Home / Blogs

Cyber Threats Yes, But Is It Cyber War?

Christopher Parente

Last night Intelligence Squared and Neustar conducted a fascinating, Oxford style debate on whether the threat of cyber war has been exaggerated. A packed house at the Newseum in Washington, DC heard four cyber heavyweights go toe-to-toe verbally both for and against the proposition that the threat has been exaggerated. The audience size was all the more impressive considering the competition on a very big night in DC — Stephen Strasberg was making his major league pitching debut, Conan O'Brien was in town and there was also a James Taylor/Carole King concert.

The discussion was fascinating and a welcome change from the self-interested rhetoric that often surrounds this important issue. I've got a strong personal interest, but I was attending last night in a professional capacity. I assist Neustar with their public relations, and had invited some media to attend last night. Mostly I was introducing them to Neustar exec and long-time Internet expert Rodney Joffe.

Rodney also serves as Chairman of the Conficker Working Group and was just featured prominently in an excellent Atlantic Monthly article on the battle against Conficker. There were lots of interesting people in the crowd — while talking to Chris Dorobek of Federal News Radio, he introduced me to Craig Newmark, the founder of Craigslist. It was very cool to meet the guy behind one of the seminal successes of Internet commerce, and one who has steadfastly refused to cash out.

The teams arguing for and against the proposition were very distinguished. Arguing for, in other words Yes the threat has been greatly exaggerated, were:

Marc Rotenberg, executive director of the Electronic Privacy Information Center and adjunct professor of information privacy law at Georgetown University.

Bruce Schneier, renowned security technologist, author of Crypto-Gram and chief security technology officer at BT.

Arguing against the motion, in other words No the threat has NOT exaggerated:

Mike McConnell, VAMD (Retired) and executive vice president and leader of the National Security Business for Booz Allen Hamilton. McConnell served from 2007-2009 as US Director of National Intelligence (DNI), under Presidents Bush and Obama.

Jonathan Zittrain, professor of law at Harvard Law School and co-founder of its Berkman Center for Internet and Society.

John Donvan of ABC's Nightline was the moderator, and he explained the rules. Each member would be given strict time slots, like in a political debate. All panelists would give opening statements, then they would have seven minutes to speak, then there would be Q&A from the audience. Every member of the audience had a keypad device tethered to their chair. Opinions would be taken at the start, and then again after the debate. The team that had changed the most minds in the audience would be declared the winners.

Here's where the audience stood prior to the debate, on the question of whether the cyber war threat was exaggerated:

Yes, it is exaggerated: 23%

No, it's not exaggerated: 54%

Man, I'm just so undecided: 22%

So Marc and Bruce were starting out in a hole, but there was a large block of undecided voters in the audience. But the winning team didn't need a majority as in an election; they just had to move the most minds.

There's no way for me to capture every thrust and parry. Suffice to say the debate broke down pretty much like this — Marc and Bruce argued that the exaggeration of the cyber war threat was the continuation of a campaign by government and the military to control the Internet. Mike and Jonathan said no its not, it's a realistic appraisal of the risks today and they can be resolved without ceding too much control to the military and becoming a police state.

Here are some specific speaker notes I jotted down:

Marc – Very passionate on privacy, made some good points about the NSA's Clipper Chip efforts in the early 1990's to force everyone to use encryption they controlled, got in some points about the government pressuring ISPs and telcos to break the law and release personal data after 9/11.

Bruce – Seemed to deliberately take the most blase tone of the speakers, called the rhetoric around cyber war "silly," made the good point that when you view things as criminal you get police solutions, when you view things as war you get military solutions. On two occasions Bruce also seemed to make an implicit accusation that working for Booz Allen Hamilton warped McConnell's view on the proposition, making reference to $400 million in BAH cybersecurity government contracts.

Now I dislike the revolving door of public service to private profit in DC as much as the next guy, but this seemed to me an ad hominem attack that didn't seek to persuade the audience through logic.

Mike – This debate had nothing to do with controlling the Internet, and he repeatedly mentioned that if Congress gets the "law right," that won't be an issue. He also threw out some financial numbers to highlight our current vulnerability. According to him, in an economy that totals about $14 trillion per year, two banks in New York routinely move over $7 trillion per day. What if just those two banks could be disrupted? When the panel debated just what war is - how can you have war without actual fighting and destruction, etc. — McConnell made a comparison the Cold War period. No fighting, but most considered it war at the time.

Jonathan – He conceded that many often exaggerate the threat but didn't think considering it war naturally leads to a police state. He described the way the Internet works as "bizarre," it's surprising it actually does work most of the time and stressed the vulnerabilities. He referenced the Pakistan blocking YouTube incident, and talked about how Professor Edward Felten at Princeton thinks he could take down the Internet in two weeks, given the right team and resources.

OK, enough suspense. Here's where the audience stood after the debate concluded:

Yes, threat is exaggerated: went from 23% to 24%

No, threat is not exaggerated: went from 54% to 71%

Man, I'm still just so undecided: went from 22% to 6%

So Mike and Jonathan won the debate, pretty handily in fact. I was in the small undecided minority — I actually went from a No, not exaggerated to an undecided vote. I agree with the majority that Mike and Jonathan presented better than Marc and Bruce, but I feel the For team did make important points that suggest this very important topic can't be decided during a one hour debate, for me at least.

Maybe that will strike some readers as a punt by me. I'd really like to hear what CircleID-ers think about this question, which I'm sure will be revisited as both the cyber threats and our dependence on the Internet continue to grow. The debate will be distributed via Bloomberg TV, NPR radio and Newsweek magazine. If an online video feed eventually becomes available, I'll add it to this post.

Update: Jun, 18, 2010 – Video recording of the Intelligence Squared debate “The Cyber War Threat Has Been Grossly Exaggerated” posted below:

By Christopher Parente, High Tech Content Marketing

Related topics: Cyberattack, Internet Governance, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

Not exaggerated, but maybe named badly Bob Bruen  –  Jun 10, 2010 4:10 PM PST

The problem is not about the Internet itself, but rather about the fact that it is a new communication medium for people. What is communicated includes money transfers, control systems for energy, trade secrets and military plans. These are the targets of the cyber threats. The 'Net is just where they are and what is used to attack them.

You rarely hear about economic warfare, but attacks on currency value and trade wars are fairly common, even making the news every so often. Culture wars exist as do other kinds of struggles which do not use standard military weapons, but they do exist.

A perfectly innocent field changes to a battlefield if a battle takes place on it.

Warfare is about crushing an enemy for dominance, whatever the battleground and whatever the weapons are. If you think this is not happening in cyberspace, then you are not paying attention.

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Season's Greetings - 2014 End of Year Message from DotConnectAfrica

Domain Name .Africa Faces Hurdles - Q&A with Sophia Bekele

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

3 Questions to Ask Your DNS Host About DDoS

Afilias Director Wins ICANN's 2014 Leadership Award

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Neustar to Build Multiple Tbps DDoS Mitigation Platform

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

DotConnectAfrica Contributes at the 9th IGF in Istanbul, Turkey

New gTLDs and Best Practices for Domain Management Policies (Video)

Nominum Announces Future Ready DNS

New from Verisign Labs - Measuring Privacy Disclosures in URL Query Strings

Video Interviews from ICANN 50 in London

ICANN London Recap Webinar

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

3 Questions to Ask Your DNS Host about Lowering DDoS Risks

Continuing to Work in the Public Interest

Verisign Named to the OTA's 2014 Online Trust Honor Roll

Sophia Bekele Weighs in on Obama's August US-Africa Leader Summit at the NYF Africa

Sponsored Topics

Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
dotMobi

Mobile

Sponsored by
dotMobi
Afilias

DNSSEC

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign