My favorite story in the news right now is confirmation of sorts that the U.S. and Israel launched a first-strike in cyber warfare against the Iranian nuclear jihad. One of the more fun debates is political party rhetoric about the importance of confidential information – they want to find the source of the leaks. Nevermind the stuxnet wiki article at the time of me writing this blog already quotes from Gary Samore as an early White House leaker. So there are discussions of that nature.
Of course I read blogs on cyber security and anything else I’m currently interested in. I discovered a pattern with this topic – the industry I work in. Everything I read takes the position that cyber war is bad. This only leads to an escalation in cyber warfare. Stuxnet points to the need for more protection.
I couldn’t disagree more. I felt compelled to comment on a recent blog but noticed the site was an aggregator. The blog itself looked well read but I didn’t like the idea of publishing my content to this site that’s nothing more than an index selling advertisement. It seemed like less of a professional dialog* and more of being part of someone’s business model. Not that there’s anything wrong with that, but it occurs to me I have my own digital presence. So rather than comment on that blog – I’ll blog it myself.
My position is this. These security industry analysts are looking at this from inside the fish bowl. In the context of a safe and free Internet and online commerce, this is a setback. This is an escalation of arms and advances the bad guys. In fact, by definition of cyber warfare, the bad guys are the government.
I look at this from the context of war. A conventional approach to international conflict is to start out small and progress your actions slow enough so that they can be monitored by other nations and even weighed in on. Going to the UN first or establishing a block-aid before the actual bombing of humans. In the context of preemptive strikes, I’d personally prefer getting hit with a computer worm. Cyber war is good.
Yes, cyber war leads to civilian casualties. I’d argue maybe the damage is on par with a block-aid. I understand Iran lost several months of production on their centrifuge operations. In the context of war, this isn’t nearly as bad as the enemy sinking a passenger ship to stop the flow of supplies. It’s a reasonable, less harmful approach in terms of human life.
I can’t interpret a blog written by someone in the computer security industry well enough to say what the blogger’s motives are. I just know it’s bullshit taking the position this is bad for the industry. Any company making security products or providing security services benefits from this. The Cold War didn’t hurt the Defense Industry. They say even art excels during times of war. Innovation explodes in times of conflict.
Whatever your qualms over cyber warfare, get over it. It beats real attacks against humans. It promotes growth of the industry. Turn your focus to lessons learned. How successful was the attack at mitigating Iran’s nuclear development. How fast did production return to normal – what was the downtime? Was this effective in the context of international conflict?
* Poetic license on “dialog” because in social networking it’s really a broadcast. A many-to-many discussion. A party line.