RSA: Cyber War Mass Hysteria Is Hindering Security

International cyber threat initiatives are in danger of becoming overblown, the US government’s security chief told the RSA Conference in San Francisco.

” Cyber war is a terrible metaphor,” said the US government’s cybersecurity czar Howard Schmidt. “Don’t make it something it’s not.” Internet attacks from hackers, spies and terrorist groups deserves serious attention, he said, but this should not be “to the extent of mass hysteria”.

Cyber-war hype is a distraction

Other thinkers seemed agreed on this. Bruce Schneier, security chief at the BT Group, said that this mass hysteria is being stoked up by government initiatives creating the impression of a “cyber arms race”. He does not believe that a cyber war is raging but that heavy-handed responses to issues such as the Stuxnet attacks are creating that impression.

Schneier believes that the headline-hitting attacks are distracting security professionals from building a foundation for security. These hyped-up events are distractions from the more critical work of protecting power grids, financial systems and medical networks, he warned.

Last month, AT&T technical lead Bill Cheswick told eWEEK Europe: “I think the word is wrong, because in some sense it is war but it is fury and sound signifiying little. It is just espionage.”

Deputy Securetary of Defence stokes the fire

The reactions formed a response to a keynote speech from William Lynn, US deputy secretary of defence, which may have stoked fears of cyber-war: “The threat is moving up a ladder of escalation, from exploitation, to disruption, to destruction.”

Lynn claimed that spy agencies have gained accessed to weapons system designs and other military plans, source codes and intellectual property from businesses and universities. Lynn sees this theft of information as the major threat, dismissing current attacks on networks as being relatively unsophisticated and short in duration.

Schneier’s fear is that we are on the verge of an IT arms race. “We haven’t seen offensive cyber weapons companies, but they are coming,” he said. “Big defence contractors are working on this – you know they would be dumb not to.”

He fears that this may lead to ill-designed software “weapons” that might be accidentally released. Just as Stuxnet was allegedly designed to attack the nuclear programme in Iran but it escaped into the wild and brought problems for other organisations.

“We are in the midst of a cyber war of words. Let’s quit pointing fingers and start cleaning up the infrastructure,” he said.

Eric Doyle, ChannelBiz

Eric is a veteran British tech journalist, currently editing ChannelBiz for NetMediaEurope. With expertise in security, the channel, and Britain's startup culture, through his TechBritannia initiative

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago