TransTracker 's Public Library

except for the delivery mechanisms and yield, a nuke is a nuke: cyberspace today is nothing like ARPANET, and in ten years it'll look nothing like it is today.

So to move forward in this area I think it would be useful if we drew from different historical analogs, or simply made our own history.

Networks are even more complex than a fleet. Being able to exploit a vulnerability does not mean being able to exploit all vulnerabilities, or every instance of the same vulnerability. And even if networks are interconnected, they are not a homogenous whole. If network administrators have difficulty managing their own large networks because they are too large, flexible and changeable to accurately inventory and map, imagine the difficulty for a malicious outsider in bringing one down.

Of course, elements of it can be interfered with, damaged or even destroyed. But networks are typically too fragmented and redundant to stand or fall as one. Our networks have never been reliable enough to depend upon completely, so they are full of backups, workarounds and overrides that ensure that much of the work gets done even when the parts fail.

What good would it do for an attacker to take down vital U.S. networks? While the damage to this country could be great, the benefit to an attacker would be nil if it could not be followed up. The real threat of cyber warfare is not in stand-alone attacks, but in attacks coordinated with military action. At this point, there are very few parties out there with both the ability and inclination to take on the United States militarily, whether our networks are up or down. Terrorists could score points with a devastating cyber attack, of course, but without the ability to follow it up militarily, it would not rise to the level of a Pearl Harbor.

There is a perfect storm brewing where the skills and resources required to launch a significant attack is being drastically lower. Depending upon the effects of a possible worm on the smart grid boxes, and the vulnerability of the generators, there can be a combined attack that does have strategic impact.

TechNewsWorld: While it's generally agreed that the next war may be a cyberwar, much of our infrastructure is either hooked up to the Internet or in the process of being hooked up to the Internet. Electricity companies, for example, are agitating for the use of smart meters. That being the case, and with hackers increasing the frequency and sophistication of their attacks, does the increasing pace of hooking everything up to the Internet pose a real security threat?

Clark: We're going into completely digitized medical records, which could lead to a huge invasion of privacy. It could also lead to things like blackmail and is physically dangerous because people can tamper with records of vital signs, or can alter prescriptions. There's no telling just what could be done.

Companies could lose their supply chain management, lose their accounting records, lose their customer lists. Trying to rebuild this on paper when we've all been interconnected on the Internet will cause years of economic decline. We are, as a civilization, quite vulnerable to disruption, and this security problem doesn't just affect one nation but the whole global economic infrastructure.

You can't conceive of the threats from the point of view of a traditional war. Cyber-efforts are ongoing today; we're in a cyber-struggle today. We don't know who the adversaries are in many cases, but we know what the stakes are: continued economic vitality and, ultimately, global civilization.