Opinion: To hackers, we’re Bambi in the woods


If you’re worried about terrorism, here’s a bigger threat to lose sleep over: an all-out cyberattack.

Suddenly, the electricity goes out at the office. Cellphone networks and the internet have also gone black, along with subways and trains.

The roads are jammed because traffic lights aren’t working. Gas stations can’t pump gas.

People can’t reach loved ones. Phone systems are down, so 911 is useless. Looters roam the streets. Food and water soon run out in the cities.

And that’s just the first week.

Security experts have nightmares like that. Countries like Russia and China have implanted malicious software in the American electrical grid, nuclear power plants and water systems to have the capacity to mount such attacks — and we have done the same to them. Indeed, the U.S. prepared an extensive plan, Nitro Zeus, to unplug Iran through cyberattacks, but in the end we never implemented it.

These are some of the issues explored in an important — and deeply sobering — new book about cyberwarfare, “The Perfect Weapon,” by my Times colleague David Sanger. Sanger has spent decades exploring the intersections of technology and international security — and trying to alert us to our vulnerabilities.

The risks aren’t just of a cyber-Pearl Harbor but also of a full spectrum of attacks. The Russian hack of Democratic emails should have been a wake-up call. A senior FBI official told Sanger: “These DNC guys were like Bambi walking in the woods, surrounded by hunters. They had zero chance of surviving an attack. Zero.”

Even after the attacks we didn’t learn, and much of the U.S. is still like Bambi. The Russian hack of the U.S. elections in 2016 should have us on our toes for 2018, but the Trump administration has done little to prepare to fight off new hacking.

Cyber is the “perfect weapon,” in Sanger’s formulation, because attackers typically get off scot-free.

If North Korea had responded to the Sony Pictures movie “The Interview” by blowing up cinemas, it might have faced a strong response. Instead, it hacked into Sony’s system, destroyed computers and paralyzed the company. In both the Sony and Democratic Party attacks, the hackers enlisted the American news media to magnify the damage; we in the media were used, and we should reflect on that.

Later, North Korean hackers pilfered $81 million from the Bangladesh Central Bank (they might have gotten away with almost $1 billion, but someone misspelled “foundation”). For all this, North Korea faced no significant punishment.

We need to establish a cost to cyberattacks and help establish norms for cyber — a Geneva Convention for hacking. The problem is that the U.S. also uses cyberwarfare (to destroy Iranian centrifuges and, apparently, North Korean missiles), and we don’t want to constrain ourselves.

Meanwhile, we are becoming ever more vulnerable, partly because daily life is becoming more dependent on computers, and partly because cyberoffense is far ahead of cyberdefense. The U.S. started with a huge advantage, but Russia and China have nearly caught up, and Iran and North Korea don’t seem far behind.

In the 1990s, we were too complacent about the risks of terrorism; it took the twin towers collapsing to galvanize us. In the world of cyberspace, we’re still too complacent: Let’s stop playing Bambi!



Reader Comments ...


Next Up in Opinion

POINT OF VIEW: NATO is about more than money

I take serious objection to the Palm Beach Post letter-writer who thinks that money is the key to the U.S. relationship with NATO. Having worked with NATO for more than 12 years, I have a deeper understanding of the extremely high value NATO plays in our security. The idea that we are bearing a higher portion of the total funding belies the value of...
Editorial cartoon
Editorial cartoon

CARTOON VIEW WALT HANDELSMAN
Letters: Ex-lifeguard can attest: Reeds treated employees well

Reeds treated employees well Thank you for your recent article, “The Reeds,” (Tuesday), on the Reeds and the Jupiter Island Club. I was a seasonal lifeguard at JIC from the late ’80s to the mid-2000s. As the article states, they did treat their employees with kindness and respect. They had annual get-togethers and even weekly employee...
Opinion: Trump isn’t first president to cozy up to Putin

WASHINGTON — The definition of insanity is doing the same thing again and again and expecting to get a different result, which is one of the many reasons President Trump’s news conference with Russian President Vladimir Putin seemed so insane. Trump is trying to do something that both of his immediate predecessors tried to do: turn over...
Opinion: ‘Sort of a double negative’

It is an unfathomable proposition that the day would ever come when America could rightly question the loyalties of its own president, but that is precisely where we have arrived. Donald Trump’s “Surrender Summit” with President Vladimir Putin of Russia was such a disloyal, traitorous display that it boggles the mind. Russia attacked...
More Stories