This editorial will appear in Monday’s print edition.
Is the United States’ next war already being fought – in cyberspace?
Some think that if the war hasn’t begun, at least the initial skirmishes are taking place, with enemies sizing up each other’s strengths and weaknesses. In this war, navies, armies and fighter jets will be on the sidelines. The front-line warriors will be computer programmers, hackers and encryption experts.
Most recently, Google reported that hackers had broken into hundreds of Gmail accounts, including those of a Cabinet-level official, senior U.S. government officials and military personnel. The breaches allowed the hackers to read vast numbers of incoming and outgoing messages.
Google traced the cyberattacks to the city of Jinan in northeast China – which just happens to be the home of the Chinese army’s national-security arm and a state-supported computer science institute.
China, of course, has denied involvement. But that country – especially its military – is considered a leader in cyberwarfare. It’s hardly alone. The Pentagon says that more than 100 foreign intelligence agencies have tried to hack into U.S. defense computers to steal military plans and weapons systems designs. Defense contractors like Lockheed Martin have also been targeted.
Those kinds of attacks are more accurately considered to be attempts at espionage – cyberspying. It should surprise no one if it were revealed that the United States is doing exactly the same kind of thing – probing other countries’ computer systems and email to figure out what they’re up to.
But what about real attacks? What if a foreign power were to hack into such important infrastructure systems as our electric energy grid, communications or air traffic control? Any disruptions could have real casualties as well as serious economic effects.
The Pentagon – which last year set up a new Cyber Command – rightly is drawing up a strategy that considers those kinds of cyberattacks to be acts of war tantamount to military attacks that might warrant equivalent responses.
While thinking along those lines is necessary, it’s clear from the recent successful Gmail incursions – which involved the fairly common pfishing for user information – that high-level government officials could use some basic education in protecting their electronic communication.
Lax security can be more damaging than having an embarrassing image hacked and sent out on one’s Twitter account. It can give America’s adversaries information they shouldn’t have.