• Choose a category
• All
• Classic-Fiction

The EP-3E debacle fuelled a long-standing debate within the military and in the Obama Administration. Many military leaders view the Chinese penetration as a warning about present and future vulnerabilities – about the possibility that China, or some other nation, could use its expanding cyber skills to attack America’s civilian infrastructure and military complex. On the other side are those who argue for a civilian response to the threat, focussed on a wider use of encryption. They fear that an over-reliance on the military will have adverse consequence for privacy and civil liberties.

The urge for the military to establish itself as the chief arbiter of cyber security appears widespread. In October 2010 President Obama charged the National Security Agency, which is part of the Pentagon, with assisting the Department of Homeland Security and the private sector in domestic cyber security. In China the People’s Liberation Army is the primary institution governing foreign and domestic cyber security, while in the Middle East the Israeli Defence Force is the inspiration for the extraordinary research into computer warfare, which allows Israel to punch high above its weight in this field.

But what, one may legitimately ask, has any of this to do with cybercrime?

The threats in cyberspace are real and dangerous. Ideally, a democratic state would ensure that this critical technology should benefit, not ruin, the lives of its citizens. Equally, the state should resist the temptation to infringe our rights and privacy. Allowing the military to assume a lead role in defence of civilian networks is most unwise. Yet given that cyber weapons have the potential to cripple a country’s Critical National Infrastructure (and ruin people’s lives in the process), there must be provision for the military to intervene in extreme situations. Those circumstances should be both exceptional and verifiable.

Separate agencies should be responsible for policing the three separate threats – cybercrime, cyber industrial espionage and cyber warfare. Recognised police agencies like the FBI or the US Secret Service should assume responsibility for cybercrime. Corporations and companies should either develop their own network security system or pay a company specialising in cyber security to do it. Civilian government should establish its own network defence, while the military should protect its systems.

On the surface that seems straightforward enough. But in the real world the edges are already blurred, encouraged by the interconnectivity of the Web. Then there is the hitherto insoluble two-part conundrum at the heart of the cyber security: what does a cyber attack look like?

To answer this, a cyber defender requires two vital pieces of knowledge. From where does this attack originate? And what is the attacker’s motive? Faced with a skilled cyber aggressor, not even the best defender can answer these questions. One may only calculate and – acting on a supposition – this can lead to wrong decisions, misunderstandings and, eventually, conflict.

Let us assume that our police agency, the corporate sector and the military dutifully stick to their task of protecting the state against their designated perils. There are still two actors who are ever present across the spectrum of threats: the spook and the hacker. The former seeks to crack the conundrum (although not necessarily to share the resulting knowledge); the latter is actually responsible for formulating the conundrum precisely in such a way as to render it insoluble.

The intelligence agency sniffs around the Web like a black cat against a dark background, never making a sound and socialising only when its team seeks to dissemble, recruit or confuse. This phantom-like behaviour is part of the spook’s DNA, but it is also explained by the intelligence service’s fascination with, and even admiration for, its primary opponent in cyber: the hacker.

Until recently, network defenders were confident that when an attack was under way there was a hacker masterminding it. This has changed