As many of you know, I am currently entering my last semester at John Hopkins University where I am attempting to obtain my Masters in Government. I am now in the middle of writing it as I must defend at the end of April. I decided to go down the path of researching something that relates to work, cyber security, in the hopes of maybe furthering my career or thoroughly confusing/boring the thesis panel enough to just pass me.
Wait, cyber security, you? I know all of you back home on the left coast are probably thinking I have sold out to big brother evil Department of Homeland Security, who is watching your every move on the Internet...ah, if only the government were that capable. I could never believe in any conspiracy theories having to do with the government because no one can keep a secret and there are far too many leaks in this town.
So what have I been doing and how does this relate to anything I am talking about? For the past year, I have been supporting the government in the area of cyber security and critical infrastructure protection. Now how did a liberal arts major in international relations with a minor in German get involved with this you may ask, well great question! I have been "consulting" on many issues during my tenure at Booz Allen, including the threat to our Nation from a cyber attack. Since 1991 and especially after 9-11, there have been repeated calls that our "enemies" will soon have the power to conduct another major attack through the click of a button. Former counter-terrorism official, Richard Clarke, repeatedly warned of a "digital Pearl Harbor" and a lot of money has been spent on building up our cyber defense. This all seems to make sense except for one major issue-- there has never been an act of cyber terrorism. Hey, this is a good thing, our government is actually doing something to protect us, right? Well I would like to think so but that is not a conclusion I want to jump to right away. Instead, I am guessing that while many firms and government agencies have been profiting off of the fear from a very unknown and technical issue, terrorist groups have never been happier about the proliferation of information technology.
How great is it that IT has allowed us to work virtually, share photos and videos, network, and find unprecedented amounts of information. Now, how great is it that terrorists can interact virtually without the reliance on a nation state, share best practices on roadside bombs, spread propaganda videos of U.S. soldiers being ambushed, and raise money? Great for them, bad for us. Recruitment, training, fundraising, and communication have never been easier for terrorists and non-state actors. Why would they ever want to jeopardize this by launching an attack on the Internet or even both developing advanced capabilities when IT is actually making physical attacks easier?
I believe that while we have been building up our cyber defenses at home, we have missed the boat on the proliferation of web site and online forums where vital intelligence could be gained. We need Arabic speakers by the 100s as only a few groups are translating and tracking these sites but there is a wealth of information on these sites that would probably lead to some indications and warnings. I do not believe terrorist have the intent to launch cyber attacks as long as information technology continues to make physical attacks easier. At some point this may change and I hope to identify some circumstances that would have to be in place to change their intent. The intent of terrorist to attack our cyber infrastructure is the focal point of my thesis.
Have I completely lost you all? Let me know if you have any thoughts. A good article just came out that deals exactly with this topic, titled The Real Online Terrorist Threat.
You can also check out some of my bookmarked sources here on my del.icio.us page.
RSS Subscribe