The Expanding Battlefield: How Businesses Fail to Become Warriors in CyberSpace
Just a week ago, former National Security Agency (NSA) director General Keith Alexander announced he was moving into the consulting business. His goal is to increase the ability to U.S. financial and business industries to protect themselves from cyber threats from over seas. With news of China’s incursions in cyberspace via hackers stealing software trade secrets, Washington has been engaged in fierce discussions over the need to protect our online security, all while battling the public backlash over NSA’s PRISM program, a by product of the Edward Snowden leaks. The result has been a tightening of the U.S. government’s own security structure in cyberspace.
Alexander’s fears of a new cyber-terror campaign reflect the new dimensions of warfare that are reaching deeper into the personal and business world. In the beginning, warfare was waged between man and man, then state to state. Soon, Napoleon introduced the world to the first Total War, where the masses of all great societies are mobilized to fight against the common foe. The emergence of non-state actors, such as revolutionaries, terrorists groups, and warlords made warfare capable of stretching into the very home or office of a populace. Now, just as this author can communicate with people from around the world at the push of a button, a hacker or even an agitator can wage war on their own against businesses and governments. Technology has caused war to regress, where one singular individual can destroy, steal, and terrorize on a major scale, just with the use of a computer.
Businesses, financial markets, and software companies are now frontline soldiers in a war of networks, firewalls and internet vigilance. Even ordinary citizens who carry a smartphone have much to be afraid. Aside from personal information, an army of hackers with sophisticated software, bandwidth, and a playbook of tactics and doctrine, expand the scope of war to now everyday devices. This has been a subject of much debate, as government has encouraged the private sector to step up its own security and accept the reality that the boundaries of security do not stop at Washington’s intelligence agencies or our national boundaries.
If we think about it, some of the most important threats to US economic interests do not just come from a hacker wanting to cause a nuclear meltdown. Sure, terrorists from Al Qaeda would love to hack onboard airline computers and recreate the Atlantic Ocean Air Hijacking Scare in 2006. Some of the serious issues in national economic and security policy come from a rise in online banking fraud, unregulated trade and fraud via modems such as Paypal, or industrial espionage. While the latter has been linked to Chinese hackers in several cases, the previous incidences are the domain of criminal organizations and small time hacking. Several in the policy community allayed these concerns as ordinary theft and should be dealt with by increasingly sophisticated law enforcement. Such actions would correctly fall under the FBI’s Cyber Crime Division, which has really emerged in partnership to tackle these and other issues with increasing effectiveness.
Still, industry has a collective responsibility to defend its own turf. The new “War by Economic Tradecraft” as we call it, requires that companies accept they have an interest and responsibility to take appropriate measures in their defense. According to Amitai Etzioni, “businesses have resorted absorbing losses and avoid blame from shareholders rather than take appropriate measures to defend their own secrets.” No industry has been more at risk than the Defense Industries, where the report of the Cox Commission indicated Chinese hackers have stolen secrets from U.S. companies such as Northrop Grumman for many years.
The fact is that businesses are long motivated by short-term profits and the need to appease shareholders. Investing in private security could be seen as a sign of corporate insecurity and scare away potential investors, hurting growth. In the US, the conservative laissez-faire attitude and this philosophy that government should stay out of the private sector hurts national economic security in what should be an area for strategic alliances. This attitude of entitlement means business is alone in a field that is not well understood by many CEOs, that is fast becoming an entry point for criminal activity, and where less regulations make it an open field for foreign agents to steal economic and trade secrets.
Former high ranking security officials like Richard Clarke and Stewart Baker have also called on government to push businesses in the right direction, to exact more regulations. However, as Dr. Etzioni pointed out, many businesses, including economic libertarians, have discussed this creates too much bureaucracy and hurts competition. Furthermore, there is still strong resistance in Washington to adopt regulations, even as Obama has called greater attention to the issue in wake of the Snowden Affair and the incidents with Northrop Grumman. The crisis of public faith caused by Snowden has awakened fears that the government may be building new programs that break public freedoms of privacy.
The introduction of Cyber Command into the military infrastructure was a step in the right direction. However, US ability to extend its cyber defense abroad and create doctrine of defense is not as advanced as the Chinese. PLA Unit 61398, the Chinese Cyber Hacking Unit was recently acknowledged to exist by
Beijing and boasts a strong force of expert hackers responsible for many incursions world wide among immediate neighbors. While Snowden did expose NSA efforts to hack Chinese universities and businesses abroad, it does not make up for the lack of firewall protections and closed source systems needed to protect the critical infrastructure of the c
ountry. As Obama proceeds to push infrastructure updates in places like Energy grids, it needs to be accompanied with strong online protections.
Harnessed as a weapon, cyber warfare means that damages that could be created through warfare can now occur in relative peacetime, creating mass confusion, and damaging the economy. But it is increasingly subtle when most of the focus is on industrial espionage. The United States has always maintained a cutting edge in generating strong returns on research and development. Now, China, Russia and even non-state actors can “harvest” our returns with relative ease. Private entities no longer can depend on the government to protect their secrets. They live in denial that a war already exists, and deny these truths to the public, disregarding any sort of duty to protect public interests. It represents a critical disconnect between the private and public sectors at a time when globalization is tearing down traditional barriers of protection. Private citizens are vulnerable to attack, but we are caught up in public debates about individual privacy rights on the internet.
Yet, our most recent NSA director is taking to the private sector his own experiences in dealing with this emerging threat. The European Parliament and individual states are discussing how they will better protect their financial and technology markets. In the EuroDebates for the EU Commission Presidency,
Guy Verhofstadt pointed out that Europe should be building up a united digital market that can be monitored in the European legal framework. In the United States, such attempts to regulate internet freedoms are focused on intellectual piracy from small time hackers rather than enforcing protection of business’ electronic infrastructure. In short, some in Washington are more interested in stopping the mass download of movies rather than the theft of pharmaceutical formulas by Beijing’s cyber army.
Culturally, the best example of how we come to rely on cyberspace for our economic future is captured in the animated film “Summer Wars.” In this comedic drama, a rogue AI virus is unleashed on to the Worldwide Internet program “Oz,” where it hacks accounts of world governments, businesses and individuals, causing financial panic and even compromising nation security through threatened missile launches. Together, a Japanese family uses their wits and teamwork to battle against the AI, eventually defeating it. They represent people from across all rungs of society, but they recognize the threat to one person is a threat to all. That is the hard truth of warfare and tradecraft on the internet. The action may be local, but the result is truly global.
What do you think? Join the conversation!
|Brittius on The Expanding Battlefield: How…|
|#AceNewsGroup on EuroScepticism and the New…|
|Brittius on EuroScepticism and the New…|
|What to Do About Syr… on What to Do About Syria|
|Brittius on Europe in Transition: What the…|
Follow me on TwitterMy Tweets
Blogs I Follow
- Keith Brannum
- In Moscow's Shadows
- Streed's Reads
- Semi-Partisan Politics
- Mr. Chief Justus
- Michael Oleaga
- Silver Birch Press
- The Middle Spaces
- democracy for burma
- Voices from Russia
- The Tactical Hermit