Cyberwar Threat At Code Red, Clarke Warns

Former counter-terrorism advisor Richard Clarke has a new book out, and it's scary stuff for all of us concerned about the national security of the United States. Scarier still, the alarms sounded by the book -- "Cyber War: The Next Threat to National Security and What to Do About It" -- aren't news to anyone who has even a minimal clue about the state of cybersecurity.

Alexander Wolfe, Contributor

April 21, 2010

4 Min Read

Former counter-terrorism advisor Richard Clarke has a new book out, and it's scary stuff for all of us concerned about the national security of the United States. Scarier still, the alarms sounded by the book -- "Cyber War: The Next Threat to National Security and What to Do About It" -- aren't news to anyone who has even a minimal clue about the state of cybersecurity.Long-story short, Clarke essentially raises the kinds of warnings which have been in the air for years, including recently in the Cyber Security Institute's report. That document raised alarms about whether government systems are adequately protected from emerging threats such as cybercriminal mobs in Eastern Europe or from the Chinese military.

Clarke's assessment is much blunter. The United States is at risk of have its power grid and communications networks taken out by a foreign power. Doubly scary is that fact that a bad-actor government wouldn't have to employ the ne plus ultra of hackers to do us damage. That's because we're pretty much completely unprotected, he warns.

Clarke also notes that things could get ugly if we are so attacked, because we would have to respond, possibly with a massive conventional military strike. (Ol' fashioned infantry would be necessitated because a damaged command and control infrastructure wouldn't support more sophisticated responses such as unmanned drones.)

On the plus side, the United States is not completely a sleeping giant on this stuff. I use the Pearl Harbor analogy deliberately, in making the point that missives like that from Clarke , who's an ex-government security official, after all, constitute differential confirmation that we're not taking this stuff lying down.

Proactive U.S. efforts were hinted at publicly last fall by former National Security Agency director Mike McConnell. Appearing on 60 Minutes, he leaked the previously undisclosed news that a series of power-grid outages in Brazil in 2005 and 2007 were caused by hackers. He also characterized a 2007 breach of U.S. Defense Dept. computers as our "electronic Pearl Harbor."

The good news, as I wrote at the time is that "whatever the Chinese and Russians are doing to us, we're doing to them, too. However, Jim Lewis, director of the Center for Strategic and International Studies, did make the point that the United States is the big target, and we've got a lot more to lose from cyberattacks than do our adversaries."

Going forward, my concerns are two-fold. First off, I understand that in a free society, it's difficult to get commercial companies, which are primarily focused on shareholder value, to expend the excessive efforts and funds required for serious security. I'm thinking here of the power companies, which are undoubtedly not only averse to the high cost of real security, but probably suffer from an institutional cluelessness as far as the technology of security. Add to that the fact that creaking physical power-distribution infrastructure is the utilities' first-order problem, and you've got a prescription for security exposure.

I should add that I expect that telecom providers are far less exposed on the security front, both because they're in the mainstream of networking technology and because security is an obvious necessity to them, completely apart from putative foreign cyberattacks.

Add to that the NSA tie in (that room in San Francisco) and you gotta figure that the telecom folks may be more locked down than we think. OTOH, they pose such a juicy target that attacks might be working that angle just that much harder. (This'd be an analogy to Windows-versus-Mac virus writers. As in, the bigger the bulls eye, the more attention you attract.)

So my second point is that that's the commercial side. What about the vulnerability of government networks? There's no excuse there, though there is a reason. It relates to institutional inertia and the laws of large systems -- both causes to despair.

All of which probably means that Clarke is pitching his warnings into the wind. But that doesn't mean we shouldn't listen.

An excerpt from Clarke's book is posted on the ABC News Good Morning America website, here. The publisher's Web page for the book is here.


Follow me on Twitter: (@awolfe58)


What's your take? Let me know, by leaving a comment below or e-mailing me directly at [email protected].


Like this blog? Subscribe to its RSS feed: (here)


 My videos on ( YouTube)


 Facebook 


  LinkedIn


Alex Wolfe is editor-in-chief of InformationWeek.com.

Read more about:

20102010

About the Author(s)

Alexander Wolfe

Alexander Wolfe

Contributor

Alexander Wolfe is a former editor for InformationWeek.

See more from Alexander Wolfe
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

thumbnail
Cyber Resilience
‘They’re Coming After Us’: RSA Panel Explores CISO Legal Pressure‘They’re Coming After Us’: RSA Panel Explores CISO Legal Pressure
byShane Snider
May 6, 2024
3 Min Read
Ambassador-at-Large Nathaniel Fick at the RSA Conference 2024 in San Francisco.
Cyber Resilience
Questions for the Bureau for Cyberspace and Digital PolicyQuestions for the Bureau for Cyberspace and Digital Policy
byJoao-Pierre S. Ruth
May 16, 2024
5 Min Read
Business person draws a creative business project
IT Leadership
Why CIOs Are Under Pressure to InnovateWhy CIOs Are Under Pressure to Innovate
byLisa Morgan
May 15, 2024
8 Min Read
DNA (deoxyribonucleic acid) strand, illustration.
Data Management
DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?
byRichard Pallardy
May 7, 2024
15 Min Read
Business innovative solution and creative concept as a paper boat tied to a light bulb
IT Leadership
9 Ways to Ensure Continuous Innovation9 Ways to Ensure Continuous Innovation
byLisa Morgan
Apr 2, 2024
9 Slides
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports
May 2, 2024
While there are plentiful options in cyber resiliency and business continuity tools and platforms, there isn’t one that can knock out everything from sudden cloud outages to prolonged ransomware attacks in a single punch. What can you do to keep the company on its feet no matter what is thrown at it? Find out in this new virtual event.
Reserve Your Seat Now