By Des Browne and Michael Shank, Special to CNN
Editor’s note: Des Browne is the former U.K. Secretary of State for Defense. Michael Shank is the associate director for legislative affairs at the Friends Committee on National Legislation. The views expressed are their own.
Iran has begun implementing the Joint Plan of Action over its nuclear program. The United States and Russia are cooperating in the destruction of Syria’s chemical weapons. And the Nobel Peace Prize was awarded late last year to the Organization for the Prohibition of Chemical Weapons for its “extensive efforts to eliminate chemical weapons.” The past few months have clearly underscored what can be achieved when the international community works together on weapons of mass destruction.
But while the response to Syria’s use of chemical weapons and Iran is laudable and should now be leveraged to strengthen international law, treaties and monitoring mechanisms more broadly, the reality is that newer challenges are evolving even as the international community works to get a handle on longstanding threats. And although these threats come in a variety of forms, there are two in particular that will require the same kind of concerted effort.
The magnitude of the threat posed by the weapons of choice from the 20th century and 21st century are striking. Whether it is an armed, unmanned drone that could even carry tactical nuclear arms or be turned into a dirty bomb, or offensive cyber capabilities, consider how increasingly easy these potential weapons are to utilize, how a growing number of countries want their own capabilities in these fields, and how difficult they can be to monitor and regulate.
Watch "Fareed Zakaria GPS," Sundays at 10 a.m. and 1 p.m. ET on CNN
By Fareed Zakaria
President Barack Obama gave a much-anticipated speech on Friday outlining reforms in the American government cyber surveillance activities. But before I give you my reaction to the speech, I want to give you some context.
The American government and many U.S. companies are routinely the targets of cyber attacks from all over the world. The National Nuclear Security Administration, for example, which is an arm of the Energy Department and monitors America’s nuclear power plants, has reportedly been the target of 10 million cyber attacks a day. In contrast, the entire United Kingdom suffered 44 million cyber attacks in 2011.
Some of these are efforts to spy on America, enter into telecommunication systems, steal secrets from the government and private companies. Others are efforts to disrupt normal life or kill civilians. Last year, the head of the FBI testified that cyber attacks from foreign sources, often including terrorist groups, had surpassed traditional terrorism as the single most worrisome threat to the United States.
Why am I pointing all this out? I'm trying to remind you that this debate about American policy cannot take place in a vacuum. There are other countries out there, and groups of militants and terrorists, and they are actively using whatever cyber tools they have to tap into phone systems, emails, bank records, power plant operation systems, nuclear facilities, and more.
In that context, President Obama has taken on a worthy task, to see if the American intelligence establishment has gotten out of control as it deals with the threats and challenges out there. His speech suggests that the answer is no, the National Security Agency is not a rogue outfit.
But he acknowledged that two facts need to be kept in mind. First, that the United States has unique capabilities in this area and second, that after 9/11, the American government went too far in its efforts to search for and counter terrorist threats.
So he's proposed a series of reforms that strike me as a good balance between security and liberty. He has preserved the basic structure of American intelligence gathering while putting in more checks and safeguards. One case where he may have gone too far is in limiting America's spying on foreign leaders. This was probably inevitable and a political sop to foreign heads of government like Brazilian President Dilma Rousseff and German Chancellor Angela Merkel.
It's a good idea for the United States to protect civil liberties, institute checks and balances, and have periodic reviews of the whole system. But let's also keep in mind that I haven't heard much about Chinese President Xi Jinping's intelligence reform proposals, and I don't expect we will be hearing much from him, or Russian President Vladimir Putin or many other leaders.
It's called the world's second oldest profession for a reason.
You can watch this take, and also Fareed’s interview with former Defense Secretary Robert Gates, this Sunday at 10 a.m. and 1 p.m. ET on CNN.
By Fareed Zakaria
“Among the world’s potential interstate confrontations, one between the United States and Iran has the greatest potential for a significant cyber component,” writes Martin Libicki in Foreign Affairs.
“Indeed, Iran has already started to flex its muscles in cyberspace. In late 2012, cyberattackers linked to Iran penetrated the network of Aramco, Saudi Arabia’s national oil and gas company, effectively trashing 30,000 computers. Rasgas, a Qatari corporation, faced similar treatment. This spring, anonymous U.S. officials claimed that Iranian hackers were able to gain access to control-system software that could allow them to manipulate U.S. oil and gas pipelines.”
“Egypt's powerful military leadership may be offended by Obama's decision Thursday to cancel a biennial joint military training exercise that was scheduled to start next month to show his displeasure with the rising death toll, arbitrary arrests and virtual martial law,” argues Paul Richter in the Los Angeles Times. “But the generals who toppled the democratically elected president, Mohamed Morsi, on July 3 are not likely to suspend crucial counter-terrorism cooperation with Washington, halt oil tankers and other commercial shipping in the Suez Canal, or jettison the peace treaty with Israel that has formed a cornerstone of regional peace for three decades.”
By Panayotis A. Yannakogeorgos & Adam Lowther, Special to CNN
Editor’s note: Panayotis Yannakogeorgos is a research professor of Cyber Policy and Global Affairs at the Air Force Research Institute. Adam Lowther is a non-resident senior fellow at the Center for the National Interest in Washington, DC. The views expressed are their own and do not reflect the official position of the U.S. government, Defense Department, the U.S. Air Force or Air University.
China’s hackers have been pretty busy recently, at least if recent media reports are to be believed. In one of the most eye catching revelations, the Washington Post reported that more than two dozen major weapons systems’ designs have been breached by hackers, including “programs critical to U.S. missile defenses and combat aircraft and ships.”
Such claims have become commonplace as China has expanded its cyber espionage and intellectual property theft activities over the past decade. Indeed, billions of dollars worth of intellectual property is reported to have been lost to cyber theft.
Earlier this year, for example, a Defense Science Board report detailing the general level of cyber theft was released around the same time as security consultancy firm Mandiant alleged that the People’s Liberation Army had created a unit focused on penetrating government and corporate networks in the United States and elsewhere, primarily to steal sensitive industrial and military secrets.
So far, such theft has gone unpunished, and many are calling for President Barack Obama to tackle this issue head on at this week’s meeting with Chinese President Xi Jinping. Surely, it is high time for the U.S. government to begin holding nation states responsible for their cyber actions or unwillingness/inability to curtail malicious activity in cyberspace?
Yes, it is – but that’s not the whole story.
By Mark Sparkman, Special to CNN
Editor’s note: Mark Sparkman, a former senior officer with the CIA’s National Clandestine Service, is a senior international affairs analyst with the nonprofit, nonpartisan RAND Corporation. The views expressed are his own.
The announcement by prosecutors that charges had been filed against suspected cyber thieves believed responsible for stealing $45 million in a matter of hours from ATM’s in two dozen countries should send a stark message to governments around the world – banks could be the most vulnerable front in cyber space.
Plenty of people have been warning us these days to worry about cyber attacks, but generally we have been worrying about the wrong things. Most “cyber Armageddon” scenarios focus on gaps in our physical infrastructure and even far-fetched scenarios such as infant incubators in hospitals being turned off. But major swathes of the United States have routinely gone without electricity and water for days following natural disasters. Soon enough, life gradually gets back to normal. Want real chaos? Destroy confidence in the banking system (or even a part of it), and just stand back and watch.
Since last fall, a series of Distributed Denial of Service (DDoS) attacks on financial institutions have temporarily denied customers access to their bank accounts, and U.S. officials have pointed an accusatory finger at Iran. Although the attacks were not devastating, U.S. officials are rightly weighing their response options. The fact is that the United States needs to gear up for the coming era of cyber threats – and start by ensuring its financial flank is not catastrophically compromised.
By William L. Tafoya, Special to CNN
Editor’s note: William L. Tafoya is a retired FBI Special Agent and professor and director of Information Security & Protection at the University of New Haven. The views expressed are his own.
When confronted by a sudden, unexpected high level of stress and overwhelming anguish, our brain employs a coping mechanism that suppresses the experience long enough to enable us to regain control. This capacity kicks in automatically to prevent us being paralyzed, unable to move or speak.
But because the same experience can be perceived differently depending on the individual, each of us responds in a very different way. Some of us will run when confronted by a challenge, while for others, the brain will also try to block something out altogether when we do not understand what is going on. But putting off dealing with something does not resolve it – a fact that U.S. policy makers would do well to consider.
Although the computer was around before, it was not until 1959, when Jack Kilby and Robert Noyce simultaneously but independently invented the integrated circuit – the computer chip – that the Information Age truly began. Since that breakthrough, every facet of our lives has been spinning faster and faster in the direction of total dependence on information systems.