Friday, February 18, 2011

China: Looking US preparation for "Cyberwar"

The People's Daily

article printed in its entirety

Americans debate cyberwar, ways to prepare for it

Americans are debating the possibility of a cyberwar and ways to cope with it through the Internet in the cyber age.

While U.S. military, government and cyber experts are talking about the danger of a cyberwar, some opinions are focused on how to define cyberwar and how to prepare for it.

William Lynn, U.S. deputy defense secretary, said Washington is building a cyber strategy. He told the 2011 RSA conference in San Francisco earlier this week that the open nature of the web gives attackers an advantage.

The RSA Security developed the RSA conference in 1991 as a forum for cryptographers to gather and share the latest knowledge and advancements in the area of Internet security.

Lynn said the U.S. government is "moving aggressively" to counter evolving cyber threats and is currently in the final stages of a comprehensive cyber strategy review. The time to act is now while cyber attacks are still "relatively unsophisticated in nature, short in duration, and narrow in scope," he said.

The danger is that powerful cyber tools already exist that one day could be deployed by the nation's adversaries to potentially cause severe economic damage, physical destruction, and even loss of life, said the official.

"We must have the capability to defend against the full range of cyber threats," Lynn said. "This is indeed the goal of the Defense Department's new cyber strategy, and it is why we are pursuing that strategy with such urgency."

The U.S. Defense Department has already formally recognized cyberspace as a new domain of warfare, as land, air, sea and space, according to Lynn.

"Treating cyberspace as a domain means that the military needs to operate and defend its networks, which is why we established U.S. Cyber Command," he told the conference.

Lynn is not the only U.S. government official who showed concern for the cyberspace. FBI Director Robert Mueller, CIA Director Leon Panetta, and Director of National Intelligence James Clapper have already told the U.S. House Subcommittee on Emerging Threats and Capabilities that sophisticated cyber attacks could place the nation's security in jeopardy.

But some other experts said it is hard to define cyberwar and suggested the U.S. should wait for a catastrophic event and then overreact, rather than plan ahead.

Former U.S. intelligence chief Mike McConnell told the RSA conference on Wednesday the U.S. Congress and the public should debate and sort out all the questions that need to be answered about what constitutes cyberwar and how the government and private sector should respond when faced with incidents that fit the definition.

Howard Schmidt, the White House cyber security coordinator, deplored the "terrible use of the word 'cyberwar'."

According to the Wall Street Journal, Schmidt said that policymakers and others in the country should "stop conflating cyberwar with cyber-espionage and cybercrime."

Securing the information superhighway involves too many factors to be lumped into a single bucket. Resolving online criminality like identity theft should be treated differently than protecting the electric grid from sabotage by foreign powers or online espionage, but war-like rhetoric may threaten the U.S. ability to deal with any of these issues effectively, he warned.

"Words do matter. When we start throwing out these things, like we're in the midst of a cyberwar, or that cyberwar is around the corner, there's a lot of (those things) that don't actually apply, so we really have to define what it is that we're talking about," Schmidt was quoted as saying.

Schmidt made these remarks during a recent discussion with British Telecom cyber security chief Bruce Schneier, and Microsoft executive Scott Charney.

Schneier is cautious about the claims of cyberwar. He said this is part of a turf war to determine which federal agency would have control over cyber security, abetted by "exaggeration and distortion " by a "military industrial complex that does that quite well."

"All these examples (of online sabotage) aren't really warfare, but if you call them warfare, a different set of psychological buttons get pushed. To the police, we are citizens to defend. To the military, we are a population to be subdued, or at least to get out of the way and not make trouble," he stressed.

Charney noted the United States "has tried to come up with one over-arching strategy (for securing cyberspace), but there are really four different ones." Cybercrime, corporate online espionage, online sabotage of national infrastructure, and military espionage online all need to be dealt with separately, he said.

No comments:

Post a Comment