If you’re worried about terrorism, here’s a bigger threat to lose sleep over: an all-out cyberattack.
Suddenly, the electricity goes out at the office. Cellphone networks and the internet have also gone black, along with subways and trains.
The roads are jammed because traffic lights aren’t working. Credit cards are now just worthless bits of plastic, and A.T.M.s are nothing but hunks of metal. Gas stations can’t pump gas.
Banks have lost records of depositors’ accounts. Dam floodgates mysteriously open. Water and sewage treatment plants stop working.
People can’t reach loved ones. Phone systems are down, so 911 is useless. Looters roam the streets. Food and water soon run out in the cities.
And that’s just the first week.
Security experts have nightmares like that. Countries like Russia and China have implanted malicious software in the American electrical grid, nuclear power plants and water systems to have the capacity to mount such attacks — and we have done the same to them. Indeed, the U.S. prepared an extensive plan, Nitro Zeus, to unplug Iran through cyberattacks, but in the end we never implemented it.
These are some of the issues explored in an important — and deeply sobering — new book about cyberwarfare, “The Perfect Weapon,” by my Times colleague David Sanger. I’ve known Sanger since we joined our college newspaper together at the beginning of freshman year, and he has spent the decades since exploring the intersections of technology and international security — and trying to alert us to our vulnerabilities.
The risks aren’t just of a cyber-Pearl Harbor but also of a full spectrum of attacks. The Russian hack of Democratic emails should have been a wake-up call. A senior F.B.I. official told Sanger: “These D.N.C. guys were like Bambi walking in the woods, surrounded by hunters. They had zero chance of surviving an attack. Zero.”
Even after the attacks we didn’t learn, and much of the U.S. is still like Bambi. The Russian hack of the U.S. elections in 2016 should have us on our toes for 2018, but the Trump administration has done little to prepare to fight off new hacking.
Sanger describes a Russian cyberattack on the Ukrainian electrical grid shortly before Christmas 2015. Operators of the grid were bewildered: Nothing they clicked on their computers had any effect, and cursors dashed across their screens to disconnect circuits and delete backup systems. Finally, the hackers disconnected the backup electrical system, so that the operators in the control room were literally in the dark.
Hackers are increasingly brazen. When Russian hackers infiltrated State Department and White House computer systems in 2014, National Security Agency specialists tried to uproot them — and the hackers fought back. “It was basically hand-to-hand combat in a network,” Rick Ledgett, a senior N.S.A. official, told Sanger.
Cyber is the “perfect weapon,” in Sanger’s formulation, because attackers typically get off scot-free.
If North Korea had responded to the Sony Pictures movie “The Interview” by blowing up cinemas, it might have faced a strong response. Instead, it hacked into Sony’s system, destroyed computers and paralyzed the company. In both the Sony and Democratic Party attacks, the hackers enlisted the American news media to magnify the damage; we in the media were used, and we should reflect on that.
Later, North Korean hackers pilfered $81 million from the Bangladesh Central Bank (they might have gotten away with almost $1 billion, but someone misspelled “foundation”). For all this, North Korea faced no significant punishment.
Sanger writes that American officials debated whether to punish Vladimir Putin for his hacks by exposing his links to oligarchs, or even by making some of his money disappear. But Barack Obama balked, fearful of what Putin might do next, and Donald Trump has also dithered.
Gen. Paul Nakasone, head of the U.S. Cyber Command, was asked in his confirmation hearings this year what our adversaries think will happen if they attack us in cyberspace. “They do not think much will happen,” he replied. “They don’t fear us.”
As Sanger writes, “Deterrence is not working in the cyber realm.” Why wouldn’t Putin interfere in our 2018 midterms since we’re both vulnerable and not serious about responding?
We need to establish a cost to cyberattacks and help establish norms for cyber — a Geneva Convention for hacking. The problem is that the U.S. also uses cyberwarfare (to destroy Iranian centrifuges and, apparently, North Korean missiles), and we don’t want to constrain ourselves.
Meanwhile, we are becoming ever more vulnerable, partly because daily life is becoming more dependent on computers, and partly because cyber-offense is far ahead of cyber-defense. The U.S. started with a huge advantage, but Russia and China have nearly caught up, and Iran and North Korea don’t seem far behind.
In the 1990s, we were too complacent about the risks of terrorism; it took the twin towers collapsing to galvanize us. In the world of cyberspace, we’re still too complacent: Let’s stop playing Bambi!
<
NICHOLAS D. KRISTOF>
댓글 안에 당신의 성숙함도 담아 주세요.
'오늘의 한마디'는 기사에 대하여 자신의 생각을 말하고 남의 생각을 들으며 서로 다양한 의견을 나누는 공간입니다. 그러나 간혹 불건전한 내용을 올리시는 분들이 계셔서 건전한 인터넷문화 정착을 위해 아래와 같은 운영원칙을 적용합니다.
자체 모니터링을 통해 아래에 해당하는 내용이 포함된 댓글이 발견되면 예고없이 삭제 조치를 하겠습니다.
불건전한 댓글을 올리거나, 이름에 비속어 및 상대방의 불쾌감을 주는 단어를 사용, 유명인 또는 특정 일반인을 사칭하는 경우 이용에 대한 차단 제재를 받을 수 있습니다. 차단될 경우, 일주일간 댓글을 달수 없게 됩니다.
명예훼손, 개인정보 유출, 욕설 등 법률에 위반되는 댓글은 관계 법령에 의거 민형사상 처벌을 받을 수 있으니 이용에 주의를 부탁드립니다.
Close
x