During a moderated debate held at the Newseum earlier this week, cyber heavy weights came together to discuss whether or not the threat of cyber war has been exaggerated. The debate featured Mike McConnell, former DNI and currently serving at Booz Allen, Bruce Schneier, a security technologist, Marc Rotenberg, executive director of the Electronic Privacy Information Center (EPIC) and Jonathan Zittrain, a professor at Harvard Law School.
Arguing for the motion, Schneier and Rotenberg focused on the privacy concerns and the alleged unaccountability of the National Security Agency. Instead the “fear-mongering” that has focused on the threat of cyber war is instead a movement to increase government control of the Internet, according to Rotenberg.
“What you are hearing now about the threat of cyber war is part of a long running campaign here in Washington to move control of the Internet, the technical standards and openness that we have enjoyed away from its current model to one that would give the Intelligence Community and the National Security Agency much greater authority to decide what people may or may not do on the Internet,” he said.
Rotenberg discussed several historical examples in which the NSA worked to keep advanced technologies secret, such as encryption, which is now used in secure transactions such as those on Amazon or iTunes. He also pointed to other instances in which, he claims, NSA tried to control Internet security.
“Our argument is that we have to be very careful about allowing a single, secret, unaccountable government agency, which has been fighting for 25 years to take control of Internet security, to become the dominant authority for the Internet,” Rotenberg said. “Which is what will happen if you accept the proposition that the threat of cyber war has not been grossly exaggerated.”
Mike McConnell and Jonathan Zittrain argued against the motion, citing recent examples of cyber attacks and pointing out that any future war would contain a cyber component. More importantly, they said the time to plan for cyber defense is now, when a cyber war has not yet started.
“It’s the great irony of our information age,” McConnell said. “The very technologies that empower us to create and to build also empower those who would disrupt and destroy.”
Specifically, he pointed to the destruction of data and the significant problem that would cause. It would be possible for an adversary to destroy the trust in the banking system, crippling the U.S. economy, according to McConnell. He also pointed to the example of U.S. code breakers in World War II, who were able to shorten the war by cracking the German’s codes. However, the code breaking operation was a secret during the war.
“Secrecy gets a very bad name in our society,” he said. “American citizens don’t like spies in spite of the fact that the first spy master was George Washington. Secrecy is a necessity.”
For McConnell, the key is to make effective and appropriate laws are put in place and provide appropriate oversight committees.
“If the law is written appropriately and there is the appropriate oversight committee, if you violate the law, you will be held accountable,” he said. “In a nation as free and as wonderful as ours is, leading the world in human rights and privacy and civil liberties, it’s getting the debate framed right to mitigate the risk, to protect the nation consistent with our values and our laws.”
Prior to the debate, 24 percent of the audience voted for the motion, with 54 against and 22 undecided. Following the debate, the 23 percent of the audience voted for the motion, with 71 percent against and just 6 percent undecided.