In May 2010 the US military appointed its first four-star general to direct its defensive and offensive capabilities in cyber warfare. China, Russia, and other major countries also have increased their skills in this new kind of warfare. All major banks and other companies, such as Google, continue to upgrade their protection against breaches of their information and computer network systems. The increasing dependence of both modern economies and modern weaponry on computer-based networks and online storage of information explains the rapid expansion of programs to repel cyber attacks, and to provide armies with significant offensive cyber capabilities.
Of course, modern warfare still relies on large numbers of combat military personnel. But the architecture of the military has become increasingly computer-based, with online communications, information storage, and other essential components that use cyberspace, or can be disrupted through attacks from cyberspace. Countries at war would gain an enormous military advantage if they could shut down the computer-networks of their adversaries for even a few hours.
Larger companies in developing as well as developed countries rely increasingly on the Internet and computer networks. Valuable information can be stolen, privacy of customers compromised, and internal and external communication made much more difficult when these systems get breached.
Warfare and espionage against government and private targets are not just hypothetical possibilities. After gaining independence from the Soviet Union in 1991, Estonia became a technologically sophisticated nation where the great majority of Estonians had access to the Internet, and much business was conducted online. Estonia suffered one of the first cyber attacks on a whole nation for a couple of weeks in 2007. Computer robot networks seized control over huge numbers of computers from many other countries, and used them to attack different targets in Estonia. These attacks crippled activities by the Estonian government, banks, and other businesses. Suspicion focused on the Russian government as the source of these attacks, but this could not be conclusively proved.
Georgia suffered severe cyber attacks slightly before the Russian invasion of Georgia in 2008. The attacks hit government websites, the media, banks, and other businesses. Georgia was more backward than Estonia, so these attacks on Georgia did not cause as much devastation as the earlier ones on Estonia, but they still inflicted considerable harm for a while. The timing and other evidence suggested again that Russia was behind these attacks, but no conclusive evidence could substantiate this belief.
Almost every day another company admits that its computer and online security systems has been breached. Often the attackers turn out to be hackers who just enjoy showing they can defeat even top of the line security firewalls. The culprits are sometimes criminals who seek information, such as credit card names and passwords, which they can use for financial gain. The hackers may also be governments that spy on companies in the hope of acquiring valuable proprietary information.
This week the American cybersecurity company McAfee issued a report that claims to identify a single government perpetrator (alleged to be China) of large numbers of cyberattacks on other governments, companies, and even the United Nations. So far their claims have not been confirmed.
Combating cyberwarfare and cyberspying faces several unique challenges. Since cyberspace is not owned by any nation, and is easily accessed by billions of individuals and companies, it is often very difficult to get clear evidence about who is responsible for cyberattacks, such as the attack last year on Google’s source code, or the earlier attack on Estonia. Are they from governments that are probing for state and business secrets, or from private hackers seeking publicity, or valuable information that they can use for financial gain? If the source of the attack cannot be identified with much confidence, it is hard to establish a credible system of deterrence.
A second major challenge is the intrinsic vulnerability of many Internet and computer network systems. It has long been recognized that foolproof security systems do not exist, whether they be vaults, safes, identifications for checking accounts, or other traditional forms of protecting valuable assets. Any security system that protects information will generate efforts to access that information, including sometimes efforts by individuals who helped design these systems.
Since security systems that protect information in cyberspace are even more vulnerable, continuing battles take place against public and private hackers who probe for weaknesses in these systems. No company or government can ever hope to have a cyber-based system that cannot be breached, but they can make breaching more difficult.
The development of clearer international law about hacking would help deter attacks in cyberspace by private individuals and groups. Cyberattacks on military targets might be also brought before international tribunals, but countries have to prepare their own responses. These responses include cyber and other retaliations against cyberattacks during both wartime and peacetime on vital military network and information systems.
Becker writes:
The development of clearer international law about hacking would help deter attacks in cyberspace by private individuals and groups.
What a dull response.
Munger, who has a far better mind, once observed that the simple cash register is a better antidote to embezzlement than all the laws against embezzlement.
This post by Becker shows the limits of his mind and that he suffers with a man with a hammer syndrome---every problem to him appears to be a legal problem, needing more laws.
The solutions to cyberspying will not be found with better laws. They will arise in the same way that the cash register solved the problem of employee embezzlement
They will arise from complete rethinking of computer science and networks. Observer knows of people who are doing this work, applying the work of a great Chicago mind, Stephen Wolfram.
This post, like Posner's, is the work of the conservative mind, confusing the familiar with the necessary
Posted by: an observer | 08/08/2011 at 06:01 AM
For an interesting story on the possible power of mathematics, check out
http://www.dailymail.co.uk/news/article-2023514/Lucky-woman-won-lottery-times-outed-Stanford-University-statistics-PhD.html
about a Stanford Phd who has won Texas lottery 4 times
Posted by: an observer | 08/08/2011 at 06:14 AM
The growth of the cyber threat has risen in parallel with global internet usage. Online development happens so quickly that, at present, those who seek to intrude upon online systems have an advantage over those who are trying to protect them. Cyber-espionage is highly targeted, so protection should be greatest around information that has the highest value to outsiders.
Enterprises are not taking the threat of cyber espionage seriously enough, and many have not taken adequate steps to prevent an attack. The threat of cyber espionage must be addressed by enterprises as it is as relevant to them as it is to national security organisations.
Posted by: damer | 08/08/2011 at 12:24 PM
well this blog is great i love reading your articles.
Posted by: ghd australia | 08/09/2011 at 06:18 AM
I really appreciate your post and you explain each and every point very well.Thanks for sharing this information.And I'll love to read your next post too.
regards
Best B Schools in india
Posted by: Best B Schools in india | 08/09/2011 at 06:59 AM
Not much to add on this one. Observer/Munger have a strong point in the "better cash register" theory....... but pre-computer embezzlement was typically very localized and of no threat to any overall system.
Today, we've the triple threats of 1. embezzlement 2.ID theft and 3. the whole area of security threat from terrorists (or fairly sick pranksters) taking down the grid or hacking a nukie installation to military secrets etc.
There's bound to be advancements in the "better cash register" but trouble is they all rely on a "key" typically a secret code that can be hacked, or can be "lost" or given away by one of the trustees.
The military, and the diplomats, may have to get used to there being less privacy.
Except for actual battle plan troop movements, which probably can be protected, it may not be all bad for the miltaries of the world and the diplomats to known more about weapons development etc.
And? some positives? I've LONG favored banning nukes, and making the factors of production and delivery international contraband. In the "USSR" days, perhaps, there was not the means to verify compliance. Today? I'd expect the military knows of most nuke projects, and the anonymity of the internet and "hackers" could help rat out the rest.
Once we've become civilized enough (as so many RETIRED generals have) to rapidly "build them down to zero" with a fair sized army of inspectors and lucrative "Rewards for info leading to........." we should all be much safer at FAR lower costs.
Any guesses here, as to what building, protecting, dismantling nukes costs us each year? More than $100 billion?
Posted by: Jack | 08/11/2011 at 12:55 AM
Just wanted to say great job with the blog, today is my first visit here and I’ve enjoyed reading your posts so far.
Posted by: Glass Votive Holders | 08/11/2011 at 04:35 AM
Slightly off topic:
Some economists have reported the "speculation premium" on gasoline at the pump as being 83 cents/gallon. ...... about what I'd have guessed from oil co spokesmen having stated prices in the $50 range would cover most exploration and development.
http://www.californiaprogressreport.com/site/node/9125
..... Question: As it IS becoming more apparent that speculation is increasing our costs by such untenable margins......... WHY do we tolerate such an "inefficient" (rigged) market?
This is certainly happening in food prices as well.
But! Haha! IF we believe "markets" will eventually self-correct there's another round of our fellow citizens being beaten and robbed. How many brokers and "advisers" have we heard or read in recent years who are "putting their clients IN commodities?" Just as if taking a speculative, zero sum, "position" (feel free to use your imagination) "In commodities" was the same as investing in the future gains of a productive enterprise.
Will "fixing" SS soon be that of being "in" pork bellies?
Posted by: Jack | 08/11/2011 at 05:10 AM
There's bound to be advancements in the "better cash register" but trouble is they all rely on a "key" typically a secret code that can be hacked, or can be "lost" or given away by one of the trustees....I really appreciate your post and you explain each and every point very well.Thanks for sharing this information...
Posted by: sports good | 08/11/2011 at 06:15 AM
And these are the instances we know about. Can you imagine what hacking is going on behind the scenes?
Posted by: Low Cost Medical Insurance Quotes | 08/11/2011 at 07:52 PM
Looks like the spammers are taking over this blog to put their links in!
Best,
Ewen
Posted by: travelnz.net | 08/11/2011 at 09:33 PM
Spammers are taking over your blog...are you going to keep them out?
Best,
Ewen
Posted by: travel nz | 08/11/2011 at 09:36 PM
Over the past ten years, a lot of work has been done on the economics of information security. Modern systems tend to have many stakeholders, who may be competitors or even in conflict; security often fails because the person who does the maintenance isn't the person who pays the cost of failure. But that's just the start. The field has many fascinating examples of asymmetric information, network and other externalities, agency effects and behavioural twists. For survey papers and links to recent research, see
http://www.cl.cam.ac.uk/~rja14/econsec.html
Enjoy!
Ross Anderson
Posted by: Ross Ander | 08/12/2011 at 03:53 PM
Whether anyone is taking over this blog is debatable, but at least one can tell the spammers from the Leninists; the latter can't spell.
Posted by: TANSTAAFL | 08/12/2011 at 08:02 PM
Please input this URL:
http://www----edhardy007----com
http://www----edhardy007----com
Best quality, Best reputation , Best services !!!
Posted by: dfgkhiuor | 08/13/2011 at 03:02 AM
Verry good posting. Thanks for sharing
Posted by: Ratiu Cristian | 08/14/2011 at 08:53 AM
really fascinating. Thanks for posting
Posted by: Maia Ratiu | 08/14/2011 at 08:54 AM
Riots might be less common here because of the social and spatial distancing that protects people from marauders but also prevents people from forming organic communities with any semblance of a common social life that Europe continues to enjoy--at least for now.
Posted by: Discount Herve Leger | 08/15/2011 at 04:43 AM
good post I will check another
Posted by: Firmy Warszawa | 08/16/2011 at 03:35 AM
Great posting
Posted by: Ratiu Cristian | 08/17/2011 at 09:05 AM
well this blog is great i love reading your articles.
Posted by: mbt online | 08/23/2011 at 05:34 AM
Your writing is good. In this I learned a lot! Thank you!
Posted by: christianlouboutinsale | 08/26/2011 at 02:11 AM
The idea that anybody has some sort of obligation to answer every comment strikes me as absurd as claiming that blogs should be disregarded because they have no editors or
Posted by: 2011 MBT | 08/29/2011 at 02:04 AM
I agree, those are interesting points. This task is
meant to help Afghanistan repress the worrisome, if
predictable, expansion of its opium economy, it will
greatly hamper NATO's effectiveness.THx,
Posted by: supra shoes | 09/06/2011 at 03:29 AM
The article is great!
Posted by: chi hair straighteners | 09/07/2011 at 03:03 AM