David Rothkopf’s recent article in Foreign Policy, ‘The Cool War’, says that the new conflict between nations ‘is a little warmer than cold because it seems likely to involve almost constant offensive measures that, while falling short of actual warfare, regularly seek to damage or weaken rivals or gain an edge through violations of sovereignty and penetration of defenses. And on the other, it takes on the other definition of “cool,” in that it involves the latest cutting-edge technologies in ways that are changing the paradigm of conflict to a much greater degree than any of those employed during the Cold War’.
Frederick Pohl’s 1981 Science Fiction novel, ‘The Cool War’, explored this kind of warfare through a travelling group of schoolchildren who are carrying a virus that affects only those older than them – those old enough to be running the government and the private sector companies in targeted countries.
How scarily prescient was that? Thirty years later, in the real Cool War, attackers use viruses and other cyber weapons to compromise or subvert the CNI (Critical National Infrastructure) of target nations, their leading corporations, their leaders and influencers, and all those who might have valuable Intellectual Property or other useful information. Stuxnet targeted Iranian centrifuges. Chinese PLA Unit 61398 targets US commercial interests with Advanced Persitent Threats from Shanghai. A Bloomberg story alleged that Facebook, Twitter and other websites were all attacked by a shadowy Eastern European group from the Urkaine. All this headline activity creates a maelstrom of problems whose ripples disturb and disrupt computer users everywhere – even allegedly super-secure Macs can catch a cold (see this article about how half a million Macs got a virus).
Apart from the cool gadgetry, and the coolness of waging war from behind a computer screen, this real Cool War has four other important characteristics: you don’t know who the players are, you don’t know whether or not you’re a specific target, you don’t know how you might be attacked, but you do know (if you’re connected to the Internet anywhere in the world) that you’re right slap-bang in the middle of the war zone. And, by ‘you’, I mean any individual or organisation that has a computer connected to the Internet.
If this was a hot, shooting war and you were a civilian in the middle of the battlefield, you would probably be dead by now. Even in the cool war’s physical arena, there is death and collateral damage to civilians who are in the blast radius of a precision-guided Hellfire missile. Cyber attacks have bigger, more diffuse blast patterns than Hellfire missiles. Whether it’s a precision-guided phishing attack or a more widespread viral assault, innocent computer bystanders run the risk of compromise and corruption.
Make no mistake: innocence on the Internet is just as dangerous to your corporate health as is innocence in the financial and banking jungle.