Greene: Nothing virtual about cyber attacks
When a group halfway around the world, without setting foot on American soil, can claim responsibility for preventing a man in Wichita, Kansas, or a woman in Shreveport, Louisiana, from gaining online access to his or her own money in the local bank, it would seem to be a pretty big deal. Something to worry about.
That is allegedly what happened in recent weeks, as six big U.S. banks had their websites jammed, one after another, preventing their customers from logging on to their personal or business accounts, and from paying bills online.
The banks affected were Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC. A hacker group, saying it was based in the Middle East, asserted it was behind the cyberattacks; It remains uncertain whether they, or someone else, carried out the attacks.
And, last week, Politico reported:
"White House Press Secretary Jay Carney downplayed a report that Chinese hackers had infiltrated a secure national security network used to control nuclear codes, saying the perpetrators breached an 'unclassified' system.
"There is 'no indication whatsoever that exfiltration of data' occurred, he told reporters. . . Such attacks, he added, 'are not infrequent.'"
Any time the prefix "cyber" appears in front of another word -- cybercrime; cyberterrorism; cyberwarfare -- it can have the effect of making the concept seem slightly less substantial. It's sort of like when the word "virtual" precedes a standard-issue noun: virtual reality is not reality; a virtual store is distinct from a brick-and-mortar operation.
But as we live more and more of our lives online, and as basic needs such as electricity, water supply, transportation and communication depend increasingly on digital commands, the distinction is rapidly disappearing. Disrupt the digital world and you disrupt real lives -- you throw daily existence into uncharted territory.
After the terrorist attacks of September 11, 2001, we were told that there had been ample warning signs that went unheeded. If there ever is a concerted and darkly effective cyberattack on the United States -- one that robs millions of people of baseline necessities -- we won't be able to say that no one told us this might someday happen. We have been told, for years.
In 1997, according to a report in the New York Times that year, a White House commission found that the U.S. was vulnerable to computer-based attacks "upon crucial industries like electrical power, telecommunications, transportation and significant centers of the economy."
The concern appeared to be shared by people on both sides of the political aisle. At a 2004 Senate subcommittee session, Democratic Sen. Dianne Feinstein of California said: "We don't take cyberterrorism as seriously as we should. A terrorist could theoretically use a computer to open up floodgates of a dam, disrupt the operations of an aircraft control tower or shut down the New York Stock Exchange."
Republican Sen. Jon Kyl of Arizona, at the same hearing, said: "We've seen reports that al Qaeda has explored the possibility of damaging some of our key computer systems, seeking to cripple electric power grids, transportation systems, even financial institutions. Just imagine what chaos would result if a cyber attack were coordinated with a more conventional strike, such as bombing a highly populated area and then tampering with emergency systems to thwart hospitals and first responders caring for wounded civilians."
FBI Director Robert S. Mueller, at a speech in San Francisco earlier this year, said: "State-sponsored hackers are patient and calculating. They have the time, the money and the resources to burrow in, and to wait. They may come and go, conducting reconnaissance and exfiltrating bits of seemingly innocuous information -- information that in the aggregate may be of high value."
The Department of Homeland Security operates programs that include the National Cyber Alert System, the National Cyber Response Coordination Group and a security exercise known as Cyber Storm. Yet with all this, most of us -- as thoroughly as we have come to depend upon digital technology -- don't have much of an idea about how it really works.
If your car won't start, you may feel qualified to pop open the hood and try to figure out how to fix it; if your lights go out, you probably know where the fuse box is. Digital outages are more mysterious; when systems go dead, there is a feeling of low-grade helplessness, but usually the confidence that someone, somewhere, is working to bring them back to life.
Thus, the specter of some future cyber attack is troubling precisely because most of us have little sense of how we would individually combat such an incident. Even the terminology is open to dispute. The other afternoon I reached Internet security expert Bruce Schneier in London, where he was attending a conference. I knew he was skeptical about what he considers the inflation of language surrounding computer-based threats, especially terms like "cyber warfare."
"War is bombs dropping on you," he told me. "War is tanks in your city. War is not your computer being hacked. In any war, there will be a cyberspace component. Wars are fought on all fronts. And cybercrime -- crime -- happens a lot. But that is not war."
Still, as the New York Times reported from Aspen, Colorado, over the summer:
"The top American military official responsible for defending the United States against cyberattacks said Thursday that there had been a 17-fold increase in computer attacks on American infrastructure between 2009 and 2011, initiated by criminal gangs, hackers and other nations.
"The assessment by Gen. Keith B. Alexander, who heads the National Security Agency and also the newly created United States Cyber Command, appears to be the government's first official acknowledgment of the pace at which America's electricity grids, water supplies, computer and cellphone networks and other infrastructure are coming under attack."
Meanwhile, there's the matter of those six major banks, and the customers who couldn't log on to get to their money.
It may all be cyber, but it's starting to feel kind of real.
Follow us on Twitter @CNNOpinion
Join us on Facebook/CNNOpinion
Copyright 2012 by CNN NewSource. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.