When cyber-terror poison toads attack!

George C. Smith, Ph.D., Editor-at-large
Thursday, 28 June 2001 THE LONGER ONE is an observer of the national debates on cyber-terror and information warfare, the easier the job of critic gets.

"Let their way be dark and slippery."

-- Psalms, 35:8

That's because the propaganda on the subject — in different words, the Delphic wisdoms handed down from the Strangeloves of cyber-war — evolves at a glacial pace. These foreign-conspiracy obsessed infrastructure security poison toads of industry and government are easily recognized. The pool of names is small and simple to commit to memory. Their heavily scripted shows are repetitive by design — made easily digestible by way of the simple-minded synopses known as "prepared statements" — because the deadening atmosphere that inevitably results serves in creating an illusion of carefully considered consensus. For example, if you can get a handful of people with suitably important-sounding titles to state before Congress that somehow the Freedom of Information Act is bad for business, the economy, and national security, no matter how risible the claim, odds are everyone else in hearing distance will nod in joyful agreement because of the idiotic American tendency to judge the correctness and excellence of an idea by the number of people who can be persuaded to adopt it. And so we get delivered unto us the fraud that was the Joint Economic Committee's recent hearings on our "Wired World: Cyber Security and the US Economy."

witness: someone called to testify before Congress who can be counted on to grovel unashamedly on behalf of corporate interests under the pretense that it is all for the good of national security.

Usage: The Congressional witness from the bloated military technology consulting firm enjoyed delivering scary but vague policy assessments and predictions that were frequently either wrong or useless but which fit well within the framework of services his firm peddled.

-- The Joseph K Guide to Tech Terminology

Now a regular feature of the debate on how to strengthen the "national infrastructure" against cyber-terror is the notion that FOIA must be amended. The recommendation began getting serious airtime in 1998 when the Clinton administration's National Security Council made it something of a personal project. Through continuous speechifying and appearances in the mainstream and trade press, the NSC relentlessly pushed the case for neutering FOIA as an infrastructure security initiative that was pro corporate-America in its stated goal to remove the "legal impediments" to safe and secure "information sharing." Safe information sharing, in this case, being achieved by bricking up corporations against the highly hypothetical menace of FOIA requests conducted by malicious competitors. In matter of fact, the initiative has its origin in the far right elements of the national security bureaucracy, which views FOIA as a nuisance and a "legal impediment" to unfettered secrecy. Attacking FOIA has always been, basically, the first thing on everyone's wish list in this arena. For the Joint Economic Committee, Al Edmonds of EDS Federal; Frank Cilluffo of the Center for Strategic and International Studies; Duane Andrews, vice-president of a large, secretive Pentagon contractor; and Catherine Allen of a financial services lobbying group, echoed sentiment calling for surgery on FOIA — surgery which is a cause celebré for Senator Bob Bennett, the ranking Republican on the committee. Of course, no defenders of FOIA seemed to be in attendance. Of the JEC witnesses, the Federation of American Scientists' Steven Aftergood writes in a recent issue of Secrecy News: "Only someone who has never filed a FOIA request could be persuaded that this achingly slow process, with its abundance of exemptions, could be effectively used to uncover proprietary business information." The mainstream media played dead on this issue, preferring to focus on the generic off-the-cuff red-herring declarations that strategic cyber-attack might lay waste to the nation or that chinky-chinky infowar Chinamen were attempting to sabotage the financial health of the Bund.

information sharing: Orwellian keyword signaling an attack on FOIA in the name of infrastructure security.

Usage: The foreign conspiracy-obsessed corporate backscratcher and his colleague, the National Security Council grand vizier of cyber-terror, happily agreed that to foster information sharing a legitimate democratic tool of government oversight ought to be truncated.

-- The Joseph K Guide to Tech Terminology

The cant most publicized from the JEC meetings was the assertion that "Russia and China appear to be developing computer-based tools with the potential to do long-lasting harm to the U.S. economy." It was yet another regular characteristic of the din accompanying the mythos of "electronic Pearl Harbor." Traits include statements to the effect that such tools would suddenly "give future foes new leverage over the United States" and that information about them is/was much too sensitive to discuss with the lay public. Specific examples were treacherously difficult to glimpse. Classified. Hush! Hush! Computer viruses were said to be approaching a time when they would make effective weapons, a certified and official tomfool prediction that has been promised with almost the same nettlesome frequency as the citation by infowar hawks of idiot savant-like platitudes and slogans on war-making attributed to Sun Tzu. (For the seminal groupthink on the subject, consult Alvin and Heidi Toffler's "War and Anti-War," 1993.) Before your Editor-at-Large concludes, he must point out that despite the absence of the cliché "electronic Pearl Harbor" at the Joint Economic Committee hearing, its omission was only one of semantics. As a concept, it has taken a battering on the Internet, wheezing and collapsing under the burden of a talent for fatuous exaggeration among the poison toads of cyber-war so fond of croaking about it. So, in the temples of national security, the idea of a name makeover for it has grown steadily in appeal. At the JEC hearings, one of the founding fathers of "electronic Pearl Harbor"-hype, Duane Andrews of ~~Violence~~Science Applications International Corporation, held forth, redubbing it as the potential threat of electronic "strategic attack."

Panelist #1: "...If the military wants to use computer viruses to attack something, the intelligence requirements are quite enormous to write one that addresses that; whereas with bombs, it [takes] almost no intelligence ... requirement at all. You just drop a bomb on something and it bashes it, you know, irreparably."

Panelist #2: [laughs] "Yeah. The bad thing about using viruses as a weapon is they're very hard to aim ... [and] you don't really want to wait three months in hopes that the virus will spread to the bad guys."

-- overheard on feature re computer viruses, National Public Radio, "Science Friday," January 12, 2001

As far back as 1997, Andrews was working the press on the subject. "Warning of a possible 'electronic Pearl Harbor' ... the Defense Science Board ... said the Pentagon should seek the legal authority to launch counterattacks against hackers," wrote the Wall Street Journal on January 6 of that year. In 1997 Andrews was a SAIC vice-president and the point-man on cyber-terror for the Defense Science Board, an advisory agency to the Department of Defense. Through the DSB, Andrews recommended an immediate $580 million investment in private sector R&D to short-circuit "electronic Pearl Harbor." At the time, SAIC was and still is a computer security vendor and supplier of information warfare consulting services to the Pentagon. Your Editor-at-Large, in writing for the National Academy of Sciences' Issues in Science & Technology magazine, addressed Andrews' DSB report specifically, reasoning, "[assessments] of the threats to the nation's computer security should not be furnished by the same firms and vendors who supply hardware, software and consulting services to counter the 'threat.'" This remains a not unreasonable argument, Vmyths.com thinks — akin, so to speak, to the novel thought that the encyclopedia salesman ought not be made the primary source for recommendations on the setting of national educational policy toward the purchasing of encyclopedias. "A terrorist state that doesn't have [infowar] technology can hire the technology," said Duane Andrews in a March 17, 1997 article warning of surprise electronic strategic attack in ... {wink-wink} USA Today. Even more scary: "The Internet bulletin boards are littered with people offering their [terrorist] services," Andrews continued. And even further along in the USA Today piece — this is 1997 remember, still one more salesman for Science Applications said: "who says we haven't seen an electronic Pearl Harbor?" Utterly prescient, that was. Andrews' prepared notes for JEC continued his historical complaint that not enough was being done about ~~electronic Pearl Harbor~~"strategic attack." "I believe we need to take a fresh look at the challenge of a strategic attack through or on the nation's cyber infrastructure," reads his speech. Signing off: Never fear, Smith ... is here!