Elizabeth Weise
SAN FRANCISCO – Almost two-third of technology experts expect a "major" cyber attack somewhere in the world that will cause significant loss of life or property losses in the tens of billions of dollars by 2025.
A survey released Wednesday by the Pew Research Center found that many of analysts expect disruption of online systems like banking, energy and health care to become a pillar of warfare and terrorism.
The survey asked over 1,600 technology experts whether a major attack that would cause "widespread harm to a nation's security and capacity to defend itself" would be launched within the next 11 years.
Sixty-one percent said yes.
“The probability of a major cyber attack is not 'if' but 'when.'” Oliver Crepin-Leblond, Global Information Highway, United Kingdom
It's already beginning to happen, several of the researchers noted. One recent example given was an attack on Apple's iCloud data storage system earlier this month, which some security experts believe was linked to the Chinese government.
Another was the the July attack on JPMorgan. Some some in the White House wonder if it was orchestrated by the Putin regime in Russia in retaliation for U.S. support of Ukraine, the New York Times reported.
As critical infrastructure moves online, cyber attacks could take out financial systems, the power grid and health systems, wreaking as much damage as bombs, the experts said.
There's already been "a Pearl Harbor event," said Jason Pontin, editor of the MIT Technology Review. He cited the 2009 Stuxnet computer worm that disabled Iranian nuclear plant centrifuges. Many in the defense world believe the attack was launched by the United States and Israel.
"Cyberware just plain makes sense. Attacking the power grid or other industrial control systems is asymmetrical and deniable and devilishly effective," said Stewart Baker, a partner at Steptoe & Johnson, a Washington D.C. law firm.
Futurist Jamais Cascio thinks cyber attacks will become part of military engagements. "Cyber is a force-multiplier," he said. "We'll likely see a major attack that has a cyber component, but less likely to see a major cyber-attack only.
Part of the problem is that security tends to be an add-on. Building resiliency into systems is crucial, said futurist David Brin.
Others aren't so convinced. Those who answered "no" to Pew's question said security fixes are steadily getting better and the "good guys" are still willing the cyber security arms race.
While credit cards might get hacked and personal information leaked, "it's less and less likely that say all pacemakers in a major city will stop at once, or that cyber attacks will cause travel fatalities," said Paul Jones, a computer technologist and professor at the University of North Carolina.
David Clark, a research scientist at MIT's Computer Science and Artificial Intelligence Laboratory thinks the people who can, won't.
"The nation-states with the capability to deliver such an attack do not have the motivation to do so," he said.
Several of the experts say the logic of the Cold War standoff also applies to cyber warfare—launching an attack is too dangerous because the attacker will be destroyed in turn.
"Mutually-assured destruction works," said Justin Reich, a fellow at Harvard University's Berkman Center for Internet and Society.
While "constant, relatively low-grade probing, piracy and state-sponsored cyber-terrorism" will be the norm, no country will launch an all out assault, he said.
Still, not everyone is convinced Doomsday is upon us. The Internet's infrastructure is not as fragile as many claim, they say. The flames of fear are being fanned by those who have something to gain from widespread worry.
"Cyber attacks," said software engineer Mike Caprio, "are a boondoggle invented by military-industrial contractors to bilk governments out of billions of dollars."
No comments:
Post a Comment