This is an interesting article by Evgeny Morozov that posits a counter argument on cyber-security. The gist is that the cyber-warfare drums are being beaten by those with much to gain by the user investing in cyber-warfare capability.:
The age of cyber-warfare has arrived. That, at any rate, is the message we are now hearing from a broad range of journalists, policy analysts, and government officials. Introducing a comprehensive White House report on cyber-security released at the end of May, President Obama called cyber-security “one of the most serious economic and national security challenges we face as a nation.” His words echo a flurry of gloomy think-tank reports. The Defense Science Board, a federal advisory group, recently warned that “cyber-warfare is here to stay,” and that it will “encompass not only military attacks but also civilian commercial systems.” And “Securing Cyberspace for the 44th President,” prepared by the Center for Strategic and International Studies, suggests that cyber-security is as great a concern as “weapons of mass destruction or global jihad.”
Unfortunately, these reports are usually richer in vivid metaphor—with fears of “digital Pearl Harbors” and “cyber-Katrinas”—than in factual foundation.
While the author makes some good points, there are some disturbing phrases such as this one (emphasis added):
Much of the cyber-security problem, then, seems to be exaggerated: the economy is not about to be brought down, data and networks can be secured, and terrorists do not have the upper hand. But what about genuine cyber-warfare? The cyber-attacks on Estonia in April-May 2007 (triggered by squabbling between Tallinn and Moscow over the relocation of a Soviet-era monument) and the cyber-dimension of the August 2008 war between Russia and Georgia have reignited older debates about how cyber-attacks could be used by and against governments.
I find it interesting that the Russian invasion of Georgia would be described in such terms. It says a lot really.
The article is worth reading and we should be careful not to get carried away by the hype. Skepticism is always warranted. But I feel the complacency suggested by the author is unwise. The time to prepare defenses is when there is not an immediate danger. For when there is one, it may be too late.
The genie is out of the bottle. Cyber-warfare will happen to someone. To not prepare for it is to invite it to happen to us.