Cyberscares About Cyberwars Equal Cybermoney

Watching the Cybermilitary-Industrial Complex Form

As though we don't have enough to be afraid of already, what with armed
lunatics mowing down military recruiters and doctors, the H1N1 flu
virus, the collapse of bee populations, rising sea levels, failed and
flailing states, North Korea being North Korea, al-Qaeda wannabes in
New York State with terrorist aspirations,
and who knows what else -- now cyberjihadis are evidently poised to
steal our online identities, hack into our banks, take over our Flickr
and Facebook acccounts, and create havoc on the World Wide Web.

Late last year, in a 96-page report, Securing Cyberspace for the 44th Presidency, the Center for Strategic and International Studies (CSIS) warned
that "America's failure to protect cyberspace is one of the most urgent
national security problems facing the new administration." In a similar
fashion, Dr. Dorothy Denning, a cybersecurity expert at the Naval
Postgraduate School, has just described the Internet as a "powerful tool in the hands of criminals and terrorists." And they're hardly alone.

To this fear chorus, our thoughtful, slow-to-histrionics President added his voice in a May 29th East Room address:

"In today's world, acts of terror could come not only
from a few extremists in suicide vests but from a few key strokes on a
computer -- a weapon of mass disruption... This cyberthreat is one of the
most serious economic and national security challenges we face as a
nation."

Uh-oh, and as we know, cybercrime is already on the rise. According to
the president, the U.S. experienced 37,000 cyberattacks in 2007, an
800% increase from 2005. He referenced a study estimating
that cybercrime has cost Americans $8 billion in the last two years. A
trillion dollars worth of business information has reportedly been
stolen from the corporate world.

For Barack Obama, cybercrime is personal. During his bid for the
presidency, someone hacked into his campaign's secure network and
gained access to sensitive strategy documents and calendars.

Last year, a malicious computer virus hit the U.S. military, infecting
thousands of computers and forcing soldiers to give up their thumb
drives, changing the way they share information among computers. The
Pentagon claims it fended off
some 360 million attempts -- yes, you read that right! -- to break into
its networks last year alone, a monumental leap from a "mere" 6 million
tries in 2006.

In one such attempt, cyberspies hacked into the F-35 Joint Strike
Fighter project, the Air Force's most advanced and, at $300 billion,
most expensive jet fighter under production. According to the Wall Street Journal,
they "compromised the system responsible for diagnosing a plane's
maintenance problems during flight." In April, Defense Secretary Robert
Gates told60 Minutes' Katie Couric that the U.S. is "under cyberattack virtually all the time, every day." The Pentagon recently admitted that it spent $100 million in the past six months repairing damage caused by cyberonslaughts.

Cyberczar to the Rescue

In his speech, President Obama also insisted that help was on the way
as he announced the establishment of a new Cybersecurity Office within
the White House. It was, he assured Americans, meant to coordinate all
government activities to protect U.S. computer networks, while
promoting collaboration among a confusing landscape of federal
cybergroups with "overlapping missions." Our digital infrastructure, he
said, was the "backbone that underpins a prosperous economy and a
strong military and an open and efficient government." As such, he
proclaimed it "a strategic national asset," which meant that
"protecting it is a national security priority."

All will be better, promised the Blackberry President, once his
cyberczar, or "cybersecurity coordinator" is selected. "I will
personally select this official," he pledged.
"I'll depend on this official in all matters related to cybersecurity
and this official will have my full support and regular access to me as
we confront these challenges."

Keep in mind that the president is more than a little czar crazy,
perhaps because the vague post of czar (of whatever) turns out not to
require confirmation from a somewhat slow and balky Senate, even as it
brings instant attention to some new aspect of his mega-agenda. He has
already picked his Border Czar, Drug Czar, Counterterrorism Czar, Urban
Affairs Czar, and Climate Czar, just to name a few. Foreign Policycounts
a staggering 18 Obama czars in all. His still unnamed cyberczar will
report to the National Security Council and the National Economic
Council.

Many of these new czars have offices within the White House from which
they can (theoretically) oversee policy, coordinate among agencies,
streamline decision-making, and give a particular issue or area added
weight and prominence. In reality, such appointments historically tend
to put yet another cook in a chaotic kitchen, while adding a new layer
of bureaucracy to already jumbled layers of the same. As Paul Light, a
government professor at New York University, told the Wall Street Journal, "There've been so many czars over the last 50 years, and they've all been failures. Nobody takes them seriously anymore."

I feel better already! Except I do have a small question: How did the
word "czar" morph from the title of a discredited autocrat half a world
away to the description of a supposedly influential White House
official? And why are all these czars jostling for power and order in a
democratic government?

That aside, web-surf is up! And here's the good news: the United States
is not just playing cyberdefense. Admittedly, the administration's plan
for cyberoffense -- you know, to hack into networks not our own -- did
not get as much news buzz as the cyberczar, but don't be fooled: the
military is already on the job, mounting an invasion of a whole new
territory, cyberspace!

The New Nightmare: Preparing for Cyberwar

Yes, the Pentagon sees cyberspace -- that expansive online
constellation of worlds that never sleeps even when our computers are
off -- as another battlefield terrain no different from the mountains
of Afghanistan or the cities of Iraq (except that maybe on virtual
battlefields we can actually win).

In
an exhaustive 350-page look at U.S. cyberattack capabilities put out in
April 2009, the National Research Council's Committee on Offensive
Information Warfare concluded
that "enduring unilateral dominance in cyberspace is neither realistic
nor achievable by the United States." Despite that cautionary word,
this very month the Pentagon has moved to establish a new Cybercommand
that won't shy away from either the word "unilateral" or "dominance."
CyCom, as it's already known, will "develop cyberweapons for use in
responding to attacks from foreign adversaries" under the direction of
Lieutenant General Keith B. Alexander, who will add another star to his
three in the move from the National Security Agency to his new command.

In pursuit of the elusive, impossible dream of unilateral dominance in cyberspace, Defense Secretary Gates is looking
to more than quadruple the number of cyberofficers by 2011; and though
he didn't put a dollar figure on it, as the military services all rush
to add "cyber" to their portfolio, the monies are going to add up fast.
How much? Kevin Coleman, a consultant to the U.S. Strategic Command,
which will house CyCom, estimates between $50 billion and $70 billion a year for cyberactivities in future Pentagon budgets.

Sounds good! But here's what I want to know: Can my avatar have long
black hair, knee-high boots, and the pass codes to access some of those
billions?

As it happens, cyberwar was a Washington preoccupation under President
George W. Bush, too. Last year, his Director of National Intelligence
Mike McConnell warned
that a cyberattack on a U.S. bank "would have an order of magnitude
greater impact on the global economy" than September 11, 2001, and he
compared the potential ability of cybercriminals to threaten the U.S.
money supply to a nuclear weapon. How do you fact-check such scare
chatter, especially now that the global economy has proved itself quite
capable of imploding with devastating impact without a cyberattack in
sight?

No matter. Rest assured of one thing: even before the first bot is
shot, a down-and-dirty, low-intensity conflict is already well
underway. Think of it as a turf war with a twist.

Cyberturf Wars

At the moment, cybersecurity activities and responsibilities are spread
across the Department of Defense, the Department of Homeland Security,
the Office of Management and Budget, and an alphabet soup of
intelligence agencies, all claiming cyberspace -- with its secret codes
and captured data -- as their own. And then there are the uniformed
military services: the Navy, Air Force, and Army, all worried about the
budgetary future, are desperately interested in securing a large slice
of the cyberpie.

When you survey the cyberlandscape, maybe President Obama is right. It
could take a veritable Peter the Great of czars to impose a workable
structure on the existing labyrinth of competing and proliferating
cyberbureaucracies.

Among them all, the Air Force has been the most proactive and aggressive. They just established
the 24th Air Force, a new numbered wing, just for the cyberwarfare
mission. It will be based in San Antonio, Texas, thanks to Republican
Senator Kay Hutchinson, who aggressively courted the Air Force with
Texan hospitality. In a press release celebrating her acquisition,
Hutchinson bragged that the move will make "San Antonio a key component of our national strategy to defeat the cyber threat."

In mid-May, Major General William Lord, the provisional head of
AFCyber, played host to military-industrial representatives, telling
them that the "cyber arena is filled with new business opportunities."
Cyberspace is, he suggested, new territory and he called on Lockheed Martin, Raytheon, and other high-tech military firms to seize the day. ("We can't do this without you.")

He needn't have said a word. Like the proliferation of competing
agencies, the formation of a cybermilitary-industrial complex (made up
mainly of the giant corporations already in the non-cyber version of
the same) is quite predictable. In fact, it's already starting to
happen. After all, the new cyberspace mission promises more than just
Top Gun excitement; it will be worth billions of dollars in a quickly
shifting security environment.

As early as 2005, the Air Force saw the light on this one, and losing
ground to the Army, Navy, and Marines in the boom-times of the Global
War on Terror, began moving into cyberspace. It's never stopped. As
Lewis Page, a defense correspondent for the Register, a British online tech magazine, points out:
"The Air Force's traditional business of operating expensive manned
aircraft has been somewhat undercut of late by the proliferation of
much cheaper flying robots often operated by the Army, Navy or
Marines."

In the fight for the future cyberbudget, then, the Air Force's enemies
"are not so much terrorists or sinister foreign powers as the other
U.S. Armed Services," writes Page. With new relevance, of course, come
new funds. As a start, when the Air Force sent its $143.8 billion
budget request for fiscal year 2009 to Congress, it tacked on a list of as yet unfunded budget requirements, including nearly $400 million for cyber-related equipment and activities.

The Navy is now in on the game, too. It naturally established a Naval
Cyber Forces Command because, as it likes to say, "cyberspace has
become the global battlespace." According to Government Executive, the Navy plans to appoint a three-star Vice Admiral to head its new cybercommand, outranking the Air Force's top cyber flyboy.

Not to be outdone, the Army has set up its own cyberoutpost: the Network Warfare Battalion. Its 2009 Posture Statement asserts
that its troops are "executing cyberspace operations" against "a
significant and growing cyberthreat" and concludes that, in order to
"maintain our dominance in cyberspace, the Army will continue to grow
our abilities to better defend our own networks and have capabilities
in place to conduct network warfare against adversary networks."

The initial loser in the great cyberbattle appears to be the Department
of Homeland Security, that bureaucracy for our old fears. Established
in the wake of September 11, 2001, it quickly became a
Frankenstein-like mess of more than 22 agencies, on which the Bush
administration also downloaded responsibility for cyberoperations. Now,
however, it is getting consistently low marks for cybersecurity from
places like CSIS and the Government Accountability Office. "Oversight
for cybersecurity must move elsewhere," is what James Lewis, senior
fellow at CSIS, told Congress.

Industry Logs On

The true beneficiaries of the military's cyberturf war are sure to be
the major Pentagon contractors that have been positioning themselves to
absorb Washington's new cyberdollars just as they have absorbed war
dollars, terror dollars, and homeland-security dollars. Lockheed
Martin, Northrop Grumman, and General Dynamics have already launched a
frenzy of buying in the area, gobbling up smaller tech companies and
courting cyberinnovators. In 2007, for instance, Northrop Grumman
purchased the Essex Corporation, a cybertech company, which CEO Ronald
Sugar says has "grown significantly" since then.

Military contractors have also been taking on hordes of "cyberninjas"
to learn more about hackers. These young laborers have landed in one of
the few sectors of the economy hiring these days. A recent New York Times description of their work environment should be enough to set screenwriters' pens twitching.

"At a Raytheon facility here south of the Kennedy Space
Center, a hub of innovation in an earlier era, rock music blares and
empty cans of Mountain Dew pile up as engineers create tools to protect
the Pentagon's computers and crack into the networks of countries that
could become adversaries. Prizes like cappuccino machines and stacks of
cash spur them on, and a gong heralds each major breakthrough."

The Only Thing We Have to Fear Is [Fill in the Blank]

Is the United States really in a hypercrisis that warrants putting the
word cyber in front of everything and multibillions more in the pockets
of military-industrial corporations?

If you listen to official Washington today, the answer is a resounding
yes. But is the real threat any more insidious than malware and
botnets? Is it really life and system threatening? Is it where we
really want to invest our money?

Without a doubt, cybercrime -- and even cyberterrorism -- pose actual
dangers. But listening to all the scare-talk about cyberwar, we tend to
forget that the most gruesome wars today are being fought with
machetes, AK-47s, and crude improvised explosive devices fashioned out
of repurposed walkie-talkies. The fact is that some of the most
devastating wars of the future will be fought over food, water, and
land, not to speak of religion, and those engaged in their brutal,
messy battles will probably never log on to a computer or download a
file.

Certainly, cyberterrorism is a novel and sexy label, grist for next
year's high-budget movies and summer pulp fiction. But in Washington
it's likely to turn out to be little more than a new catchword in a
predictable drama of contracts, turf, and corporations, of agencies and
military services intent on capturing taxpayer dollars and winning or
losing intra-bureaucratic wars.

The story of how politicians, the Pentagon, and contractors conspire to
inflame our fears with well-hyped threats of future cataclysm and then
offer high-tech, highly bureaucratic, unbelievably expensive solutions
that result in lots of weapons contracts, lots of corporate/military
conferences, a few blue-ribbon studies, but no significant threat
reduction is really the story of our time.

And when this threat wanes, or simply starts to look more real and a
lot less cataclysmic, it's time, of course, to bring out the next
boogeyman.

© 2023 TomDispatch.com