. . . But What Is “Cyber”?
Cyberwar. Cyberdefense. Cyberattack. Cybercommand.
You run across these four words before you finish the first paragraph of this New York Times story (as reposted on msnbc.com). It’s about government plans to secure our technical infrastructure.
When you reach the end of the story, though, you still don’t know what it’s about. But you do get a sense of coming inroads against Americans’ online privacy.
The problem, which the federal government has assumed to tackle, is the nominal insecurity of networks, computers, and data. And the approach the federal government has assumed is the most self-gratifying: “Cyber” is a “strategic national asset.” It’s up to the defense, intelligence, and homeland security bureaucracies to protect it.
But what is “cyber”?
With the Internet and other technologies, we are creating a new communications and commerce “space.” And just like the real spaces we are so accustomed to, there are security issues. Some of the houses have flimsy locks on the front doors. Some of the stores leave merchandise on the loading docks unattended. Some office managers don’t lock the desk drawers that hold personnel files. Some of the streets can be too easily flooded with water. Some of the power lines can be too easily snapped.
These are problems that should be corrected, but we don’t call on the federal government to lock up our homes, merchandise, and personnel files. We don’t call on the federal government to fix roads and power lines (deficit “stimulus” spending aside). The federal government secures its own assets, but that doesn’t make all assets a federal responsibility or a military problem.
As yet, I haven’t seen an explanation of how an opponent of U.S. power would use “cyberattack” to advance any of its aims. If it’s even possible, which I doubt, taking down our banking system for a few days would not “soften up” the country for a military attack. Knocking out the electrical system in one region of the country for a day wouldn’t let Russia take control of the Bering Strait. Shutting down Americans’ access to Google Calendar wouldn’t advance Islamists’ plans for a worldwide Muslim caliphate.
This is why President Obama’s speech on cybersecurity retreated to a contrived threat he called “weapons of mass disruption.” Fearsome inconvenience!
The story quotes one government official as follows:
“How do you understand sovereignty in the cyberdomain?” General Cartwright asked. “It doesn’t tend to pay a lot of attention to geographic boundaries.”
That’s correct. “Cyber” is not a problem that affects our sovereignty or the integrity of our national boundaries. Thus, it’s not a problem for the defense or intelligence establishments to handle.
The benefits of the online world vastly outstrip the risks – sorry Senator Rockefeller. With those benefits come a variety of problems akin to graffiti, house fires, street closures, petit theft, and organized crime. Those are not best handled by centralized bureaucracies, but by the decentralized systems we use to secure the real world: property rights, contract and tort liability, private enterprise, and innovation.
Cyber Security “Facts”
National Journal‘s “Expert Blog” on National Security asked me late last week to comment on the question, “How Can Cyberspace Be Defended?” My comment and others went up yesterday.
My response was a fun jaunt through issues on which there are no experts. But the highlight is the response I drew out of Michael Jackson, the former #2 man at the Department of Homeland Security.
It does little to promote serious discourse about the truly grave topic of cyber security threats to begin by ridiculing DHS and DOD as “grasping for power” or to suggest that President Obama has somehow been duped into basing his sensible cyber strategy on “a lame and corny threat model called ‘weapons of mass disruption.’” It shows ignorance of the facts to deny that cyber vulnerabilities do indeed present the possibility of “paralyzing results.”
Jackson neglects to link to a source proving the factual existence of “paralyzing” threats to the Internet — he’d have to defeat the Internet’s basic resilient design to do it. (Or he has collapsed the Internet, the specific way of networking I was talking about, with “cyber” — a meaningless referent to everything.) But the need for tight argument or proof is almost always forgiven in homeland security and cyber security, where the Washington, D.C. echo-chamber relentlessly conjures problems that only an elite bureaucracy can solve.
In another comment — not taking umbrage at mine, but culturally similar to Jackson’s — Ron Marks, Senior Vice President for Government Relations at Oxford-Analytica, says, “Cyberterrorism is here to stay and will grow bigger.” The same can be said of the bogeyman, but the bogeyman isn’t real either.
(To all interlocutors: Claiming secrecy will be taken as confessing you have no evidence.)
Jackson’s close is the tour de force though: “Good people are working hard on these matters, and they deserve our unwavering financial and personal support. For now and for the long-term.”
A permanent tap on America’s wallets, and respect on command? Sounds like “grasping for power” to me.
Cato on Facebook
Cato on Twitter
Cato on Google+
Cato on YouTube
