"In my opinion, it's the greatest transfer of wealth in history," said general Keith Alexander, he of the National Security Agency, on cyberattacks launched at our great country. Not quite, and no one has to rely on opinion. The greatest transfer of wealth in history is the economic collapse of 2008, a disaster that shaved 40 percent off the worth of most Americans and which still has the nation in a deep slump.
"That's our future disappearing in front of us," Alexander added on the consequences of cyberattack.
It's a claim that's been made more than once, mostly because it gets your attention.
However, last Monday was the latest example, in a talk on cybersecurity and American power given at the American Enterprise Institute.
The entire session is here.
Cybersecurity is a serious national issue. But the implication that it is the issue or that your future is disappearing in front you due to the lack of it should put a bug up your a--.
The preeminent national security challenge faced by this country is devolution into the equivalent of a banana republic with the largest military in world history and all the implications of that for stability and, ahem, the preservation of economic well-being. The future disappeared for millions, right in front of their eyes, between 2007 and 2008. What's left is still dribbling away.
Moving on, in the introductory part of the talk Alexander reflected on the advances made in computing power, musing about what it would mean for gene sequencing -- "think what we can do for gene research" (leave the predictions on molecular biology to the experts, is all I'll say), invoking the number of apps for Crapple devices -- 500,000, and that in a couple years there will be more mobile computers in circulation than people.
Which tells you that the world's haves are accumulating multiple gadgets at a furious rate, not that conditions are wonderfully transformative.
The statistics are necessary to give an audience reference points to hang onto.
Americans love statistics and if furnished with enough they will often not notice when one is straying into quantifying the unquantifiable. Which is where you are when hearing about the greatest transfer of wealth, ever.
But all of this was just a preamble to the center of Alexander's talk on cybersecurity, the meat of which started with the problem posed by companies that did not know they had been hacked. They outnumber those that do, 100 to 1, he said. This is very bad and requires a switch to information sharing at "network speed."
This, according to the discussion, hinges on applying a "thin layer" of security on top of the "cloud," with the patches, updates and anti-malware signatures pumped out automatically. In addition, information sharing equals the rapid dispensation of data on threats occurring in real time.
Alexander assured the crowd this was all to be done with care for civil liberties. It's not the e-mail they're interested in so much as what's coming with it, and the signatures of attackers.
Information sharing between government and industry has been an issue for almost twenty years. No one who has argued for more of it has ever believed there is enough. It's always been that way, along with the promises that no one will be reading the mail. That's the standard line. Nothing new here.
Paradoxically, the people making the arguments for more information sharing now know that the conditions they want are virtually impossible. It's always unfinished business with many private sector institutions not interested in that level of two way flow on computer attacks. However they cannot bring themselves to say it. Thinking in the United States has always been crippled by a beamish adherence to a "can do" ethic. A realistic admission that some things just can't be done is heresy.
One suspects the battle is also lost to get the "American people" to trust anyone from the government on the issue. This is not any fault of Keith Alexander but a national condition that can't be remedied by good words, or even law.
Many already believe their mail is being read, anyway. It's a perception that's fatalistic and entrenched. Does it matter? The way things have developed, it would seem not. Public debate has made very little difference on what the national security side of the US government wants to do, or does, in the last decade. No heads have rolled because the security men have gone too far.
In Tim Weiner's "Enemies," a history of the FBI, the author asserts the FBI was reading national e-mail for most of the war on terror, anyway, part of this under the name of what has been called Stellar Wind. But then it stopped.
By the record of who the FBI was arresting in this country and the charges brought, particularly through the middle years of the last decade, there appears to be a great deal of truth to such assertions.
However, the new requests for information sharing are for different reasons than digging up terrorists in the country's backyard. Now it's for the timely and rapid application of technical solutions.
Alexander also spoke to the audience about not wanting to wait for something bad to happen and then jumping to "where we don't want to be" in the world of monitoring and collection.
Well, that would seem to have already happened and cyberattack was not the precipitating cause -- it was that Osama bin Laden fellow.
Alexander told his audience he would be where he didn't want to be the day after "there went the electrical grid, there went the financial sector." Testifying before Congress about how it all could have been avoided, as with 9/11.
That's what everyone says and Alexander is sincere. He does sound like he means it. But you're always gonna have those kinds of days, one or two of them, in a lifetime. That's the vagary of history and no one can get around it.
On the other hand, if you conduct a meaningful public poll on how much average Americans really care about "the financial sector" being protected against cyberattacks, you might get an earful on how they'd like to be protected from the financial sector. Bank of America and Wall Street aren't going to be popular again for a good long time. This is called ignoring the big picture, or historical context, and it has always had meaning for issues in national security. You cannot defend something or win the war when the little people, the locals, have little or no interest or incentive in rallying to your side.
Put another way, it's impossible to ultimately secure an infrastructure of businesses the majority believes to be corrupt.
Alexander took questions for about fifteen minutes. To his credit he dismissed one reporter's query on whether or not al Qaeda had a serious cyberattack capability. No, he answered but if someone with the right training were able to take advantage of knowledge and tools available on the Internet ...
I'd have answered, "Look, buddy, al Qaeda's virtually operationally dead. They have a hard time making underwear bombs, finding people to run them and even getting out .pdf files of their company organ. What makes you think they're great cyber-warriors?"
But government men have to be cautious about what they'll admit.
For the sake of a discussion that emphasizes the gravity of dealing with cybersecurity it's just easier to quote someone higher up, like Leon Panetta: "Technologically, the capability to paralyze this country is there now."
It works in a talks even though the people who've been around since the beginning quietly hoot and roll their eyes.
The presentation, again, is here.
The musical video interlude: On transfers of wealth.