The shadowy world of cybercrime
was exposed in the recent federal indictment of eight men accused of
manipulating computer networks and ATMs to steal $45 million over seven months.
The heist combined sophisticated hacking with street-level hustle. In New York
City alone, thieves struck 2,904 cash machines over 10 hours on a single day in
For all the wonders of the
digital revolution, there is a turbulent and largely hidden underside of theft
and disruption that grows by the day; the losses are often not counted in
stacks of $20 bills but rather in millions of dollars of intellectual property
stolen or compromised. Computer networks are vital to American capitalism and
society but remain surprisingly vulnerable to hijack and hijinks.
Also worrisome is the threat of
cyberattack on the nation’s infrastructure, such as electric grids or dams. The
Department of Homeland Security has issued a 13-page alert about possible
attacks on industrial control systems. According to a report in The Washington
Post, the warning expressed concern that an assault could go “beyond
intellectual property theft to include the use of cyber to disrupt … control
The department did not identify
the adversary, but there has been concern about Iran’s ability to carry out cyber attacks
like the one that destroyed 30,000 computers at the state-owned Saudi oil company
Why does this matter? One of
the first digital weapons to target industrial control systems was Stuxnet, a
computer worm reportedly invented by the United States and Israel to damage
equipment in Iran used to enrich uranium that could be used in a bomb. If
Stuxnet was successful, as sources have claimed, it caused Iran’s centrifuges
to fail. As a method of slowing the march toward a nuclear weapon, Stuxnet was
ingenious and preferable to a conventional bombing attack.
In cyberspace, however, the
United States is not the only powerful actor. Other states increasingly have
the capability and the willingness to attack.
new arms race — a competition among adversaries — is heating up. The United
States and other nations are building offensive cyber-armies. It is past time
to debate this. So far, most of the U.S. offensive cyberprogram has been
cloaked as an intelligence matter. While secrecy is necessary for operations,
basic questions should be openly debated: Who decides to wage cyber war
when and why?