DeM Banter: always love a good historical analogy…this is a good one. Welcome to the information revolution and the new lines of logistics…
February 19, 2013
To state the painfully obvious, Washington is not a town filled with much unanimity these days. But on one subject there is common ground: the recognition of America’s vulnerability to and the threat from cyberattacks. The concern is so great that many argue it is only a matter of time until we face a so-called cyber Pearl Harbor. As outgoing Defense Secretary Leon Panetta put it, a sudden, massive cyberattack “would paralyze and shock the nation and create a new, profound sense of vulnerability.”
Panetta is correct to worry about a large-scale cyberattack. Unfortunately, endless realistic potential scenarios abound that mirror the events of Dec. 7, 1941: The nation goes about its business one quiet morning only to have a few well-placed keystrokes cause the lights to go out, the water to turn off and many lives to be lost. Panetta and others are wrong, however, to call it a Pearl Harbor-like event because, simply put, we are already in a cyberwar. As the former chairman of the House Permanent Select Intelligence Committee, I want to emphasize the point that a destructive cyberattack would not be a surprise attack; such attacks are already happening by the thousands every day!
To understand why the Pearl Harbor analogy is a bad one, we need to remember exactly what happened that fateful morning. The facts are well-known: The U.S. Pacific Fleet lay at its berths in peacetime with the clouds of war on the horizon. Then without warning or the courtesy of a declaration of war, the Imperial Japanese Navy struck, delivering a devastating blow. In little more than two hours, an estimated 2,000 Americans were killed, and 17 warships and more than 300 American warplanes were destroyed or heavily damaged.
What Pearl Harbor represents is an unexpected attack that resulted in spectacular, but not crippling, losses. America recovered quickly and within six months was able to deliver its own massive counterpunch.
Today’s cyber environment stands in stark contrast. The federal government sees tens of thousands of cyberattacks monthly with their pace and sophistication increasing. America’s critical infrastructure is similarly under siege. The private sector is attacked continually with crucial data and intellectual property regularly stolen. America’s leaders will not be able to claim to be surprised when a big attack comes — America has had all the warnings it needs.
If not Pearl Harbor, how should we think about cyberthreats? Look to another aspect of World War II: submarine warfare. In both the Atlantic and the Pacific theaters, submarines caused far more havoc and meaningful losses than anything that occurred at Pearl Harbor. U.S. submarines were unleashed after Pearl Harbor, and while they had a somewhat limited impact on the loss of Japanese warships, their impact on the Japanese logistics was nothing short of devastating. American submarines accounted for more than half of Japanese merchant ship losses, effectively strangling the Japanese economy and its ability to support the war effort. The economic engine of Japan was brought to a halt not by one big attack but by endless small actions conducted in silence. The submarine battle in the Atlantic was similarly dramatic, save for the fact that it was the German Navy that nearly asphyxiated the Allied war effort through its so-called wolf pack attacks.
The cyberwar is very similar. The American economic engine is constantly under attack from hidden enemies who slip in and out of our marketplace in relative silence. Each and every day, cyberfoes sneak their way into the flow of commerce, siphoning valuable data and inserting malicious instructions that reduce the health of our economy. Taken individually, these attacks are troublesome; but when looked at as a whole, they are potentially devastating. If enough information is stolen and enough destructive electronic attacks occur, our economy will no longer be able to function effectively and efficiently. These attacks will slowly suck the lifeblood out of our economy.
The simple truth is that America is already engaged in cyberwar with countless enemies. Cyberattacks are here, and more are coming. The basic outlines of the threats are known. So while the focus on the possibility of one big attack is not unreasonable, in reality, it distracts us from the fact that unrestricted cyberwarfare is already here. Washington is united in recognizing the threat, and it along with the nation cannot delay. America must not wait for a cyber Pearl Harbor to take action. It is time to recognize how serious the problem is because if we simply wait for the big one before taking real action, we will succumb to the thousands of cuts being inflicted every day.
Peter Hoekstra is a senior adviser in Dickstein Shapiro’s Public Policy & Law Practice. He served in the House of Representatives for 18 years and was chairman of the Permanent Select Committee on Intelligence.