Relaciones Internacionales – Comunicación Internacional

The risk of a cyber 9/11 (The Washington Post)

| 0 Comentarios

By Joseph Marks

For nearly two decades, government analysts have warned of a “cyber 9/11” or a “cyber Pearl Harbor” following the Sept. 11, 2001 terrorist attack, whose 20th anniversary is tomorrow.

Those warnings – focused on the dangers of a catastrophic cyberattack with 9/11-level consequences – started as early as 2003 and peaked early in the Obama administration when cyberspace was beginning to be viewed as a major new domain for conflict. 

But criticism of the analogies emerged almost as soon as the analogies themselves. Comparing cyber and terrorism overstated the consequences of even the most damaging cyberattacks, critics said. And the result was more often to scare people into doing nothing than to compel them to take cyber protections more seriously. 

Most cyber watchers hope the terms are fully retired before the nation marks another 9/11 anniversary. 

Using this kind of rhetoric actually made people less willing to pay attention to cyber threats, Chris Painter, the top State Department cyber official during the Obama administration, told me. 

“The best you can say for the analogy is the intent was to raise awareness and get people to focus on cybersecurity. But it didn’t really end up raising awareness,” Painter said.

The analogies have fallen increasingly out of favor during the past decade. 

But they still frequently crop up

During those years, there has been a wave of escalating and consequential cyberattacks. But none of them has come close to the massive human cost and culture-shaking significance of the Sept. 11 attacks. 

There are no definitive cases in which a cyberattack caused the loss of a single life — though there has been at least one instance in which someone may have died because a ransomware attack against a hospital delayed their care. 

“A lot of the predictions people made 10 and 20 years ago, including me, have been proven wrong,” Jim Lewis, a former top cyber official at the State and Commerce departments, told me. “You can keep saying ‘just wait until next time,’ but eventually you sound like Chicken Little.”

Indeed, the biggest cyber events of the past decade have had little in common with 9/11. 

They were nearly all committed by adversary governments, including Russia, China, Iran and North Korea, rather than nonstate terrorist groups. The only significant exception is the recent wave of ransomware attacks against U.S. businesses, schools and cities, which government officials and analysts say are mostly conducted by cybercriminals in Russia acting with the Kremlin’s tacit approval. 



Deja una respuesta

Campos requeridos marcados con *.

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.