Sy Hersh has an excellent article in The New Yorker about much-politicized notion of “cyber war.” Insightful all around, but the real crux of the story is noting a distinction between cyber war and cyber espionage:
American intelligence and security officials for the most part agree that the Chinese military, or, for that matter, an independent hacker, is theoretically capable of creating a degree of chaos inside America. But I was told by military, technical, and intelligence experts that these fears have been exaggerated, and are based on a fundamental confusion between cyber espionage and cyber war. Cyber espionage is the science of covertly capturing e-mail traffic, text messages, other electronic communications, and corporate data for the purpose of gathering national-security or commercial intelligence. Cyber war involves the penetration of foreign networks for the purpose of disrupting or dismantling those networks, and making them inoperable…Blurring the distinction between cyber war and cyber espionage has been profitable for defense contractors—and dispiriting for privacy advocates.
Cyber war, it turns out, is a ploy used to scare up the body politic, and funnel funding into lucrative defense contracts. Often, one hears of hacker attacks on things like our electrical infrastructure. But this is just not possible:
There is no national power grid in the United States. There are more than a hundred publicly and privately owned power companies that operate their own lines, with separate computer systems and separate security arrangements. The companies have formed many regional grids, which means that an electrical supplier that found itself under cyber attack would be able to avail itself of power from nearby systems. Decentralization, which alarms security experts like Clarke and many in the military, can also protect networks.
Hersh’s article is well worth reading, a straightforward and level-headed look at the threats we face, and the once that are more or less fictional.