Opinion: To hackers, we’re Bambi in the woods


If you’re worried about terrorism, here’s a bigger threat to lose sleep over: an all-out cyberattack.

Suddenly, the electricity goes out at the office. Cellphone networks and the internet have also gone black, along with subways and trains.

The roads are jammed because traffic lights aren’t working. Gas stations can’t pump gas.

People can’t reach loved ones. Phone systems are down, so 911 is useless. Looters roam the streets. Food and water soon run out in the cities.

And that’s just the first week.

Security experts have nightmares like that. Countries like Russia and China have implanted malicious software in the American electrical grid, nuclear power plants and water systems to have the capacity to mount such attacks — and we have done the same to them. Indeed, the U.S. prepared an extensive plan, Nitro Zeus, to unplug Iran through cyberattacks, but in the end we never implemented it.

These are some of the issues explored in an important — and deeply sobering — new book about cyberwarfare, “The Perfect Weapon,” by my Times colleague David Sanger. Sanger has spent decades exploring the intersections of technology and international security — and trying to alert us to our vulnerabilities.

The risks aren’t just of a cyber-Pearl Harbor but also of a full spectrum of attacks. The Russian hack of Democratic emails should have been a wake-up call. A senior FBI official told Sanger: “These DNC guys were like Bambi walking in the woods, surrounded by hunters. They had zero chance of surviving an attack. Zero.”

Even after the attacks we didn’t learn, and much of the U.S. is still like Bambi. The Russian hack of the U.S. elections in 2016 should have us on our toes for 2018, but the Trump administration has done little to prepare to fight off new hacking.

Cyber is the “perfect weapon,” in Sanger’s formulation, because attackers typically get off scot-free.

If North Korea had responded to the Sony Pictures movie “The Interview” by blowing up cinemas, it might have faced a strong response. Instead, it hacked into Sony’s system, destroyed computers and paralyzed the company. In both the Sony and Democratic Party attacks, the hackers enlisted the American news media to magnify the damage; we in the media were used, and we should reflect on that.

Later, North Korean hackers pilfered $81 million from the Bangladesh Central Bank (they might have gotten away with almost $1 billion, but someone misspelled “foundation”). For all this, North Korea faced no significant punishment.

We need to establish a cost to cyberattacks and help establish norms for cyber — a Geneva Convention for hacking. The problem is that the U.S. also uses cyberwarfare (to destroy Iranian centrifuges and, apparently, North Korean missiles), and we don’t want to constrain ourselves.

Meanwhile, we are becoming ever more vulnerable, partly because daily life is becoming more dependent on computers, and partly because cyberoffense is far ahead of cyberdefense. The U.S. started with a huge advantage, but Russia and China have nearly caught up, and Iran and North Korea don’t seem far behind.

In the 1990s, we were too complacent about the risks of terrorism; it took the twin towers collapsing to galvanize us. In the world of cyberspace, we’re still too complacent: Let’s stop playing Bambi!



Reader Comments ...


Next Up in Opinion

Opinion: Kavanaugh circus includes plenty of sideshows

If the Brett Kavanaugh confirmation process has revealed anything, it is that there’s an antidote for disaffection toward Republicans: Give Democrats the upper hand for about five minutes. Anyone tuning in to the first Senate Judiciary Committee hearings earlier this month surely thought they had flipped to a circus show featuring Cory Booker...
Commentary: Women are leading the wave
Commentary: Women are leading the wave

Who runs the world? Come on, we all know that answer, especially in this midterm cycle. Women are leading from the front this election cycle and pulling the rest of politics with them. And that’s not just women candidates, but also women voters. The midterms will see women candidates riding the wave into office in November, and there are plenty...
Commentary: Women won’t vote for only Democratic women candidates
Commentary: Women won’t vote for only Democratic women candidates

A blue wave of Democratic women is coming in November, poised to win every office from city dog catcher to U.S. senator and lead the resistance to President Donald J. Trump. That’s what many headlines would have us believe. If the dream scenario plays out for Democrats, history would mark January 21, 2017, as the day this particular blue wave...
POINT OF VIEW: Business district cuts future traffic, manages growth
POINT OF VIEW: Business district cuts future traffic, manages growth

The West Palm Beach City Commission unanimously approved the establishment of the Okeechobee Business District (OBD) in August, after an almost two-yearlong process with a significant amount of participation from Palm Beach County, the town of Palm Beach and other key stakeholders. RELATED: Editorial: West Palm wrong to ignore traffic concerns with...
Letters: Trump not to blame for Puerto Rico’s failures
Letters: Trump not to blame for Puerto Rico’s failures

Trump not to blame for island’s failures The rally this past weekend blaming President Donald Trump for not doing more for the people of Puerto Rico is just another example of finding someone to blame for their own situation. How about blaming the Puerto Rican politicians who were told many years ago their electrical grid was outdated but did...
More Stories