Political discussions about national security most commonly focus on threats of violence, such as those posed by nuclear programs in North Korea and Iran, or suicide attacks initiated by terrorist organizations abroad. But not all threats to national security are violent. Michael Chertoff, secretary of the U.S. Department of Homeland Security, recently addressed the cybersecurity challenge faced by modern counterterrorism organizations. In contrast to traditional violent attacks, cyber attacks may be capable of affecting a wider region by shutting down essential government services, stopping business operations, jeapordizing the security of financial institutions, and disrupting electronic communications (Chertoff, 2008). Cyber attacks are unique in that they threaten the social infrastructure of target regions.
Although major cyber attacks are uncommon today, they are increasing in frequency, sophistication, and scope. For example, Russia launched a denial of service attack against Georgia in early 2008 that restricted the access of many Georgians to information about what was occurring in their country. Additionally, websites associated with the Georgian government were defaced and government services were curtailed. Russia is not the only country capable of such attacks; the U.S. intelligence community contends that multiple nations currently possess the technical capability to target and disrupt the social infrastructure of Western nations. Nor is Russia the only nation willing to launch a cyber attack against an enemy; terrorist organizations such as Al Qaeda, Hamas, and Hezbollah have all expressed desire to initiate these types of attacks against Western nations. Although we can only speculate about the future, these types of attacks will likely continue to increase.
What can be done to protect against this unique threat to our social infrastructure? Chertoff (2008) identifies several actions that are currently being taken by the U.S. government, as well as actions that citizens can take to protect themselves. According to Chertoff, the responsibility of the government in preventing cyber attacks is to assess vulnerabilities in the government’s civilian domains, reduce points of access to the Internet that allow for inappropriate intrusion, employ tools that reduce the possibility of an attack, and consistently monitor potential threats. For citizens, Chertoff recommends activating antivirus software on personal computers, changing passwords frequently, and avoiding suspicious emails and websites. Fulfilling these government and citizen responsibilities should reduce unnecessary vulnerabilities.
Chertoff, M. (2008). The cybersecurity challenge. Regulation and Governance, 2, 480-484.
Estonia, Google Help “Cyberlocked” Georgia (Wired)