What Americans should fear in cyberspace

January 24, 2014

A recent Pew poll found that Americans are more afraid of a cyber attack than they are of Iranian nuclear weapons, the rise of China or climate change. Such fears are not only out of proportion to risk; if they take hold, they could threaten the positive gains of the digital age.

Certainly there are growing threats in the cyber world, and the stakes are high. But there is also a high level of misinformation and plain old ignorance driving the fear. Despite the Internet now enabling us to run down the answers to almost any question, a number of myths have emerged about online security and what it means for us offline. The result is that some threats are overblown and overreacted to, while other quite legitimate ones are ignored.

Every computer user has had to make cyber-security decisions: whether to trust online vendors with and how often to change an email password, to name two. But these decisions are too often based on scant understanding.

The problem is even more acute in business and government. Some 70 percent of executives have made a cyber-security decision of some sort for their firms. Yet MBA programs still aren't routinely teaching cyber security as part of normal management responsibility, nor do the schools that train diplomats, lawyers, generals, journalists and others who have to make important decisions in this regard every day. Whether in the boardroom or the White House situation room, crucial matters are often handed off to so-called experts, which is a good way to be taken advantage of - and to feel more secure than you actually are.

Instead of focusing on what we need to learn, we've instead fed on hype that fuels fears but doesn't solve problems. For instance, Americans have repeatedly been told by government leaders and media pundits that cyber attacks are like weapons of mass destruction and that we are in a sort of Cold War of cyberspace.

But the zeros and ones of malware are nothing like the physics of , nor are the political dynamics they fuel. Moreover, the globalized network in which the NSA, Chinese hackers, Anonymous, Google, Target and you and I all play is hardly the kind of bipolar world that spawned the Cold War.

There is certainly a battle of ideas online, but it's as likely to focus on which boy Katniss of "The Hunger Games" should choose in the end (Peeta, of course) as it is to focus on competing political visions. Rather than looking to the Dr. Strangelove era of the Cold War for inspiration, we'd be better off studying other historical lessons, focusing on how the government has effectively approached other new problems areas, from how the seas were made safe to the success story of the Centers for Disease Control and Prevention in public health.

Despite its central position in both congressional testimony and Hollywood movies, no person has actually been hurt or killed by an act of . Indeed, squirrels have taken down power grids, but hackers never have. But that is not to say there's no threat. Indeed, our own creation, the Stuxnet worm, which attacked Iran's nuclear infrastructure, demonstrated that can cause damage.

But the fiction of a "cyber Pearl Harbor" gets far more attention than the real, and arguably far greater, impact of the massive campaign of intellectual property theft emanating from China. As with 9/11, the way that we react (or overreact) to an attack, terrorist or otherwise, is what truly determines the impact of it. Understanding the difference between hackers doing something annoying and doing something with the capacity to cause serious harm will better direct our fears and resources.

Cyber security has to be seen as an management problem that will never go away. As long as we use the Internet, there will be . The key is to move away from a mentality of seeking silver bullets and ever-higher walls and instead to focus on the most important feature of true cyber security: resilience. In both the real and online worlds, we can't stop or deter all bad things, but we can plan for and deal with them.

In treating as a matter only for IT experts, computer users often neglect the most basic precautions that go a long way toward protecting both the Internet's users and the network itself. Indeed, one study found that as much as 94 percent of attacks could be stopped with basic "cyber hygiene." Perhaps the best example is that the most popular password in use today is "123456," with "password" No. 2.

The 19th century poet Ralph Waldo Emerson never could have conceived of the Internet. But it is what allowed me recently to look up a quote by him that is perhaps the best guide for our age of cyber insecurity: "Knowledge is the antidote to fear."

Explore further: New cyber-attack model helps hackers time the next Stuxnet

More information: P.W. Singer is director of the Center for 21st Century Security and Intelligence at the Brookings Institution and co-author of "Cybersecurity and Cyberwar: What Everyone Needs to Know." He wrote this for the Los Angeles Times.

Related Stories

New cyber-attack model helps hackers time the next Stuxnet

January 13, 2014

Of the many tricks used by the world's greatest military strategists, one usually works well – taking the enemy by surprise. It is an approach that goes back to the horse that brought down Troy. But surprise can only be ...

Cyber resilience metrics needed to meet increased threats

November 25, 2013

Cyber threats are rapidly emerging as one of the primary security concerns for the nation and global community as targeted cyber attacks can cause severe consequences to critical infrastructure and sectors of the economy. ...

Cyber war might never happen: researcher

October 10, 2011

Cyber war, long considered by many experts within the defence establishment to be a significant threat, if not an ongoing one, may never take place according to Dr. Thomas Rid of King’s College London.

Too much hysteria over cyber attacks: US experts

February 15, 2011

Overblown talk of full-on cyber war between nations fueled by recent attacks like the computer worm Stuxnet could hamper Internet security efforts, officials and experts warned Tuesday.

Recommended for you

Cryptocurrency rivals snap at Bitcoin's heels

January 14, 2018

Bitcoin may be the most famous cryptocurrency but, despite a dizzying rise, it's not the most lucrative one and far from alone in a universe that counts 1,400 rivals, and counting.

Top takeaways from Consumers Electronics Show

January 13, 2018

The 2018 Consumer Electronics Show, which concluded Friday in Las Vegas, drew some 4,000 exhibitors from dozens of countries and more than 170,000 attendees, showcased some of the latest from the technology world.

Finnish firm detects new Intel security flaw

January 12, 2018

A new security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said on Friday.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.