Yet none of the prognosticators of disaster presents any evidence to sustain their claims. They mention the Google breach, but that was an act of espionage that, while serious, did not lead to catastrophe.
There have been and continue to be many “cyberattacks” on government and private networks, from the Korea attacks to the denial-of-service attacks during the Georgia-Russia war. To be sure, these attacks are a serious concern and we should continue to study them.
But so far, these types of events tend to be more of a nuisance than a catastrophe. The biggest result is that websites are down for a few hours or days.
This shows that security should be a serious concern for any network operator. It does not show, however, that these attacks can lead – much less have ever led – to the types of doomsday scenarios that politicians imagine. There is no evidence that these attacks have ever cost any lives or that any type of critical infrastructure has ever been compromised: No blackouts, no dams bursting, no panic in the streets.
The cyberalarmist rhetoric conflates the various threats we might face into one big ball of fear, uncertainty, and doubt. This week for example, the director of the Central Intelligence Agency announced that a cyberattack could be the next Pearl Harbor.
Cyberwar, cyberespionage, cyberterrorism, cybercrime – these are all disparate threats. Some are more real than others, and they each have different causes, motivations, manifestations, and implications. As a result, there will probably be different appropriate responses for each.