberattacks “rivals nuclear weapons in terms of seriousness.”
Cybercombatants could cause massive blackouts lasting for months. They could destroy the electronic processes on which our banking, commerce, and financial systems have been built, stealing — or simply wiping out — vast amounts of wealth. They could put our air-transportation system in jeopardy. They might even be able to cripple our defense and national-security infrastructures. It is possible to defend against such threats. But we are not doing it adequately.
McConnell has been sounding this alarm for some time. Most of the media, and therefore most Americans, have not been paying attention.
Almost a year ago, Jim Lewis, director of the Center for Strategic and International Studies, told 60 Minutes’s Steve Kroft that in 2007 America suffered “an espionage Pearl Harbor. Some unknown foreign power, and honestly, we don’t know who it is, broke into the Department of Defense, to the Department of State, the Department of Commerce, probably the Department of Energy, probably NASA.”
After that, you’d think a serious and comprehensive cyberdefense program would have been initiated. But in an op-ed published in the Washington Post on Sunday, McConnell warned that the U.S. government has “yet to address the most basic questions about cyber-conflicts. . . . We lack a cohesive strategy to meet this challenge.”
Add to that the growing menace of cybercrime, which Joseph Menn, in his brilliant and disturbing book, Fatal System Error, says is already a “shadow economy that is worth several times more than the illegal drug trade, that has already disrupted national governments, and that has the potential to undermine Western affluence and security.”
If cybercrime is not curbed, Menn predicts, it is likely to get “far worse — potentially wiping out faith in electronic transactions and rendering the Internet unfit for more than entertainment and informal, quasi-public communication.”
What about the nightmare scenario of cybercriminals and cybercombatants joining forces? That’s already happening. In February of last year, Adm. Dennis Blair, President Obama’s director of national intelligence, said in Senate testimony that “powerful, high-profile Eurasian criminal groups often form strategic alliances with senior political leaders and business tycoons and operate from a relative safe-haven with little or no fear of international arrest and prosecution.”
“The full truth,” Menn writes, “is that a number of enormously powerful national governments, especially those of Russia and China, have picked up the blossoming of the Internet age as the time to ally with organized crime. . . . The Russian government, and possibly the Chinese government, has access to minds capable not only of stealing millions upon millions of dollars, but potentially disrupting the Western economy. Why wouldn’t they encourage additional research to nurture such a weapon?”
The Chinese have been candid about the opportunity opened to them by American vulnerabilities. Menn notes that Chinese military analyst Wang Huacheng, in a 2000 paper, described U.S. reliance on information technology and the Internet as “soft ribs and strategic weaknesses.” Chinese forces are known to have penetrated Sandia National Laboratories and several U.S. military sites. Air Force Maj. Gen. William Lord said the Chinese downloaded “ten terabytes of data, the same amount contained in the Library of Congress.”
Terrorists are penetrating cyberspace as well. Menn reports that “three British jihadists convicted in 2007 for inciting murder used access to a database with 37,000 stolen credit cards to buy 250 airline tickets, night-vision goggles, hundreds of pre-paid cell phones, GPS devices and more — $3.5 million in total purchases – to assist others in the movement.”
Could Iranian-linked or al-Qaeda jihadists do the same — on their own or by making common cause with either cybercriminals or cybercombatants from countries ruled by regimes that would like to see harm done to the United States? All too easily.
Menn says that the Bush administration’s “response to the cyberwar threat was abysmal.” As for President Obama, he “initially appeared to be getting the picture,” noting in an early presidential speech: “Our defense and military networks are under constant attack.” But during Obama’s first year in office little has been done to protect America from cybercombatants, cybercriminals and cyberterrorists.
The good news is that there are solutions. “The problem is not one of resources,” McConnell says, “even in our current fiscal straits, we can afford to upgrade our defenses.” But he also predicts that the United States may have to suffer a catastrophic cyberattack before the public demands that its leaders make this threat a top priority.
The Senate has been working for almost a year, under the leadership of Sens. John Rockefeller (D. W.Va.) and Olympia Snowe (R., Maine), on a bill that would be at least a step in the right direction. It would call for a “comprehensive cyberstrategy, identify key roles of all important players in government-led cybersecurity efforts,” and recommend that there be a Senate-confirmed, cabinet-level cybercoordinator.
After the collapse of the Soviet Union in 1991, national security was put on a back burner. One consequence was the terrorist attacks of Sept. 11, 2001. Today, despite military commitments in Iraq and Afghanistan, national security still is not the priority it needs to be. For many politicians, academics, and journalists, such issues as health care and “climate change” are much more urgent.
America has built an incredible high-tech society. But it is flying on gossamer wings. Our enemies know how fragile it is. So do we. The difference is they will do everything they can to destroy it. And we’re not doing everything we can to defend ourselves and to defeat them.
– Clifford D. May, a former New York Times foreign correspondent, is president of the Foundation for Defense of Democracies, a policy institute focusing on terrorism and Islamism.