OK, I admit to being a Star Wars fan. The movies – at least the first three – were great. The last three were a little tedious. But, what can I say, the stories remained interesting, and Natalie Portman is a great actress. At least, that is my excuse.
One of the story lines of the movies is the Empire’s attempt to strike back against the rebel forces and crush them. As in time honored tradition back here on Earth, the strategy never works. Watching the not-so-swift vengeance of governments against the Lulzs of the world after the recent spate of internet attacks – well, here we go again.
I get the idea of the arrests in the UK, United States and elsewhere. The governments wanted to send a message that the string of denial of service attacks and defacing of public and private websites had to come to a stop. Somewhere along the line, the governments fell back on the former NYC police chief’s “Bratton Principle” of law enforcement – stop the broken windows, and you stop the crime.
However, the arrests and public humiliation of the people involved a “breaking of the butterfly on the wheel.” I am not disagreeing that you can’t have people running around busting up websites and such; however, there are more subtle ways of doing this. Frankly, what was done will simply drive the Lulzs of the world deeper and make them more determined to do more damage.
Nation-states are 20th century creatures dealing in a 21st century world. They don’t quite get the freedom of the internet. They also assume all attacks are equal and need to be dealt with the same way. Striking back at a North Korean attack makes sense. Arresting some 19 year old in the UK is unproductive.
We cannot keep thinking of all attacks as equals. Proper risk management would lead you to protect those resources that need protecting. And respond when they are threatened. Is defacing a U.S. government website equal to shutting down an electrical grid? Hardly. Do we need a “new internet?” How about spending the money to secure the current one better and use our judgment for a correctly measured response.
So what is the U.S. trying to do to protect itself in cyberspace? Well, Washington is living up (or down as the case might be) to expectations. Like a good 20th century nation, we have put the military in charge of a multi-agency process that has a wiring diagram that looks like a representation of a bowl of spaghetti. Clearly, there is a lot of defense language in its charter. Offense is left more than a little vague (though it would be interesting to see what is said in classified annexes on that issue).
As for the private sector, the other 85 percent of the American economy, they are left out on their own. When they should be required to harden their sites, they are only getting the vaguest descriptions of public-private partnership. Based on past performance – read, “not much help.”
So where do we stand today? The Empires are striking back with fury, if not a degree of strategy or sense of proportion. And the Lulzs of the world are waiting for this burst of energy to blow over. The rebels will return with a vengeance.