Radical Instrument

IT is changing the exercise of power. Radical Instrument is picking up the signals.

Questioning “digital Pearl Harbor”

with 2 comments

In its Sunday op-ed section, the New York Times raised the specter again of “digital Pearl Harbor,” this time contained in a quote from the CEO of a network security company:

“If you’re looking for a digital Pearl Harbor, we now have the Japanese ships streaming toward us on the horizon,” Rick Wesson, the chief executive of Support Intelligence, a computer consulting firm, said recently.

The term dates back to 1991, first used to discuss the U.S. government’s digital signature standard, and took on new prominence in a speech delivered by Richard Clarke at a computer security conference in 2000, in which he advocated the establishment of a Federal CIO position with responsibilities for cybersecurity (a policy that is coming to be realized, eight years and a few months later).

The term has also proliferated – roughly 303,000 Google results tonight – to the point where it’s straining credibility, like other overused metaphors involving cyberspace and international goings-on, nefarious or otherwise. A few points for consideration:

1.  After a wargame sponsored by the Gartner Group and the U.S. Naval War College in 2002 – named, predictably enough, “Digital Pearl Harbor” – 79% of participants walked away saying that a “strategic cyber attack is likely within the next 2 years.” Saying that you could use better security is not the same as saying that the attack is just over the horizon.

2.  “Cyberwar,” “cyberespionage,” Internet-enabled crime, virus releases, and simple malfunctions can be difficult to distinguish from each other by their effects. Political actors schooled to think only in terms of “Pearl Harbors” (or “Munichs,” for that matter) may be predisposed to solutions which could be wasteful, or even counterproductive. A hypothetical:  imagine the Cold War never ended, but turned even more tense. A new worm originates from inside Russia and disrupts U.S. air traffic systems. Is it the work of a bored college student? The prelude to an attack? In 1983, a Soviet air defense commander “made a serious but honest mistake” in the shootdown of a South Korean 747 due to conditions of tension and high alert, according to a CIA monograph. The point is that there’s a danger of escalation in any crisis, and while these conditions do not currently exist, metaphors like “digital Pearl Harbor” substitute predisposition for analysis.

3.  As Bruce Schneier has pointed out, legitimate security concerns, once given a backdrop of “ships streaming towards us” or terrorism, tend to get washed out by calls for regulation that limit the productive use of technology and threaten privacy. 

It might be time to start a contest for a new metaphor.

Written by Mark

February 16, 2009 at 10:50 pm

2 Responses

Subscribe to comments with RSS.

  1. […] country’s Internet infrastructure, over time, is from other countries (i.e., the “digital Pearl Harbor” scenario) or from the sheer volume of always-active cybercrime. It’s a decent bet to […]

  2. […] between reconnaissance and conflict is much, much shorter. If you accept the feasibility of the “Digital Pearl Harbor” threat (and I don’t), wouldn’t the placement of “triggerable malware” be the equivalent of finding, […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: