Pages

9 February 2014

The threat of cyber war

By Mark Colvin 


MARK COLVIN: Silently, below the general radar, a new kind of warfare is playing out in the modern world. It's being waged on the web and it involves spying, sabotage and economic theft.

Last night we heard from author Peter W. Singer about the relative ignorance in quite high places about cyber security. He's director of the 21st Century Defence Initiative at the Brookings Institution and the co-author of a new book on the subject.

In part two of the interview we moved from cybersecurity to cyber war.

PETER W. SINGER: Well, what makes cyber-weapons new and different is that it's not a thing, it's not a physical object, it's literally a series of zeroes and ones, and so that means that there are things that can be done with it that we've never seen before in history. So this is a much richer area than the discussion that we typically have too often, which just basically begins and ends with terminologies like 'cyber-Pearl Harbour!' or 'cyber-9/11!'

MARK COLVIN: But is it possible that some foreign country, for instance, has a plan stashed away by which it could, say, shut down Australia's power grids?

PETER W. SINGER: So let's be� first, let's stick in the world of reality, and then get to the potential. So, in the world of reality, while there have been over half a million references to things like cyber-9/11, cyber-Pearl Harbour, or there have been more than 30,000 articles about cyber-terrorism, squirrels have taken down more power grids than the zero times that hackers have. That's today.

Now that doesn't mean that's always the case, but if we're looking at the current threat out there, that's the reality.

MARK COLVIN: If you were running the cyber arm of one particular country's military, wouldn't you want to have those kinds of plans in place for your enemies?

PETER W. SINGER: So that's where we get from the current state of affairs to the potential future state of affairs. Most definitely there are growing capabilities in this space that could cause serious damage, and what makes them potentially game-changing is not just the development of new types of cyber-weapons - like Stuxnet, that can cause physical change - but also our growing dependence on the internet, and the change of the internet to the so-called 'internet of things', where we're not just using our internet devices to communicate with each other, but we're using them to literally run the world around us - where you're seeing everything from smart power grids, smart thermostats, smart cars, you name it. 

We don't talk enough about the actual cyber-attacks that are happening right now. For example, we're living through the literally biggest theft in all of human history - the massive theft of intellectual property emanating from China that's been measured in some terms as much as $1 trillion.

So in many ways it's not as sexy as a cyber-Pearl Harbour, but it could be just as consequential in terms of a death by a thousand cuts scenario - death by a thousand cuts that are both economic and security cuts.

MARK COLVIN: Everyone talks about China, but now we know a lot more about what the NSA has been doing. Have they been stealing intellectual property from other countries, too? Have they been doing economic warfare?

PETER W. SINGER: The challenge of the Snowden revelations and how to discuss them is that essentially so much has been put out there, and will continue to be put out there, that really you have to categorise it into three types of activities. 

The first areI would describe as smart strategic espionage against America's enemies, and that involves mostly the stealing of political-related secrets. 

The second category is questionable, and these are activities that are questionable in some legal or political manner, at least within the American political context because of how they involve US citizens, either through legal fudging over interpretation - authorisations that probably stretch the meaning of the term - to a lot of horse trading going on with allied intelligences agencies - something of relevance down there. 

The third category is what I would describe as unstrategic or, a little bit meaner, as 'stupid'. And these were activities that targeted America's allies and targeted America's technology companies, and essentially carried out a variety of things that they could, simply because they could and there wasn't the gain in value in it.

So that's the problem of this is that there were some things that maybe fit within that, but they can't describe them as reaching much gain from it. Clearly, more harm was done to American companies in the end - in fact, by one research report, American technology companies will lose as much as $180 billion worth of revenue because of these revelations. So, if there were any gains, they've been washed out by that.

MARK COLVIN: What, because people now know that Google and Apple and some other companies are not nearly as secure as they thought they were?

PETER W. SINGER: It's more complex than that - these companies were being, on one hand, legally compelled to cooperate on the front end, which most of them were happy to do, but then also they were being targeted on the back end. On top of that, the kind of whisper campaigns that have been done against Chinese companies are now being done against American companies, for right or wrong. They're going to be the ones that reap the consequences of this. 

That's why there's such a huge amount of anger in Silicon Valley right now. I was speaking with an American technology company executive and he described how previously he saw himself as being in a technologic arms race with the Chinese, and now he sees himself as also in an arms race with the NSA.

MARK COLVIN: Peter W. Singer, author of Cybersecurity and Cyberwar: What Everyone Needs to Know - and you can hear the full version of that wide-ranging interview on our website from this evening.

No comments:

Post a Comment