Again with the Cyber War

A possible threat to national security. Accusations of both media hype and underreporting. Cassandra-esque warnings of the dual catastrophes of under- and overreaction. More swine flu news? Thankfully not. This time the issue is another media darling: cyberwar.

After big Wall Street Journal articles in February and April, the New York Times now has a cover story about a cyber war game conducted for a computer class at West Point. The article details how the cadets fought off a simulated hacker attack, with the National Security Agency (NSA) playing the part of the aggressors.

But considering that Wired ran a story about the same exercise a year ago, and even then, it was the second year of the program, why would the Times feature it so heavily now? Thankfully, the video accompanying the article has the answer to why the Times, and every other news outlet, is running so many cyberwar articles these days.

The video’s narrator refers to “these cadets, who will soon be sent to Afghanistan” to combat cyber-terrorism. Really? The Taliban, a rural insurgency composed primarily of semi-literate tribesmen, is a hacking threat? Not really, but by linking cybersecurity, which has in the past focused primarily on Russia, China, and criminal gangs, with the current war in Afghanistan, the Army is laying claim to a piece of the budget pie.

Recently, Secretary of Defense Robert Gates has spent a lot of time arguing that the Defense Department needs to reorient from state-based threats to dealing with the counterinsurgency operations that make up the majority of current U.S. operations. That reorientation, combined with a 60-day review of all U.S. cybersecurity policy that wrapped up two weeks ago, and a pledge to quadruple the number of service members trained in hacking, puts a lot of cyberdefense money up for grabs. All of the recent news stories represent each department jockeying for some of that money.

Scott Borg, director of the U.S. Cyber Consequences Unit, told Popular Science that the future battle over budget allotments is “a big factor” behind the rash of recent cyber-defense articles in most newspapers. That relationship between the budget fight and the bump in news coverage was also covered expertly in this article in The Economist. They even had a great cartoon on the subject in this week’s issue.

Noah Shachtman, editor of the excellent Danger Room blog over at Wired, has also decried the “heavy breathing in the press about the cyberdefense issue.” Shachtman has pointed out for years that the people trying to hype the threat by talking to the media usually have a financial or political reason to do so.

However, Borg also noted additional explanations beyond the budget battle for all these articles.

“Another factor behind these news stories is that many people are leaving the government [in April], because of the administration changeover, and because the new post-service-conflict-of-interest rules will be applied to them if they stay longer,” said Borg. “So, as they leave, they are taking the opportunity to talk to the press.”

Unfortunately, all the hype clouds an actual problem. Cybercrime and attacks by foreign states are a serious problem, but portraying the threat as even more serious undermines any sober response to this issue.

Luckily, though, the media blitz will soon slow down. In the coming weeks the White House will announce the results of its 60-day review, and likely create a permanent “cyber-czar” to coordinate the US cyberdefense policy. And once that czar doles out all the cash, expect to see fewer articles like that New York Times piece, those Wall Street Journal stories, and this blog post.