Right now, Chinese criminals and spies are targeting the United States and other countries in the biggest semi-organized campaign of theft and espionage in world history.
And it’s all being done online, through hacks, fraud and other Internet trickery.
But Americans—and especially our leaders—hardly know the first thing about “cyber” threats. And that badly complicates any organized response to Internet attacks.
We’re cyber dumb in an era of cyber danger.
That’s one of the main points that Brookings Institution scholars P.W. Singer and Allan Friedman make in their new book Cybersecurity and Cyberwar. Wonky-sounding though it may be, the book is a brisk and fun read—and terrifying.
“China is at the center of the largest theft in all of human history that is playing out right now,” Singer tells War is Boring, “with the intellectual property targets being vacuumed ranging from jet fighter designs to soft drink company negotiating strategies to academic papers.”
“Is it war in the traditional sense of politically motivated mass violence?” Singer asks rhetorically. “No. But it is something that matters hugely in economic and national security, especially when you think about all that investment, all those potential edges in the boardroom and maybe even future battlefields just lost.”
“Death by a thousand cuts does matter,” Singer stresses.
For all the talk lately about building cyber defenses—it’s one of the Pentagon’s few growth areas—most Americans and especially our politicians, don’t even understand how networks work, why they matter, where they’re vulnerable and how to protect them.
“We are in a strange place of being so incredibly reliant in communication, commerce, critical infrastructure, even conflict—98 percent of U.S. military comms goes over the Internet—and yet the topic is one that is largely stuck in this dangerous mix of ignorance and fear factor,” Singer explains.
“You can see it in all sorts of ways,” he points out. Seventy percent of business executives make cyber security decisions for their firms but have no cyber training, Singer says. Politicians make billion-dollar decisions about Internet policy and the military’s online capabilities and “then admit they don’t understand email.”
The ignorance is not uniquely American. Singer recalls his odd meeting with a European parliamentarian. “I realized all that he knew on cyber threats was from the movie Die Hard 4.”
The confluence of major threat with deep stupidity begs for nothing short of a massive overhaul of our Internet education.
And a smarter cyber defense could start by taking the problem seriously—and recognizing that online operations are unique enough to warrant their own dedicated organizations.
“Don’t treat the leadership of an important military command … as something to be ‘double-hatted’ to a spy agency,” Singer recommends. “The National Security Agency and Cyber Command are both important full-time jobs … yet, we double-hat it. Think of any other command and agency we do that for, let alone ones so important.”
But these single-mission cyber units must work closely with traditional organizations—something that doesn’t usually happen today. “It’s like how they had radios, tanks and airplanes back in World War I, but didn’t know how to use them to their fullest on their own, but even more so how to bring them all together until the Blitzkrieg of World War II,” Singer explains.
He says the Israelis are leading the way in integrating cyber actions into traditional warfare. In September 2007, Tel Aviv launched Operation Orchard to destroy a suspected nuclear weapons facility in Syria. The raid blended F-15 bombers with electronic jamming and network hacks to shut down air-defense sites.
Everyone needs to understand this cyber stuff better, and not leave it up to a handful of experts, Singer stresses. “Don’t treat any and every cyber problem as something for the ‘man on cyber horseback’ to come save us all.”