Reps of Cyberterror Bad - Gds

GDS Antonucci Cyberterrorism k

CYBERTERRORISM RESPONSES

cyberterrorism responses..........................................................................................1IMPACT DEFENSEimpact defense: general.............................................................................................2impAct defense: military systems..............................................................................6impact defense: nuclear weapons..............................................................................7impact defense: soft targets......................................................................................8impact defense: planes............................................................................................11impact defense: cia infiltration................................................................................12source bias: their cards are hype.............................................................................13KRITIK1nc shell................................................................................................................... 15government reps shape perception.........................................................................18cyberterror reps key to policy outcomes.................................................................19reps first: method.....................................................................................................20us reps modelled......................................................................................................21reps of cyberterror destroy ontological difference [davis mol impact]...................22reps of cyberterror -> bad wot................................................................................23reps of cyberterror -> securitization.......................................................................26haraway scenario: cyberterror fear kills the cyborg...............................................29technophobia bad.....................................................................................................30cyberterror reps -> technocracy: [a/t “cedes the political”/habermas].................31word “cyber-terrorism” sucks: policy failure...........................................................33alternative solves: desecuritization.........................................................................35at fear of terror good!!.............................................................................................36a/t securitization good:............................................................................................38a/t securitization good.............................................................................................40term virus: internal link: symbolically.....................................................................42virus rhetoric -> capitalism.....................................................................................43

1


IMPACT DEFENSE: GENERAL

CYBERTERRORISM IS ALL HYPE – CONSENSUS OF EXPERTS AGREESGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly.

There are many ways terrorists can kill you-computers aren't one of them. AGAIN AND AGAIN SINCE SEPTEMBER 11, President Bush, Vice President Cheney, and senior administration officials have alerted the public not only to the dangers of chemical, biological, and nuclear weapons but also to the further menace of cyberterrorism. "Terrorists can sit at one computer connected to one network and can create worldwide havoc," warned Homeland Security Director Tom Ridge in a representative observation last April. "[They] don't necessarily need a bomb or explosives to cripple a sector of the economy, or shut down a power grid." Even before September 11, Bush was fervently depicting an America imminently in danger of an attack by cyberterrorists, warning during his presidential campaign that `American forces are overused and underfunded precisely when they are confronted by a host of new threats and challenges-the spread of weapons of mass destruction, the rise of cyberterrorism, the proliferation of missile technology.' In other words, the country is confronted not just by the specter of terrorism, but by a menacing new breed of it that is technologically advanced, little understood, and difficult to defend against. Since September 11, these concerns have only multiplied. A survey of 725 cities conducted by the National League of Cities for the anniversary of the attacks shows that cyberterrorism ranks with biological and chemical weapons atop officials' lists of fears. Concern over cyberterrorism is particularly acute in Washington. As is often the case with a new threat, an entire industry has arisen to grapple with its ramifications-think tanks have launched new projects and issued white papers, experts have testified to its dangers before Congress, private companies have hastily deployed security consultants and software designed to protect public and private targets, and the media have trumpeted the threat with such front-page headlines as this one, in The Washington Post last June: "Cyber-Attacks by Al Qaeda Feared, Terrorists at Threshold of Using Internet as Tool of Bloodshed, Experts Say." The federal government has requested $45 billion for infrastructure security next year; the FBI boasts more than 1,000 "cyber investigators"; President Bush and Vice President Cheney keep the issue before the public; and in response to September 11, Bush created the office of "cybersecurity czar" in the White House, naming to this position Richard Clarke, who has done more than anyone to raise awareness, including warning that "if an attack comes today with information warfare... it would be much, much worse than Pearl Harbor." It's no surprise, then, that cyberterrorism now ranks alongside other weapons of mass destruction in the public consciousness. Americans have had a latent fear of catastrophic computer attack ever since a teenage Matthew Broderick hacked into the Pentagon's nuclear weapons system and nearly launched World War III in the 1983 movie WarGames. Judging by official alarums and newspaper headlines, such scenarios are all the more likely in today's wired world. There's just one problem: There is no such thing as cyberterrorism-no instance of anyone ever having been killed by a terrorist (or anyone else) using a computer. Nor is there compelling evidence that al Qaeda or any other terrorist organization has resorted to computers for any sort of serious destructive activity. What's more, outside of a Tom Clancy novel, computer security specialists believe it is virtually impossible to use the Internet to inflict death on a large scale, and many scoff at the notion that terrorists would bother trying. "I don't lie awake at night worrying about cyberattacks ruining my life," says Dorothy Denning, a computer science professor at Georgetown University and one of the country's foremost cybersecurity experts. "Not only does [cyberterrorism] not rank alongside chemical, biological, or nuclear weapons, but it is not anywhere near as serious as other potential physical threats like car bombs or suicide bombers."

2


3


REAL HACKIGN HAVOC IMPOSSIBLE – SIMULATIONS PROVEGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly

But perhaps the best indicator of what is realistic came last July when the US. Naval War College contracted with a research group to simulate a massive attack on the nation's information infrastructure. Government hackers and security analysts gathered in Newport, R.I., for a war game dubbed "Digital Pearl Harbor.' The result? The hackers failed to crash the Internet, though they did cause serious sporadic damage. But, according to a CNet.com, report, officials concluded that terrorists hoping to stage such an attack "would require a syndicate with significant resources, including $200 million, country-- level intelligence and five years of preparation time."

NO CYBERTERROR – EMPIRICALLY Green 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly

Despite all the media alarm about terrorists poised on the verge of cyberattack, intelligence suggests that they're doing no more than emailing and surfing for potential targets. When LTS. troops recovered al Qaeda laptops in Afghanistan, officials were surprised to find its members more technologically adept than previously believed. They discovered structural and engineering software, electronic models of a dam, and information on computerized water systems, nuclear power plants, and US. and European stadiums. But nothing suggested they were planning cyberattacks, only that they were using the Internet to communicate and coordinate physical attacks. "There doesn't seem to be any evidence that the people we know as terrorists like to do cyberterrorism," says Libicki. Indeed, in a July report to the Senate Governmental Affairs Committee detailing the threats detected to critical infrastructure, the General Accounting Office noted "to date none of the traditional terrorist groups such as al Qaeda have used the Internet to launch a known assault on the US.'s infrastructure." It is much easier, and almost certainly much deadlier, to strike the old-fashioned way.

Government computers have been targeted by politically minded hackers, but these attacks are hardly life threatening. They're typified by last October's penetration of a Defense Department Web site dedicated to "Operation Enduring Freedom" and, somewhat incongruously, a Web server operated by the National Oceanic and Atmospheric Association. The organization responsible was called the "al Qaeda Alliance Online" and was comprised of groups with names like GForce Pakistan and the Pakistani Hackerz Club-names that connote a certain adolescent worship of hip-hop that's a clue to the participants' relative lack of menace; none turned out to have actual terrorist ties.

In both cases, the attackers replaced the government sites' home pages with photos and anti-American text-but that's all they did. Robbed of this context, as is usually the case with reports of politically motivated cyberattacks, such manifestations are often presumed to be much more serious terrorist threats than is warranted. "When somebody defaces a Web site, it's roughly equivalent to spray painting something rude on the outside of a building," says James Lewis, director of technology policy at the Center for Strategic and International Studies. "It's really just electronic graffiti."

4


IT’S A MYTH – BEST SOURCES AGREEalt 5 ÖZG 16.2005.3Visiting professor, department, art history and visual studies, DukeAssistant Professor, Architecture, Graduate School of architecture, planning and preservation at Columbia universityViral Load. The Fantastic Rhetorical Power of the Computer Virus in the Post-9/11 Political LandscapeOssterreichische Zeitschrift fur GeschictswissenschafteCaseyalt.com/works/alt_vl.pdfMaster of Fine Arts, UCLa

More strongly, in the March 14, 2003, issue of PC World, Joris Evers reported on the results of an international cyberterrorism panel at the CeBIT technology trade show in Hanover, Germany. Consisting of executives from a number of leading international security software vendors, such as Counterpane Internet Security, RSA Se curity, and Trend Micro as well as security representatives from the European Union and North Atlantic Treaty Organization (NATO), the panel unanimously concluded that » the cyberterrorism threat is overstated (…) and blame(d) the U.S. government, certain IT vendors, and the media for creating cyberterrorism angst«.30 According to Rainer Fahs, Senior Information Security Engineer of NATO’s Air Command & Control Systems Management Agency, »we do not see a terrorist attack on the Internet happening (…) Critical systems don ’ t run on the Internet, they are based on secure networks, we have protected our systems and do not rely on the Internet.« Panelist Arthur Coviello, President and Chief Executive Officer of RSA Security, expressed his opinion that »the U.S. government after September 11 wanted a broader front to attack terrorism and cyberterrorism is part of that«.

NO FACTUAL WARRANTCavelty 8Myriam Dunn Cavelty is Lecturer and Head of the new risks research unit atthe Center for Security Studies (CSS), ETH ZurichCyber-Security and Threat Politics: US efforts to secure the information age

Stories like the semi-fictional dam incident can serve as a metaphor for the contemporary debate about the vulnerability of networked societies to cyberthreats. While governments and the media repeatedly distribute information about cyber-threats, real cyber-attacks resulting in deaths and injuries remain largely the stuff of Hollywood movies or conspiracy theory. Statements such as given by Curt Weldon or Robert Bennett do not take into consideration one of the defining features of cyber-threats: their unsubstantiated nature. In fact, menacing scenarios of major disruptive occurrences in the cyber-domain such as the ones above, triggered by malicious actors, have remained just that – scenarios.

MOUNTING EMPIRICAL DATA DISPROVES BOTH MILITARY AND SOFT TARGET SCENARIOSCavelty 8Myriam Dunn Cavelty is Lecturer and Head of the new risks research unit atthe Center for Security Studies (CSS), ETH ZurichCyber-Security and Threat Politics: US efforts to secure the information age

The point is that all we have seen in the last couple of years suggests that computer network vulnerabilities are an increasingly serious business problem, but that the threat that they represent to national security has been overstated: despite the persuasiveness of the threat scenarios, cyber-threats have clearly not materialised as a ‘real’ national security threat. Moreover, it appears that on the whole, and measured in terms of the amount of total internet traffic, our modern, technology-based societies function exceptionally well, and the technological environment has been surprisingly stable, even though many disruptions with various strengths, be they accidental or intentional results of human agency, occur every day (Westrin 2001: 67–8).

5


IMPACT DEFENSE: MILITARY SYSTEMS

NO MILITARY CYBERTERROR – DOD IS WAY AHEAD FO THE HACKERSGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly.

When ordinary people imagine cyberterrorism, they tend to think along Hollywood plot lines, doomsday scenarios in which terrorists hijack nuclear weapons, airliners, or military computers from halfway around the world. Given the colorful history of federal boondoggles-billion-dollar weapons systems that misfire, $600 toilet seats-that's an understandable concern. But, with few exceptions, it's not one that applies to preparedness for a cyberattack. "The government is miles ahead of the private sector when it comes to cybersecurity," says Michael Cheek, director of intelligence for Defense, a Virginia-based computer security company with government and private-sector clients. "Particularly the most sensitive military systems."

HIGH LEVEL DOD SYSTEMS ARE AIRGAPPED AND CAN’T BE HACKEDGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly.

When it comes to cyberthreats, the Defense Department has been particularly vigilant to protect key systems by isolating them from the Net and even from the Pentagon's internal network. All new software must be submitted to the National Security Agency for security testing. "Terrorists could not gain control of our spacecraft, nuclear weapons, or any other type of high-consequence asset," says Air Force Chief Information Officer John Gilligan. For more than a year, Pentagon CIO John Stenbit has enforced a moratorium on new wireless networks, which are often easy to hack into, as well as common wireless devices such as PDAs, BlackBerrys, and even wireless or infrared copiers and faxes.

USFG’S HACKER-PROOF BECAUSE THEIR SYSTEMS ARE SO FUCKED UPGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly.

But certain tics in the way government agencies procure technology have also-entirely by accident-helped to keep them largely free of hackers. For years, agencies eschewed off-the-shelf products and insisted instead on developing proprietary systems, unique to their branch of government-a particularly savvy form of bureaucratic self-preservation. When, say, the Department of Agriculture succeeded in convincing Congress that it needed a specially designed system, both the agency and the contractor benefited. The software company was assured the agency's long-term business, which became dependent on its product; in turn, bureaucrats developed an expertise with the software that made them difficult to replace. This, of course, fostered colossal inefficiencies-agencies often couldn't communicate with each other, minor companies developed fiefdoms in certain agencies,and if a purveyor went bankrupt, the agency was left with no one to manage its technology. But it did provide a peculiar sort of protection: Outside a select few, no one understood these specific systems well enough to violate them. So in a sense, the famous inability of agencies like the FBI and INS to share information because of incompatible computer systems has yielded the inadvertent benefit of shielding them from attack.

6


IMPACT DEFENSE: NUCLEAR WEAPONS

NO NUCLEAR CYBERTERRORISM – NUKES AREN’T CONNECTED TO THE TUBESGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly.

Serious effort and plain good fortune have combined to bring this about. Take nuclear weapons. The biggest fallacy about their vulnerability, promoted in action thrillers like WarGames, is that they're designed for remote operation. "[The movie] is premised on the assumption that there's a modem bank hanging on the side of the computer that controls the missiles," says Martin Libicki, a defense analyst at the RAND Corporation. "I assure you, there isn't." Rather, nuclear weapons and other sensitive military systems enjoy the most basic form of Internet security: they're "air-gapped," meaning that they're not physically connected to the Internet and are therefore inaccessible to outside hackers. (Nuclear weapons also contain "permissive action links," mechanisms to prevent weapons from being armed without inputting codes carried by the president.) A retired military official was somewhat indignant at the mere suggestion: `As a general principle, we've been looking at this thing for 20 years. What cave have you been living in if you haven't considered this [threat]?"

7


IMPACT DEFENSE: SOFT TARGETS

IMPACT STUPID – IMPACT’S EQUAL TO NORMAL DAILY ERRORConway 8School of Law and GovernmentDublin City University“Media, Fear and the Hyperreal: The Construction of Cyberterrorism as the Ultimate Threat to Critical Infrastructures”

The exaggerated nature of the scenarios imagined by Verton, Arquilla, and others is further highlighted when one considers that blackout, failure, and accident are part of the normal operating environment of networked computer and critical infrastructure systems. It is worth keeping in mind that system failures – widespread water contamination, power failures, chronic flight disruptions, and other cyberterror scenarios – are events that occur routinely and without affecting national security. In a 14 relatively sober analysis that appeared in Jane’s Intelligence Review in 1999, it was observed that: There is undoubtedly a lot of exaggeration in this field. If your system goes down, it is a lot more interesting to say it was the work of a foreign government rather than admit it was due to an American teenage ‘script-kiddy’ tinkering with a badly written CGI script. If the power goes out, people light a candle and wait for it to return, but do not feel terrified. If their mobile phones switch off, society does not instantly feel under attack. If someone cracks a web site and changes the content, terror does not stalk the streets. (Ingles-le Noble 1999) Thus far, cyber-error has proved more frequent and more debilitating than cyberterror. With respect to electrical power, most outages occur due to natural phenomena such as severe weather, as attested, for example, by the impact of 2005’s Hurricane Katrina on New Orleans. Nevertheless, the hitherto purely speculative threat to critical infrastructures from politically motivated and cyber-savvy foes continues to animate far more people than the proven, albeit non-purposeful and even quotidian, destructive capacity of operator error, acts of nature, and similar.

NO SOFT TARGET CYBERTERROR –CAN’T ACCESS KEY SYSTEMS, ONLY WEBSITESGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly.

To illustrate the supposed ease with which our enemies could subvert a dam, The Washington Post's June story on al Qaeda cyberterrorism related an anecdote about a 12-year-old who hacked into the SCADA system at Arizona's Theodore Roosevelt Dam in 1998, and was, the article intimated, within mere keystrokes of unleashing millions of gallons of water upon helpless downstream communities. But a subsequent investigation by the tech-news site CNet.com revealed the tale to be largely apocryphal-the incident occurred in 1994, the hacker was 27, and, most importantly, investigators concluded that he couldn't have gained control of the dam and that no lives or property were ever at risk.

Most hackers break in simply for sport To the extent that these hacks occur, they're mainly Web site defacements, which are a nuisance, but leave the intruder no closer to exploiting the system in any deadly way. Security experts dismiss such hackers as "ankle biters" and roll their eyes at prognostications of doom.

Of course, it's conceivable that a computer-literate terrorist truly intent on wreaking havoc could hack into computers at a dam or power company. But once inside, it would be far more difficult for him to cause significant damage than most people realize. "It's not the difficulty of doing it," says RAND's Libicki. "It's the difficulty of doing it and having any real consequence." "No one explains precisely the how, whys, and wherefores of these apocalyptic scenarios," says George Smith, the editor of Crypt Newsletter, which covers computer security issues. "You always just get the assumption that chemical plants can be made to explode, that the water supply can be polluted-things that are even hard to do physically are suddenly assumed to be elementary because of the prominence of the Internet."

8


NO EXPERTISE – NECESSARY KNOWHOW TOO SPECIALIZEDGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly

Few besides a company's own employees possess the specific technical know-how required to run a specialized SCADA system. The most commonly cited example of SCADA exploitation bears this out. Two years ago, an Australian man used an Internet connection to release a million gallons of raw sewage along Queensland's Sunshine Coast after being turned down for a government job. When police arrested him, they discovered that he'd worked for the company that designed the sewage treatment plants control software. This is true of most serious cybersecurity breaches-they tend to come from insiders. It was Robert Hanssens familiarity with the FBI's computer system that allowed him to exploit it despite its security. In both cases, the perpetrators weren't terrorists but rogue employees with specialized knowledge difficult, if not impossible, for outsiders to acquire-a security concern, but not one attributable to cyberterrorism.

9


DAMAGE CONTROL CHECKSGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly

Terrorists might, in theory, try to recruit insiders. But even if they succeeded, the degree of damage they could cause would still be limited. Most worst-case scenarios (particularly those put forth by government) presuppose that no human beings are keeping watch to intervene if something goes wrong. But especially in the case of electrical power grids, oil and gas utilities, and communications companies, this is simply untrue. Such systems get hit all the time by hurricanes, floods, or tornadoes, and company employees are well rehearsed in handling the fallout. This is equally true when the trouble stems from human action. Two years ago in California, energy companies like Enron and El Paso Corp. conspired to cause power shortages that led to brownouts and blackouts-the same effects cyberterrorists would wreak. As Smith points out, "There were no newspaper reports of people dying as a result of the blackouts. No one lost their mind." The state suffered only minor (if demoralizing) inconvenience.

10


IMPACT DEFENSE: PLANES

AIT TRAFFIC IS CYBERTERROR PROOF – NETWORK SEPERATION, AIRGAPPINGGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly.

The September 11 hijackings led to an outcry that airliners are particularly susceptible to cyberterrorism. Farher this year, for instance, Sen. Charles Schumer (D-N.Y.) described "the absolute havoc and devastation that would result if cyberterrorists suddenly shut down our air traffic control system, with thousands of planes in midflight" In fact, cybersecurity experts give some of their highest marks to the FAA, which reasonably separates its administrative and air traffic control systems and strictly air-gaps the latter. And there's a reason the 9/11 hijackers used box-cutters instead of keyboards: It's impossible to hijack a plane remotely, which eliminates the possibility of a high-tech 9/11 scenario in which planes are used as weapons.

11


IMPACT DEFENSE: CIA INFILTRATION

INTELLGIENCE AGENCIES HAVE SUCCESSFULLY PROTECTED THEMSELVES AGAISNT HACKERSGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly.

Another source of concern is terrorist infiltration of our intelligence agencies. But here, too, the risk is slim. The CIA's classified computers are also air-gapped, as is the FBI's entire computer system. "They've been paranoid about this forever," says libicki, adding that paranoia is a sound governing principle when it comes to cybersecurity. Such concerns are manifesting themselves in broader policy terms as well. One notable characteristic of last year's Quadrennial Defense Review was how strongly it focused on protecting information systems.

12


SOURCE BIAS: THEIR CARDS ARE HYPE

CYBERTERROR IMAPCTS ARE HYPE – N00B FEAR AND PROFIT MOTIVEGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly

Yet Washington hypes cyberterrorism incessantly. "Cyberterrorism and cyberattacks are sexy right now. it's novel, original, it captures people's imagination," says Georgetown's Denning. Indeed, a peculiar sort of oneupmanship has developed when describing the severity of the threat. The most popular term, "electronic Pearl Harbor," was coined in 1991 by an alarmist tech writer named Winn Schwartau to hype a novel. For a while, in the mid-1990s, "electronic Chernobyl" was in vogue. Earlier this year, Sen. Charles Schumer (D-NIA warned of a looming "digital Armageddon." And the Center for Strategic and International Studies, a Washington think tank, has christened its own term, "digital Waterloo."

Why all this brooding over so relatively minor a threat? Ignorance is one reason. Cyberterrorism merges two spheres-terrorism and technology-that most lawmakers and senior administration officials don't fully understand and therefore tend to fear, making them likelier to accede to any measure, if only out of self-preservation. Just as tellingly, many are eager to exploit this ignorance. Numerous technology companies, still reeling from the collapse of the tech bubble, have recast themselves as innovators crucial to national security and boosted their Washington presence in an effort to attract federal dollars. As Ohio State University law professor Peter Swire explained to Mother,7ones, "Many companies that rode the dot-com boom need to find big new sources of income. One is direct sales to the federal government; another is federal mandates. If we have a big federal push for new security spending, that could prop up the sagging market."

13


CYBERTERROR IMPACTS ARE A PRODUCT OF A VICIOUS HYPE CIRCLEConway 8School of Law and GovernmentDublin City University“Media, Fear and the Hyperreal: The Construction of Cyberterrorism as the Ultimate Threat to Critical Infrastructures”

Once Osama bin Laden and al-Qaida had been fingered as the perpetrators of the 11 September 2001 attacks, a steady stream of newspaper articles began to appear suggesting that the latter were now engaged in planing a major cyberterrorist attack. So although there was no evidence available by which to measure al-Qaida’s IT literacy, more and more people came to believe and fear that it was substantial. This resulted in the creation of a hyper-mediated vicious circle: the media dramatized the intelligence estimates, and the politicians in turn picked up media quotes, which they then relayed back in other media fora, and so on. Within a very short time, unsubstantiated fears had transformed into forecasts (Bendrath 2003: 63).

CYBERTERROR FEARS COME FROM BUREAUCRATIC INFIGHTING FOR MONIES – IT’S ALL LEAKSSTOHL 7Department of Communication, University of California, Santa Barbara Crime Law Soc ChangeDOI 10.1007/s10611-007-9061-9Cyber terrorism: a clear and present danger, the sum of all fears, breaking point or patriot games?

The cycles and concerns mirror the types of competition between administrations and their opposition that took place in the 1950s and 1960s with respect to nuclear weapons and the arms race. Both incumbents and challengers sought to demonstrate potential weaknesses and emerging threats and the need therefore to remain vigilant and invest in preventive measures and improved systems. What we find therefore are systematic leaks tied to the budgetary cycles of various states and systematic leaks tied to the election cycle. Governments also engage in the creation of systematic studies and blue ribbon panels, none of which are likely to report that they can guarantee that no threat exists and that it won’t grow larger in the future for fear of looking weak or contributing to a state of unpreparedness (see Barnett [4]). In the cyber terrorism realm, Richard J. Clarke emerged from bureaucratic obscurity and became a media favorite when he resigned from and authored his critique of the Bush administration’s handling of the terrorism threat. Clarke, who had long been acknowledged within Washington as a capable bureaucratic infighter, had for many years regularly referenced the threat of an electronic Pearl Harbor at budget time and kept the issue “boiling” during much of the rest of the year.7

14


1NC SHELL

___ [IF READING HIROSHOMA]

CYBERTERROR APOCALYPSE IMPACTS REJECT PAST HISTORICAL REFERENTS – IT’S HYPERFUTURITY

Hansen and Nissenbaum December 9International Studies Quarterly, v. 53, #4, “ Digital Disaster, Cyber Security and the Copenhagen School”Hansen, associate professor in the department of political science, university of CopenhagenHelen Nissenbaum, professor, NYU, Seniuor Faculty, Information Law Institute

Securitizations always mobilize the specter of the future to some extent, but most nevertheless articulate the past as a legitimating reference that underscores the gravity of the situation. Looking to the Cold War, the logic of nuclear deterrence relied upon projections of a nuclear exchange that had not taken place, yet there were the devastations of Hiroshima and Nagasaki to be used as a yardstick for what nuclear war would imply. Cyber securitizations on the other hand have no similar history of founding incidents to base themselves on but try to conjure historical analogies such as „electronic Pearl Harbors‟ (Bendrath 2003, 50).8 The combination of cascading disasters and the absence of a prior incident of that magnitude creates a crucial ambiguity within cyber security discourse. The extreme reliance on the future and the enormity of the threats claimed at stake makes the discourse susceptible to charges of „exaggeration‟, yet the scale of the potential catastrophe simultaneously raises the stakes attached to ignoring the warnings.9 Turning the absence of prior incidences in the opposite direction, the difficulty of saying that it could not happen also creates a powerful space for the projection of the (im)possible

15


____ THE LANGUAGE AND REPS OF CYBERTERRORISM ARE USED TO ENFORCE A HIERARCHIICALLY MEDIA-DOMINATED CONTROL SOCIETYDebrix 1Strategies, Vol. 14, No. 1, 2001“Cyberterror and Media-Induced Fears: The Production of Emergency Culture” Associate professor, department of international relations, Florida International University

A National Security Agency adviser recently stated that “we need to know what normal behavior” is in cyberspace.42 Determining normal behavior is relevant if “we” (whatever “we” means here) want to protect ourselves from abnormal activities in cyberspace. In short, normal and abnormal digital bodies must be accounted for. Again, taxonomies provide necessary bases of knowledge on the subject matter. Taxonomies facilitate pro.ling, allow experts to detect suspicious cyber behavior, and help deter the deployment of delinquent cyber activities. If counter-cyberterrorism is to be successful, the practice of cyberterrorism must .rst be organized into such categories of information-gathering (and making). If cyberterrorism is to be countered, and its digital casualties are to be minimized, a proper language addressing this speci.c threat must be invented too. The mission of the taxonomists is also to provide such an expert techno-strategic language. By deploying a speci.c language within the bounds of the taxonomy, the threat may be more easily controlled. At least this is one of the expected results of taxonomic organization. The use of taxonomy and technocratic jargon on the part of the cyberterrorproducing media is reminiscent of the type of strategies and rhetorics that were deployed by nuclear defense specialists during the Cold War. In her seminal essay on the role of linguistic metaphors, puns and acronyms in the .eld of nuclear defense strategy, Carol Cohn showed how speci.c uses of language were mobilized to de-dramatize the actual threat.43 Giving deadly weapons pet names, using a rhetoric replete with sexual innuendo and gender stereotyping, allowed the defense analysts to de-realize the threat and treat it as if it were a purely technical matter. Through the production of such rhetorical signs, the nuclear threat had been domesticized. Additionally, this language was pitched at such a level of technocratic abstraction that it became almost impossible for those who employed it to grasp familiar notions such as war, death, or human destruction. To these “real life” situations, abstracted notions such as collateral damage, surgical strike, and countervalue attack had been substituted. War, death and human destruction no longer made sense within such a system. The taxonomy of cyberterrorism and its speci.c language form their own system. For any individual still rooted in the analog world (as opposed to the digital domain), this language creates a system of abstraction. Simply, it is divorced from the real world. But even if we still insist on treating the taxonomy of cyberterrorism as a system of abstraction, we have no choice but to note the opposite of what Cohn appeared to witness with regard to the nuclear strategists. The language of cyberterrorism mobilized by the media and its so-called experts is quite technical for sure. But this technicality, far from de-realizing the threat, makes it possible. It realizes it in the mind/psyche of the public who is subjected to the simulated scenarios and mediations. The taxonomy of cyberterrorism and its technocratic language allow the public to recognize that there is a threat, and that this threat, as presented to them by the media, will surely cause serious casualties within the population. Yet, the public is not supposed to gain mastery over such a highly technocratic language. The public must receive the message from the media, but they are not allowed to speak the language through which the message is spread. It is once again an expert language, a language of knowledge, security and danger. The technocratic jargon and the taxonomy it helps to construct buffer the media from the public. While the language and the taxonomy are deployed by the media and cyberterrorist experts to proliferate the fear about the threat, the media is by the same token in a position of authority vis-a`-vis the ignorant population. The ideological buffer, then, is not between the population and the cyberterrorist warriors, but instead between the media and the population itself. By constructing an unfathomable threat and spreading an ethereal panic, the cyberterrorist media impose themselves as the most omniscient Subject who derives its power from its ability to manipulate the emotions of the populace. This construction of fear is a terrorist mechanism too. The cyberterrorism-producing media terrorize the public by shoving in their face images and discourses that hammer in the presence of an uncertain danger and the need to take desperate emergency measures. Perversely, the media use against the public the same type of cyberterrorist weapons they claim to be condemning: data swarming, information overload, security conspiracies on the Internet … Faced with such a regime of mediatic terror, there is only one thing the population can and is encouraged to do: be afraid, be very afraid.

___ INSERT DEBORD IMAPCTS FROM BURSHTEYN

16


___ ALTERNATIVE – REJECT THEIR APOCALYPTIC CYBERTERROR REPS. THAT’S SUFFICIENT TO REJECT THE AFF BECAUSE WE CAN ENDORSE THE REST OF THEIR ADOVACY. THIS SPECIFIC INSTANCE DEMANDS OUR FRAMEWORK BECAUSE CYBERTERROR IMPACTS ARE COPRODUCTIVE AND INDISTINGUISHABLE FROM POLICYDebrix 1Strategies, Vol. 14, No. 1, 2001“Cyberterror and Media-Induced Fears: The Production of Emergency Culture” Associate professor, department of international relations, Florida International University

What sort of media practices or beliefs make cyberterrorism possible, as an event, and what socioideological reactions are caused by it are what this essay is concerned with. This means, among other things, that the phenomenon of cyberterrorism will not be found to be uniquely worthy of attention, but rather that it needs to be treated as another symptomatic case (yet another syndrome) of the postmodern condition described above by Lyotard and others. In an age when, to paraphrase Lyotard, the status of knowledge becomes altered by an explosion of technologies, 12 uncertainty is the dominant condition. In a generalized context of uncertainty, common anxiety and more or less planned strategies of emergency give rise to social epiphenomena like cyberterror, its at once real and imagined dangers, and its often paranoid

responses. In a context where information becomes knowledge, there is no sure way of distinguishing cyberterrorism from its representations (on TV, in security

literatures, as hypertext on the web). Substance and appearance are fused into one, and the reality of the highlighted social event can be treated as both profound and super.cial. Such a degree of “reality” is what Baudrillard has called simulation, or the discovery of the social and its events as simulacra.13 Our exploration of the cyberterror simulacrum starts where generally the simulation begins: the media.

A recent TV show on the threat of cyberterrorism to the United States as the new millennium approaches mobilizes the theme of common anxiety in an age of uncertainty. It does so to convince audiences of the reality of its sensationalistic message: the next Armageddon is upon us unless we start to organize all our necessary forces to defeat the new forms of information-based terrorism. This program, “Danger on the Internet Highway: Cyberterror” on the Fox News Network (narrated by John Scott, Fall 1999),14 starts by stating some basic platitudes about the imminent possibility of cyberwar: the “cyber frontier is the next venue for war;” cyberwarfare is “taking the Internet to its most lethal level”; the American supremacy in the domain of information technology is also America’s Achilles’ heel. These are clearly some gratuitous warnings that do not aim at explaining anything about cyberwarfare or

cyberterrorism. Their point is to manufacture fear and do so in the ashiest of fashions. In this short program (it does not last more than 15 minutes, including one commercial break), the attention of the American public must be grabbed at all cost. And what can grab the American public better than the revelation of an impending doom coming from one of today’s most familiar and user-friendly household objects: the computer. “Danger on the Internet Highway” thus needs to make the point (convey the fear, that is) sharply and ef.ciently: we must now look at our PC as “a bomb waiting to explode.” Lest you had a doubt about the veracity of this doomsday prophecy, John Scott, the main narrator, comes back to assure you, the viewer, that what you are about to witness “is not science .ction!” To further demonstrate the reality and urgency of the situation, the program’s producers turn to John Arquilla, a US Navy Postgraduate Fellow and one of the most prominent scholars on cyber attacks and counter-cyberterrorism, whom they use as their main reference and authority on the topic.

17


GOVERNMENT REPS SHAPE PERCEPTION

GOVERNMENT REPS OF SPECULATIVE CYBERTERROR IMAPCTS CREATE PUBLIC PANIC AND PARANOIACavelty 8Myriam Dunn Cavelty is Lecturer and Head of the new risks research unit atthe Center for Security Studies (CSS), ETH ZurichCyber-Security and Threat Politics: US efforts to secure the information age

The majority of official publications are not only very vague about the actual level of threat but also more generally have to leave cyberthreats shrouded in a cloud of speculation (Dunn 2007a, 2007b). This is not helped by poor definitions and careless use of terminology by many government officials, which has created a tendency to ‘hype’ the issue with rhetorical dramatisation and alarmist warnings. In an unhealthy symbiosis with the mass media – which repeatedly features sensationalist headlines on the topic – this has led to many writings that are full of words like ‘could’, ‘would’, and ‘maybe’ when describing the threat (Bendrath 2001: 83).

18


CYBERTERROR REPS KEY TO POLICY OUTCOMES

YOUR REPS MATTER - CYBERTERROR IMPACT SCENARIO SPECULATION CRUCIAL TO DETERMINING POLICY Cavelty 8Myriam Dunn Cavelty is Lecturer and Head of the new risks research unit atthe Center for Security Studies (CSS), ETH ZurichCyber-Security and Threat Politics: US efforts to secure the information age

But despite the fact that cyber-threats have not (yet) actually materialised, the ongoing debate creates considerable pressure for decision-makers. Many governments have decided to consider the threat to national security to be serious and consequently, to draft oreven implement a number of steps to counter it (Wenger et al. 2002; Dunn and Wigert 2004; Abele-Wigert and Dunn 2006). The debate on cyber-threats is therefore not only about predicting the future, but also about how to prepare for possible contingencies in the present. As there have been no major destructive attacks on the cyber-level, decisions have to be made based on scenarios and assumptions. The various actors involved – ranging from various government agencies to the technology community – with their at times highly divergent interests compete with each other ‘by means of constructed versions of the future’ (Bendrath 2003: 51). That the concept of national security is shaped by perceptions combining both real and imagined threats is of course nothing new – but, this realisation has become more pronounced with the advent of (new) threats that exhibit the characteristics of risks (Daase et al. 2002; Rasmussen 2001). According to the tenets of risk sociology, risks are indirect, unintended, uncertain, and are by definition situated in the future, since they only materialise as real when they ‘happen’ (van Loon 2002: 2). In the case of cyber-threats, we can observe how such a risk is firmly established, proliferated globally, and maintains a persistent presence on the national security agenda. Furthermore, not only is the issue on the security agenda, but governments actually incur considerable expenditures for countermeasures based on a great deal of uncertainty.

19


REPS FIRST: METHOD

CYBER TERROR THREATS SPECIFICALLY DEMAND DISCURSIVE ANALYSIS INSTEAD OF POSITIVIST SECURITY STUDIES BECAUSE IT’S MADE UPCavelty 8Myriam Dunn Cavelty is Lecturer and Head of the new risks research unit atthe Center for Security Studies (CSS), ETH ZurichCyber-Security and Threat Politics: US efforts to secure the information age

In order to analyse the mechanisms behind (information-age) threat politics, I develop my own

analytical framework in the pages that follow. The elusive and unsubstantiated nature of cyber- threats (and other modern threats for that matter) means that only an approach rooted in the constructivist mindset with a subjective ontology is suitable for the analysis of this issue. While traditional security policy research views threat images as given and measurable and assumes that security policies are responses to an objective increase of threats and risks (Walt 1991), post-positivist approaches focus on how, when, and with what consequences political actors ‘frame’ something – anything – as a security issue, with a strong emphasis on ‘speech acts’, i.e. political language, and the implications this has for political agenda-setting and political relations (Wæver 1995; Buzan et al. 1998; Williams 2003; Reus-Smit 1996). The basis for the framework used in this book is the ‘Copenhagen School’s’ securitisation approach that focuses on the process of bringing an issue from a politicised or even non-politicised stage into the security domain and takes into consideration various factors surrounding the formation of security policy agendas (Wæver 1995; Buzan et al. 1998). The process of securitisation is seen as a socially constructed, contextual speech act (Austin 1962; Searle 1969), meaning that if claims for a special right to use whatever means are necessary to remedy a particular issue are accepted in the political arena, an issue is successfully securitised. This in turn signifies that issues are turned into security matters not necessarily because a real existential threat exists, but because an issue is successfully presented and established by key actors in the political arena as constituting such a threat (Buzan et al. 1998).

20


US REPS MODELLED

US SIGNALS ON CYBERTERROR AND RISK MODELLED GLBOALLYCavelty 8Myriam Dunn Cavelty is Lecturer and Head of the new risks research unit atthe Center for Security Studies (CSS), ETH ZurichCyber-Security and Threat Politics: US efforts to secure the information age

This framework is then used to analyse the construction of cyber-threat frames in the United States in Chapters 3 to 5. The reason for the focus on the United States is mainly twofold: for one thing, the United States has been the dominant actor in identifying ‘new’ threats in general. Furthermore, the United States is the dominant actor in IT issues and ‘has been a “sender” of ideas to other states about how to comprehend IT problems and their solutions’ (Holmgren and Softa 2003: 15). The United States is also the country with the most activity in this domain, which allows me to study the threat politics process and countermeasures in a very detailed manner.

21


REPS OF CYBERTERROR DESTROY ONTOLOGICAL DIFFERENCE [DAVIS MOL

IMPACT]

FEARS OF CYBERTERRORISM JUSTIFY FASCISM – IT’S A RUSE USED TO ENGINEER INDIVIDUAL CONSENT AND OBLITERATE ONTOLOGICAL DIFFERENCEalt 5 ÖZG 16.2005.3Visiting professor, department, art history and visual studies, DukeAssistant Professor, Architecture, Graduate School of architecture, planning and preservation at Columbia universityViral Load. The Fantastic Rhetorical Power of the Computer Virus in the Post-9/11 Political LandscapeOssterreichische Zeitschrift fur GeschictswissenschafteCaseyalt.com/works/alt_vl.pdfMaster of Fine Arts, UCLa

In many ways, the war on cyberterrorism has become the most seductive component of the President’s larger War on Terror in that it actively enlists all patriotic Americans to serve in the effort. »The National Strategy to Secure Cyberspace« splits its »problem« of »threat and vulnerability« into five different levels: (1) the Home User/Small Business, (2) Large Enterprises, (3) Critical Sectors/Infrastructures, (4) National Issues and Vulnerabilities, and (5) Global.36 Within such a hierarchy, the »increasing awareness about cybersecurity« among home and small business users is of vital importance, considering that »home users and small business owners of cyber systems often start with the greatest knowledge gap about cybersecurity«.37 In fact, the issue of home user cybersecurity is of such importance to the defense of the Nation that its responsibility must not be limited only to adults. With this in mind, the Department of Homeland Security has pledged to »partner with the Department of Education and state and local governments to elevate the exposure of cybersecurity issues in primary and secondary schools«.38 As Sarah D. Scalet warned in the title of her October 11, 2001, edition of her biweekly column on computer security, »cyberterrorism is Everyone’s War«.39 Thus, cybersecurity has become the War on Terror’s equivalent to the Cold War proscription that every American family constructs a nuclear fallout shelter in its backyard. Thanks to cybersecurity, the War on Terror has become a war that we can all actively engage in from the comfort of our own homes. From an expanded perspective, the Bush administration’s seemingly unjustifiable »war« on computer viruses and cyberterrorism is completely consistent with its larger crusade against all things ontologically challenging, including cloning, stem cell research, abortion, and same-sex marriage. Even more so than President Nixon’s War on Cancer of over thirty years ago, these more recent battles prey on Americans’ numerous fears of the unfamiliar, the uncontrollable, and the uncertain. They are all intangible »moral« struggles, which inspire jingoistic rhetoric without any possibility for accountability, particularly in the case of computer viruses since there currently is no reliable procedure by which to measure relative success or failure. Not that ability to ascertain progress matters. As long as new computer viruses occasionally get released on the Internet (as they inevitably will) and regardless of whether they originate from a terrorist source (as they most likely will not), the Administration will point to them as evidence of the continued need for the larger War on Terror. Whenever there is a lull in online attacks, the Administration can tout the effectiveness of their current security solutions. Either way, the political result is the same. No other outcome is possible, as they have sealed the issue within a completely closed, infinitely replicating, binary loop – one that is completely identical to the kind of inescapable logical trap a virus would use to bring down a computer system.

22


REPS OF CYBERTERROR -> BAD WOT

GOVERNMENT MANIPULATES CYBERTERROR FEARS TO PASS ITS AGENDAGreen 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly

Yet Washington hypes cyberterrorism incessantly. "Cyberterrorism and cyberattacks are sexy right now. it's novel, original, it captures people's imagination," says Georgetown's Denning. Indeed, a peculiar sort of oneupmanship has developed when describing the severity of the threat. The most popular term, "electronic Pearl Harbor," was coined in 1991 by an alarmist tech writer named Winn Schwartau to hype a novel. For a while, in the mid-1990s, "electronic Chernobyl" was in vogue. Earlier this year, Sen. Charles Schumer (D-NIA warned of a looming "digital Armageddon." And the Center for Strategic and International Studies, a Washington think tank, has christened its own term, "digital Waterloo."

Why all this brooding over so relatively minor a threat? Ignorance is one reason. Cyberterrorism merges two spheres-terrorism and technology-that most lawmakers and senior administration officials don't fully understand and therefore tend to fear, making them likelier to accede to any measure, if only out of self-preservation. Just as tellingly, many are eager to exploit this ignorance. Numerous technology companies, still reeling from the collapse of the tech bubble, have recast themselves as innovators crucial to national security and boosted their Washington presence in an effort to attract federal dollars. As Ohio State University law professor Peter Swire explained to Mother,7ones, "Many companies that rode the dot-com boom need to find big new sources of income. One is direct sales to the federal government; another is federal mandates. If we have a big federal push for new security spending, that could prop up the sagging market."

But lately, a third motive has emerged: Stoking fears of cyberterrorism helps maintain the level of public anxiety about terrorism generally, which in turn makes it easier for the administration to pass its agenda.

23


CYBERTERRORISM FEARS KEY TO MAINTAINING THE WAR ON TERRORConway 8School of Law and GovernmentDublin City University“Media, Fear and the Hyperreal: The Construction of Cyberterrorism as the Ultimate Threat to Critical Infrastructures”

A central element of the post-11 September 2001 efforts to beef up US ‘homeland security’ has been an almost paranoid emphasis on the potentially catastrophic threats posed by

cyberterrorism . A vast array of political, military, business, academic, and media commentators have appeared on television and been quoted in newspapers predicting deadly attacks by terrorists on (and with the help of) the computerized infrastructures that now constitute the critical underpinnings of everyday urban life in the US. This depiction of computerized systems as a super-critical infrastructure and thus the Achilles heel of advanced industrial societies, has been further fuelled by the use of everyday urban infrastructures as both weapons and targets of mass murder in the physical attacks of 2001 (Graham 2004).

IMAGES OF DEMONIC CYBERTERROR JUSTIFY GOVERNMENT CONTROL AND DISCIPLINEO’NEIL 6COl/til/l/l/lIl: JOl/mnl of Medin & CI/ltl/ml 5f1idicsVol. 20. No. 2.~JI/11C 2006. pp. 225-241Mathieu O'Neil is a Senior Research Associate at the Virtual Observatory for the Study of Online Networks (http://voson.anu.edu.au), part of the Centre for Social Research. Research School of Social Sciences, Australian National University. Correspondence to: Mathieu O'Neil, Centre for Social Research. Research School of Social Sciences (Coombs Building. 9), Australian National University, Canberra. ACT 0200, Australia. E-mail: mathieu,[email protected],au

A decade earlier, Denning had already pointed out that the world is crisscrossed by many different information and computer networks that are used to deliver essential services and basic necessities-electric power, water, fuel, food, goods. These networks are all accessible publicly and hence vulnerable to attacks, and yet virtually no attacks or disruptions actually occur (Denning, 1990). If that is the case, what are we to make of these repeated warnings that some terrible disaster may be about to happen, with little in the way of corroboration? The inescapable conclusion is that the threat of cyberterrorist or hacker attacks is grossly exaggerated. The mass media's portrayal of hackers as monsters with incomprehensible motives has been extensively documented by Halbert (1997) and Nissenbaum (2004). Hackers are constructed as deviants, likened to rapists who penetrate defenceless systems, and this process is validated through public trials (such as the prosecution of super-hacker Kevin Mitnick). The demonization of hackers serves several purposes. It represents a means of enforcing social discipline, of defining what is normal behaviour and of legitimizing the government's action (Halbert, 1997, p. 369). This ritual reassertion of the state's essential goodness, as opposed to the evilness of its enemies, is specially useful to justify increases in the resources of security agencies. Bruce Sterling has made an important contribution towards understanding the concerns of private-sector security experts, who, when they perform their job well-and nothing untoward happens to their company-run the risk of appearing completely superfluous; hence the importance of giving the maximum publicity to real or perceived threats. The same 234 M. O'Neil reasoning can be applied to associated law enforcement agencies (Sterling, 1992, p. 19). The terrorist attacks of 11 September have amplified this process to a degree that rivals the imagination of William Gibson. The Cyber Security Enhancement Act, part of the Homeland Security Bill of 2002, called for the creation by the government and the private sector of a huge database to identify terrorist threats, and prescribed life sentences for hackers who 'recklessly' endanger lives. The Act strengthens the restrictions on privacy contained in previous legislation such as the Patriot Act, by requiring Internet Service Providers to hand over user records to law enforcement agencies (Hales, 2002). Critics point to this as a further erosion by the US government of citizens' privacy rights, an earlier example being the FBI's reluctance to allow use of encryption technology which renders communications perfectly secure.

24


25


REPS OF CYBERTERROR -> SECURITIZATION

CYBERTERROR THREAT RHETORIC KEY TO CASCADING ESCALATION OF SECURITY DISCOURSEHansen and Nissenbaum December 9International Studies Quarterly, v. 53, #4, “ Digital Disaster, Cyber Security and the Copenhagen School”Hansen, associate professor in the department of political science, university of CopenhagenHelen Nissenbaum, professor, NYU, Seniuor Faculty, Information Law Institute

Much however has changed since the Copenhagen School made this assessment: cyber security is successfully securitized as evidenced by such institutional developments as the establishment of the Commission on Critical Infrastructure Protection by President Clinton in 1996, the prominent location of cyber security within the Department of Homeland Security, President Bush‟s formulation of The National Strategy to Secure Cyberspace in 2003, and the creation of a NATO backed cyber defense centre in Estonia in 2008. Nor is it plausible to maintain the view of cyber security

as insulated from other sectors of security. Indeed, in Rachel Yould‟s words (2003, 78) „it appears that IT may be the common underlying factor upon which all security sectors are destined to converge .‟ The link to military security is fairly straightforward with digital technologies forming the backbone of the Revolution in Military Affairs (Cavelty 2008; Gray 1997), the securitization of Internet access in countries such as China, Singapore and Myanmar is legitimized through references to national-cultural as well as regime security (Deibert 2002), and the intricate connections between the commercial interests in seamless digital transactions, concerns for privacy protection, and governmental calls for surveillance and data-mining throw up crucial battles between multiple actors speaking on behalf of political, private, societal and corporate security (Saco 1999).

26


CYBERTERROR RISKS UNIQUELY CONTRIBUTE TO SECURITIZATION BECAUSE ITS INTERDISCIPLINARYHansen and Nissenbaum December 9International Studies Quarterly, v. 53, #4, “ Digital Disaster, Cyber Security and the Copenhagen School”Hansen, associate professor in the department of political science, university of CopenhagenHelen Nissenbaum, professor, NYU, Seniuor Faculty, Information Law Institute

The most significant lesson of bringing the Copenhagen School to cyber security may be to foreground

the political and normative implications of „speaking security‟. Cyber securitizations are particularly powerful precisely because they involve a double move out of the political realm : from the politicized to the securitized, and from the political to the technified, and it takes an inter-disciplinary effort to asses the implications of the move, and possibly to counter it. Thus while this paper has spoken primarily to an IR audience, our wider ambition is to create a space for inter-disciplinary discussions across the fields of Computer Science, Political Science, Information Law, Philosophy, Communication, Anthropology, Visual Culture and Science Studies. As the analysis has sought to bring out, cyber security stands at the intersection of multiple disciplines and it is important that both analysis and academic communication is brought to bear upon it. The technical underpinnings of cyber security require for instance that IR scholars acquire some familiarity with the main technical methods and dilemmas and vice versa that computer scientists become more cognizant of the politicized field in which they design and how their decisions might impact the (discursively constituted) trade-offs between security, access, trust, and privacy.

27


CYBERTERROR THREATS PUSH OTHERIZING SECURITY DISCOURSECavelty 7Journal of Information Technology & Politics, Vol. 4(1) 2007 Available online at http://jitp.haworthpress.com 2007 by The Haworth Press. All rights reserved. doi:10.1300/J516v04n01_03 Myriam Dunn Cavelty, PhD, is Head of the New Risks Research Unit, Center for Security Studies (CSS), ETH Zurich, Switzerland; Coordinator of the Crisis and Risk Network (CRN), a Swiss-Swedish Internet and workshop initiative for international dialog on national-level security risks and vulnerabilities; and Lecturer at the University of Zurich and the Swiss Federal Institute of Technology. Dr. Dunn Cavelty holds a degree in political science, modern history, and international law from the University of Zurich. Cyber-Terror– Looming Threat or Phantom Menace?The Framing of the US Cyber-Threat Debate

The information infrastructure, including its physical and cybercomponents, is oftennamedas a concrete target of cyber-terror and, more generally, of cyberthreats. In the agent dimension, a danger has been constructed that emanates from an enemy who is located outside of the US, both in geographical and in moral terms. This picture of a dangerous other reinforces the idea of the nation as a collective self. The use of phrases like our computers or our infrastructures amplifies this effect. The reference object of security is the entire US society. The logical and political implication of this is that defense against cyber-attacks comes under the purview of national security policy.

28


HARAWAY SCENARIO: CYBERTERROR FEAR KILLS THE CYBORG

CYBERTERROR APOCALYPSE DESTROYS THE POLITICAL POSSIBILITIES OF THE BODIES PLAYING WITH NEW TECHNOLOGY AND IDENTITY – FEAR CULTURE SHUTS DOWN NEW UTOPIASDebrix 1Strategies, Vol. 14, No. 1, 2001“Cyberterror and Media-Induced Fears: The Production of Emergency Culture” Associate professor, department of international relations, Florida International University

Ironically, the apocalyptic scenario presented by this simulation of cyberterrorism may protect us from cyberwarfare. I suggest that these types of visual displays prevent the world’s .rst cyberwar from ever taking place, but not at all by getting the public and the government prepared to face such anticipated threats. Indeed, the simulation of cyberterrorism makes sure that the “next Pearl Harbor”16 will not take place by propagating a fear, virtual as it may be, that cannot be matched by reality, should such a threat ever materialize. Being conditioned to such a degree of generalized panic, any real cyberterrorist attack that does not follow the simulated scenario and produce the anticipated amount of casualties will fall short of being worthy of people’s attention and worry.17 To use one of Jean Baudrillard’s favorite lines, the next Pearl Harbor will not take place because it has already happened several times over. The most traumatic scenarios have already been visualized (and the program on Fox News does a good job at making the threat a visual/virtual reality), and any potential hacker’s attack is then likely to miss the mark. This is not to suggest that the public is desensitized by such apocalyptic shows. On the contrary, over-sensitization is what is going on here. Over-sensitization turns panic into a “normal” condition of “being” in an age of complete uncertainty, and requires that increasingly heightened and novel sources of fear be found, be they virtual or actual. This is exactly what happened in Ballard’s short story. Having anticipated so much the advent of World War III (a nuclear holocaust) during the Cold War, even before it could actually take place in reality, the public became totally immune to its occurrence and failed to notice it. World War III no longer made any difference in people’s lives, as a new cathectic source of common anxiety, the President’s health, had been made available. As an outcome of the media’s work, today’s fears will become tomorrow’s non-events, even when those fears are the product of current simulations about realities that have yet to come. Apocalyptic simulations and media-produced images of fear make cyberterrorism a virtual reality of the present and an unreal threat of the future. This is the people’s buffer though. Ironically, this TV-induced fear of cyberterrorism is perhaps the best deterrent against the traumatic reality of such an event. For people, cyberterrorism matters now because it is today’s common anxiety. Short of exactly replicating the simulated script and, preferably, surpassing it, cyberterrorism will not be a valid real threat tomorrow as the sense of generalized panic will have moved on. Thus, perversely perhaps, panic shows and apocalyptic scenarios of this kind are our best insurance policy against the cyber dangers of the future. But what gets lost, in the meantime, is precisely this: the meantime. The present moment and those who care to live (in) it are swallowed up by discourses of fear, destructive prophecies, and endless states of emergency. As reality gives way to virtuality in order to better prepare for an uneventful future, life in the present tense is erased. Bodies and technologies in the present can no longer freely interplay. Instead, when bodies turn to the media today, it is always with the ever-present (hence, always potentially future) notion that danger is around the corner, that their PC may explode at any moment. The cyberlife of individuals online is immanently at risk. Fear society breeds paranoid mentalities and defensive postures on the part of its members. Nowhere is this phenomenon more visible than in the latest cyberterrorism counter-strategy literatures.

Cultural critic Peter Lamborn Wilson once made a distinction between “real war” and “hyperreal war” (which for him denotes information warfare as well). “Real war is compulsory and hierarchic,” he wrote. By contrast, “hyperreal war is imagistic and psychologically interiorized.”18 Lamborn Wilson continues: “In [real war] the body is sacri.ced; in [hyperreal war], the body has disappeared.”19 What Lamborn Wilson expresses here is a sentiment akin to my concern for the erasure of present time (and the human body in present time) in hyperreal depictions of the next cyberterrorist apocalypse. Unlike luddites, naturalists, New Agists, some orthodox Marxists, or others who have sought to reject technologization for what it does to the human body, Lamborn Wilson (and I to a lesser extent) suggest that the problem is not with information technologies. The problem lies rather in the way those technologies, and the uncertainty their novelty often provokes, are used by the media to provide images of uncontrollable power and unfathomable destruction. To be blunt, the problem is not with the technologies but with the media that manufacture a simulated universe replete with information traumas and dramas. To quote Lamborn Wilson again, “the excessive mediation of the social, which is carried out through the machinery of the media, increases the intensity of our alienation from the body by .xating the ow of attention on information rather than direct experience.”20

29


TECHNOPHOBIA BAD

CYBERTERROR FEAR CAUSES BROADER TECHNOPHOBIAConway 8School of Law and GovernmentDublin City University“Media, Fear and the Hyperreal: The Construction of Cyberterrorism as the Ultimate Threat to Critical Infrastructures”

Frequently, it is our basic perceptions that determine how we conceive of an issue, which is filtered through our prism of preconceived notions. A large amount of social psychological research has found that the uncertain and the unknown generally produce fear and anxiety. This is the psychological basis of the classic ghost story: the fear is greatest when you suspect something, but you’re not certain what it is (Eriksson and Noreen 2002: 8). The term ‘cyberterrorism’ unites two significant modern fears: fear of technology and fear of terrorism. Both of these fears are evidenced in this quote from Walter Laqueur, one of the most well known scholars of terrorism: ‘The electronic age has now made cyberterrorism possible. A onetime mainstay of science fiction, the doomsday machine, looms as a real danger. The conjunction of technology and terrorism make for an uncertain and frightening future’ (Laqueur 1999: 254). As significant uncertainties or unknowns, therefore, both technology and terrorism are perceived as more ominous than known threats (Embar-Seddon 2002: 1034). Fear of terrorism, conceived of as random, incomprehensible, and uncontrollable violence, may strike one as relatively ‘normal’; fear of technology perhaps less so. However, as Mark Pollitt points out, for those unfamiliar with high technology, it is arcane, complex, abstract, and indirect in its impact on individuals. Many people are therefore fearful that technology will become the master and humankind the servant. Couple this relatively new fear with the age-old fears associated with apparently random violence and the result is a truly heightened state of alarm. Pollitt contends that the media have further upped the ante by hyping the concept of convergence (1991: 8): the idea that all of the functions controlled by individual computers will 8 connect to form a singular system such that, eventually, our entire existence will be managed by an all-powerful, but uncontrollable, network (see also Sandwell 2006: 47). The convergence represented by the reliance on uninterrupted systems of electrically powered computer networks to support all other infrastructures makes attacks on the electrical power grid, one of the key critical infrastructures of society, appear particularly fearsome. The result is that many people now feel themselves to be ‘hostages to electricity’ (as quoted in Graham 2004: 8). These feelings are reinforced by the prevalence of so-called ‘shut-down-the-power-grid scenarios’ in the mass media.

30


CYBERTERROR REPS -> TECHNOCRACY: [A/T “CEDES THE POLITICAL”/HABERMAS]

FEAR OF CYBERTERRORISM JUSTIFIES HANDING CONTROL OVER TO THE TECHNICAL ELITEHansen and Nissenbaum December 9International Studies Quarterly, v. 53, #4, “ Digital Disaster, Cyber Security and the Copenhagen School”Hansen, associate professor in the department of political science, university of CopenhagenHelen Nissenbaum, professor, NYU, Seniuor Faculty, Information Law Institute

The strong emphasis on the hypothetical in cyber securitizations create a particular space for technical, expert discourse. As Nissenbaum (2005, 72) points out, the knowledge required to master the field of computer security is daunting and often not available to the broader public, including Security Studies scholars. The breathtaking pace at which new technologies and hence methods of attacks are introduced (Denning 1999, xvi) further adds to the legitimacy granted to experts and the epistemic authority which computer and information scientists hold allow them the privileged role as those who have the authority to speak about the unknown. In the case of cyber security, experts have been capable of defying Huysmans‟ (2006, 9) description of the invisible role of security experts as they have transcended their specific scientific locations to speak to the broader public in a move that is both facilitated by and works to support cyber securitizations claimed by politicians and the media. As in most academic fields, computer scientists have disagreed on the likelihood of different forms of attacks, and since the field is also cloaked in military or business secrecy, the „normal‟ follower of these debates learns that „that much is withheld or simply not known, and estimates of damage strategically either wildly exaggerated or understated‟ (Nissenbaum 2005, 72). These fluctuations also facilitate a coupling of radical threats with techno-utopian solutions.12 The National Strategy for instance couples a series of securitizations with an exuberant faith in the development of „highly secure, trust-worthy, and resilient computer systems. In the future, working with a computer, the Internet, or any other cyber system may become as dependable as turning on the lights or the water‟ (The National Strategy 2003, 35). Leaving aside that for the majority of the world‟s poor, and even for the impoverished American, turning on the light or water may not be entirely dependable this echoes a technological utopianism that sidesteps the systemic, inherent ontological insecurity that computer scientists consistently emphasize. It also invokes an inherent tension between disaster and utopia as the future of cyber security.

31


DEMON HACKER IMAGES DISTRACT US FROM TECHNOCRACY BY MAKING TECHNOLOGY SEEM ACCESSIBLE TO THE MASSESO’NEIL 6COl/til/l/l/lIl: JOl/mnl of Medin & CI/ltl/ml 5f1idicsVol. 20. No. 2.~JI/11C 2006. pp. 225-241Mathieu O'Neil is a Senior Research Associate at the Virtual Observatory for the Study of Online Networks (http://voson.anu.edu.au), part of the Centre for Social Research. Research School of Social Sciences, Australian National University. Correspondence to: Mathieu O'Neil, Centre for Social Research. Research School of Social Sciences (Coombs Building. 9), Australian National University, Canberra. ACT 0200, Australia. E-mail: mathieu,[email protected],au

After all, when confronted with electronic failure, a problem so beyond our power to resolve that it appears almost fantastic, we become as helpless as a child with a broken toy. The increased autonomy promised to us by an alternative general intellect, which would not obey the rules of a repressive market economy, must necessarily be qualified by this limit, which extends from a simple practical frustration (the impossibility of repairing an appliance) to the myriad complexities of the contemporary technological system, which can only be run by hyper-specialized technicians and technocrats. Indeed, despite the immense quantity of technical knowledge available in our society, to a far greater degree than our ancestors, we lack technical know-how. The 'rebellion' of rogue computer programmers, in addition to its structural role as both foil and aide to capital and the state, also performs the social function of distracting us from technological alienation and technocratic control. Hackers, who dispose at will of their own miniature software-building factories, may offer a symbolic compensation to our feeling of inferiority towards technology: the notion that some of us are able to modify and disrupt our corporate-produced technological environment, rather than be passively submerged in it.

32


WORD “CYBER-TERRORISM” SUCKS: POLICY FAILURE

THE WORD CYBERTERRORISM IS VAGUE AND MEANINGLESSCavelty 7Journal of Information Technology & Politics, Vol. 4(1) 2007 Available online at http://jitp.haworthpress.com 2007 by The Haworth Press. All rights reserved. doi:10.1300/J516v04n01_03 Myriam Dunn Cavelty, PhD, is Head of the New Risks Research Unit, Center for Security Studies (CSS), ETH Zurich, Switzerland; Coordinator of the Crisis and Risk Network (CRN), a Swiss-Swedish Internet and workshop initiative for international dialog on national-level security risks and vulnerabilities; and Lecturer at the University of Zurich and the Swiss Federal Institute of Technology. Dr. Dunn Cavelty holds a degree in political science, modern history, and international law from the University of Zurich. Cyber-Terror– Looming Threat or Phantom Menace?The Framing of the US Cyber-Threat Debate

As the end of theCold War by and large coincided with the beginnings of the information revolution, this technological development– which is about a special set of technologies, often subsumed under the heading of information and communication technologies (ICT) (Alberts, Papp, & Kemp, 1997)–had a considerable impact on the perception and shaping of newthreats. Next to the vast opportunities of an ICT-dominated age in terms of economic development and democratization (Dutton, 1999; Loader, 1997; Thornton, 2001) worries about the security or rather the insecurity of digital networks were of major concern from the beginning. While extensively discussed on the technical level under the heading of IT-security, the information revolution was early on perceived to have a number of negative implications for national security (Abele- Wigert & Dunn, 2006; Dunn&Wigert, 2004; Hundley& Anderson, 1997). It has become common in the information ageto coinnewtermsbysimplyplacing the prefixes cyber, computer, or information before another word. Thus, an entire arsenal of expressions– among them cyber-crime, information warfare,andcyber-terrorism–hasbeencreated. Due to the newness of the topic and the sensationalist nature of the discourse on it, there have been few semantic walls erected around the relevant concepts in the information security taxonomy, with the result that these terms have so many meanings and nuances that the words quickly become confusing or lose their meaning altogether(Dunn,2007;Fisher, 2001).3The term cyber-threats, for example, denotes a rather Myriam Dunn Cavelty 21 vague notion signifying the malicious use of information and communication technologies either as a target or as a weapon. Cyber-terrorism is one clear case of a cyber-threat. As the issue of cyber-terrorismhasgrownin popularityover the years, it has also acquired a range of meanings, depending on the context in which it is used. The term cyber-terrorism was allegedly coined in the 1980s by Barry Collin, a senior research fellow at the Institute for Security and Intelligence in California, as a hybrid term that encompasses the concepts of cybernetics and terrorism (Collin, 1997; Conway, 2002). In subsequent years, the term cybernetics was replaced by the term cyberspace, so that the concept is now composed of two elements: cyberspace and terrorism.As both concepts are notoriously difficult to define, cyber-terror itself was and still is a very elusive and poorly-defined concept.

33


THIS INDETERMINACY CAUSES POLICY FAILURECavelty 7Journal of Information Technology & Politics, Vol. 4(1) 2007 Available online at http://jitp.haworthpress.com 2007 by The Haworth Press. All rights reserved. doi:10.1300/J516v04n01_03 Myriam Dunn Cavelty, PhD, is Head of the New Risks Research Unit, Center for Security Studies (CSS), ETH Zurich, Switzerland; Coordinator of the Crisis and Risk Network (CRN), a Swiss-Swedish Internet and workshop initiative for international dialog on national-level security risks and vulnerabilities; and Lecturer at the University of Zurich and the Swiss Federal Institute of Technology. Dr. Dunn Cavelty holds a degree in political science, modern history, and international law from the University of Zurich. Cyber-Terror– Looming Threat or Phantom Menace?The Framing of the US Cyber-Threat Debate

The distinct image of the cyber-terrorist also appears during these years. First mentioned in a public hearing in 1998, cyber-terror quickly became one of the catchphrases of the debate. Poor definitions and careless use of terminology by many government officials is a major obstacle for meaningful discussion of the cyber-terror issue. A statement of President Bill Clinton, who was very influential in shaping the perception of the issue, can serve as an example of this semantic ambiguity. In his foreign policy farewell lecture at the University of Nebraska at Kearney in December 2000, he identified the need to pay attention to new security challenges like cyber-terrorism, and said: Myriam Dunn Cavelty 25 One of the biggest threats to the future is going to be cyberterrorism–people fooling with your computer networks, trying to shut down your phones, erase bank records, mess up airline schedules, do things to interrupt the fabric of life. (Bowman, 2000, para. 7) Both the PDD 62 and 63 and the National Plan follow the PCCIP’s reasoning and cement the winning and dominant threat frame. After that date, all the threat frames that areemployed in public hearings and other documents resemble the PCCIP’s threat frame. In the report, it is stressed that dependence on the information and communications infrastructure have created new cyber-vulnerabilities (PCCIP, 1997, p. 5) and that potential adversaries include a very broad range of actors–“from recreational hackers to terrorists to national teams of information warfare specialists” (ibid., p. 15). This very broad and indeterminate framing of the threat subject is one of the hallmarks of the cyber-threat frame.

34


ALTERNATIVE SOLVES: DESECURITIZATION

DESECURITIZATION OF CYBER DISCOURSE IS THE BEST ANTIDOTE TO TECHNIFICATIONHansen and Nissenbaum December 9International Studies Quarterly, v. 53, #4, “ Digital Disaster, Cyber Security and the Copenhagen School”Hansen, associate professor in the department of political science, university of CopenhagenHelen Nissenbaum, professor, NYU, Seniuor Faculty, Information Law Institute

The privileged role allocated to computer and information scientists within cyber security discourse is in part a product of the logic of securitization itself: if cyber security is so crucial it should not be left to amateurs. Computer scientists and engineers are however not only experts, but technical ones and to constitute cyber security as their domain is to technify cyber security. Technifications are, as securitizations, speech acts that „do something‟ rather Final draft: Forthcoming in International Studies Quarterly, December 2009 13 than merely describe and they construct an issue as reliant upon technical, expert knowledge, but they also simultaneously presuppose a politically and normatively neutral agenda that technology serves. The mobilization of technification within a logic of securitization is thus one that allows for a particular constitution of epistemic authority and political legitimacy (Huysmans 2006, 6-9). It constructs the technical as a domain requiring an expertise that the public (and most politicians) do not have and this in turn allows „experts‟ to become securitizing actors while distinguishing themselves from the „politicking‟ of politicians and other „political‟ actors. Cyber security discourse‟s simultaneous securitization and technification work to prevent it from being politicized in that it is precisely through rational, technical discourse that securitization may „hide‟ its own political roots The technical and the securitized should therefore not be seen as opposed realms or disjunct discursive modalities, but as deployable in complex, interlocking ways; not least by those securitizing actors who seek to depoliticize their discourses‟ threat and enemy constructions through linkages to „neutral‟ technologies. A securitization by contrast inevitably draws public attention to what is done in the name of security and this provides a more direct point of critical engagement for those wishing to challenge these practices than if these were constituted as technical. The Copenhagen School has stated desecuritization, the movement of an issue out of the realm of security and into the realm of the politicized as „the optimal long-range option, since it means not to have issues phrased as “threats against which we have countermeasures” but to move them out of this threat-defense sequence and into the ordinary public sphere‟ (Buzan, Wæver and de Wilde 1998, 29).

35


AT FEAR OF TERROR GOOD!!

LINK TURN – CHICKEN LITTLE – CYBERTERROR FEAR SPECIFICALLY CREATES CYNICISM ABOUT THE REAL TERRORISM. Green 2The Washington Monthly. Washington: Nov 2002. Vol. 34, Iss. 11; pg. 8, 6 pgsJOSHUA GREEN is an editor of the Washington Monthly

The danger of hyping a threat like cyberterrorism is that once the exaggeration becomes clear, the public will grow cynical toward warnings about real threats. The Chicken Little approach might be excusable were the Bush administration hyping cyberterrorism in order to build political momentum for dealing with the true problem posed by hackers and shoddy software. There is a precedent for this sort of thing. In the midst of all the anxiety about the Y2K bug, the federal government and the SEC came up with a novel way to ensure that private companies were ready: They required businesses to disclose their preparations to shareholders, setting goals and letting market forces do the rest.

There were high hopes, then, for the Bush administration's National Strategy to Secure Cyberspace-the culmination of a year's effort to address the country's post-9/11 cybersecurity problems. Clarke's team circulated early drafts that contained what most experts considered to be solid measures for shoring up security in government, business, and home computers. But the business community got word that the plan contained tough (read: potentially costly) prescriptions, and petitioned the White House, which gutted them. When a draft of the plan was rolled out in mid-September, Bill Conner, president of the computer security firm Entrust, told The Washington Post, "It looks as though a PhD. wrote the government items, but it reads like someone a year out of grade school wrote the rest of the plan."

It's hard to imagine a worse outcome for all involved, even private industry. By knuckling under to the business community's anti-regulatory impulses, Bush produced a weak plan that ultimately leaves the problem of cybersecurity to persist. It proposes no regulations, no legislation, and stops well short of even the Y2K approach, prompting most security experts to dismiss it out of hand. What it does do instead is continue the stream of officially sanctioned scaremongering about cyberattack, much to the delight of software companies. IT security remains one of the few bright spots in the depressed tech market and thus that important sector of the market is perfectly satisfied with the status quo. But as the Nimda virus proved, even companies that pay for security software (and oppose government standards) don't realize just how poorly it protects them. So in effect, the Bush administration has created the conditions for what amounts to war profiteering-frightening businesses into investing in security, but refusing to force the changes necessary to make software safe and effective.

The way the Bush White House has exaggerated the likelihood of cyberterrorism is familiar to anyone who's followed its style of government. This is an administration that will frequently proclaim a threat (the Saddam/al Qaeda connection, for instance) in order to forward its broader agenda, only to move on nonchalantly when evidence proves elusive or nonexistent. But in this case, by moving on, Bush leaves unaddressed something that really is a problem-just not one that suits the administration's interests. Forced to choose between increasing security and pleasing his business base, the president has chosen the latter. Hyping a threat that doesn't exist while shrinking from one that does is no way to protect the country.

36


CYBERTERROR HYPE DESTROYS OUR COUNTERTERRORISM STRATEGY BY MISDISTRIBUTING: SEPTEMBER 11TH PROVES Conway 8School of Law and GovernmentDublin City University“Media, Fear and the Hyperreal: The Construction of Cyberterrorism as the Ultimate Threat to Critical Infrastructures”

Finally, what were some of the effects of the cyberterror threat image as constructed in the US media and described in the foregoing? While so-called ‘cyberpanics’ may have imaginary origins, they can also have very real consequences (Sandwell 2006: 46). The risk of a massive conventional terrorist attack on the US was emphasized by a small number of academics and others before the events of 11 September 2001, but was dismissed by the media (see Nacos 2002: 1f.), which chose to focus on cyberterrorism instead. Key decision-makers were therefore much more attuned to the latter threat than the former. Marcus Sachs,14 who served in the White House Office of Cyberspace Security and was a staff member of the President’s Critical Infrastructure Protection Board, had this to say in 2003 about the convergence of policymakers’ fear of technology with their fear of terrorism: We were very shocked in the federal government that the attack didn’t come from cyberspace […] Based on what we knew at the time, the most likely scenario was an attack from cyberspace, not airliners slamming into 27 buildings […] We had spent a lot of time preparing for a cyber attack, not a physical attack. (Poulsen 2003) People’s sense of what issues are of political relevance is always an ongoing process, which requires an emphasis on how threat images are discursively constructed, maintained, and altered. This points to why particular emphasis needs to be placed upon the processes whereby (national) security issues communicatively emerge, and the central role of the media in such emergences. The political communication/threat image environment shapes both the information available and the ways in which not just ordinary people, but also political elites, use it in thinking about politics and national security. Demonstrating the effects of the media’s influence on publics and decision-makers is always difficult due to the indirect and complex dynamics involved; clearly, however, the US media has been highly successful in ‘speaking’ cyberterrorism into existence. Their reliance on ‘(hyper-)reality-producing dramas’ (Debrix 2001: 153), Pearl Harbor analogies, comparisons of the effects of cyberterrorism with those of WMD, portrayal of hackers as a menace to national security, and general widening of the concept of cyberterrorism, in conjunction with the policy window opened by the events of 11 September 2001 and, consequently, the ability to cast Osama bin Laden and al-Qaida as certain future cyberterrorists has resulted in the hyping of an (imagined) fatal connection between virtual networks and critical infrastructures that, to date, has very little real form or substance.

37


A/T SECURITIZATION GOOD:

CYBER-WAR SCENARIOS ARE SPECIAL HYPERSECURIZATION – EVEN IF THEY’RE OFTNE GOOD, THEY’RE INSANE IN THIS INSTANCE.Hansen and Nissenbaum December 9International Studies Quarterly, v. 53, #4, “ Digital Disaster, Cyber Security and the Copenhagen School”Hansen, associate professor in the department of political science, university of CopenhagenHelen Nissenbaum, professor, NYU, Seniuor Faculty, Information Law Institute

Thus we suggest to drop the „exaggerated‟ from the definition of hypersecuritization and to apply it to the cyber sector to identify the striking manner in which cyber security discourse hinges on multi-dimensional cyber disaster scenarios that pack a long list of severe threats into a monumental cascading sequence and the fact that neither of these scenarios has so far taken place.All securitizations do of course have an element of the hypothetical in that they constitute threats that must be countered, and thus mobilize an „if-then‟ logic, but what distinguishes hypersecuritizations from „mere‟ securitization is their instantaneity and inter-locking effects (Denning 1999, xiii; The National Strategy 2003, 29). This combination draws critically from the securitization of the network (Deibert 2002), yet the power of hypersecuritization stems not only from a securitization of the network itself, but from how a damaged network would cause societal, financial, and military break-down hence bringing in all other referent objects and sectors.

38


39


A/T SECURITIZATION GOOD

CYBERTERROR’S A FAILED SECURITIZATION – THE MILTIARY CAN’T DO ANYTHING GOOD ABOUT ITCavelty 7Journal of Information Technology & Politics, Vol. 4(1) 2007 Available online at http://jitp.haworthpress.com 2007 by The Haworth Press. All rights reserved. doi:10.1300/J516v04n01_03 Myriam Dunn Cavelty, PhD, is Head of the New Risks Research Unit, Center for Security Studies (CSS), ETH Zurich, Switzerland; Coordinator of the Crisis and Risk Network (CRN), a Swiss-Swedish Internet and workshop initiative for international dialog on national-level security risks and vulnerabilities; and Lecturer at the University of Zurich and the Swiss Federal Institute of Technology. Dr. Dunn Cavelty holds a degree in political science, modern history, and international law from the University of Zurich. Cyber-Terror– Looming Threat or Phantom Menace?The Framing of the US Cyber-Threat Debate

Nonetheless, even though the issue of cyber-threat is clearly linked to national security on a rhetorical level, there are, in general, Myriam Dunn Cavelty 29 no exceptional measures envisaged that would traditionally fall under the purview of national security apparatus. Therefore, the cyberthreats debate is an example of a failed securitization (cf. Bendrath, 2001). If we turn once again to securitization theory, the criterion given by securitization theory is that issues become securitized when they are taken out of the “normal bounds of political procedure,” which in turn amounts to a call for exceptional measures (Buzan, Wæver&Wilde, 1998, p. 24). In addition, securitization moves are only successful if an audience accepts the security argument (ibid., p. 25). A study of cyber-threat frames offer a possible interpretation of this: Even though the diagnostic part of current cyber-threat frames establishes a forceful link to national security, the prognostic part does not. And apparently, the prognostic part, which is about offering solutions, and proposing specific strategies, tactics, and objectives by which these solutions may be achieved, is more important, as it is, ultimately, about real consequences.

40


41


TERM VIRUS: INTERNAL LINK: SYMBOLICALLY

COMPUTER VIRUS RHETORIC KEY TO ALL POST-9/11 SECURITY PARADIGMalt 5 ÖZG 16.2005.3Visiting professor, department, art history and visual studies, DukeAssistant Professor, Architecture, Graduate School of architecture, planning and preservation at Columbia universityViral Load. The Fantastic Rhetorical Power of the Computer Virus in the Post-9/11 Political LandscapeOssterreichische Zeitschrift fur GeschictswissenschafteCaseyalt.com/works/alt_vl.pdfMaster of Fine Arts, UCLA

Given this overwhelming miasma of ontological and historical dead-ends, one might assume that the nearly absolute ambiguity surrounding the concept of computer viruses is an indication of its lack of cultural importance. However, such a conclusion would be the exact opposite of what has occurred over the past decade. As I will argue throughout the remainder of this paper, it is precisely such ontological instability and historical invisibility that have elevated computer viruses to one of the most powerful rhetorical forces subtending the post-9/11 American political landscape. Indeed, one might even go so far as to claim that the best way to frame the current American condition is by tracing the ubiquitous lacunae of the slippery and polymorphous computer virus.

42


VIRUS RHETORIC -> CAPITALISM

FEARS OF COMPUTER VIRUS CRUCIAL TO MAINTAING GLOBAL CAPITALISM – LINCHPIN TO INFOECONOMY’S CRISIS CAPITALISMalt 5 ÖZG 16.2005.3Visiting professor, department, art history and visual studies, DukeAssistant Professor, Architecture, Graduate School of architecture, planning and preservation at Columbia universityViral Load. The Fantastic Rhetorical Power of the Computer Virus in the Post-9/11 Political LandscapeOssterreichische Zeitschrift fur GeschictswissenschafteCaseyalt.com/works/alt_vl.pdfMaster of Fine Arts, UCLa

Most economic assessments of computer virus activities focus on the threat that such malicious entities pose to an idealized representation of the global information economy. Within such a system of »friction-free capitalism«, as described by Bill Gates in his 1996 book The Road Ahead, any undesirable blockage to the efficient flow of informational goods and services is registered as an implicit loss to producers and consumers everywhere. In his recent article entitled »Digital Monsters, Binary Aliens – Computer Viruses, Capitalism and the Flow of Information«, Jussi Parikka delivers a brilliant analysis that debunks such utopian visions of the contemporary information economy by demonstrating that system vulnerabilities and computer viruses do not detract from the efficient flow of a capitalist information economy but are actually a necessary components of the information economy’s own »viral« logic: However, at the same time as the virus has been articulated as a problem of information capitalism, it has also been captured as a part of that same machinery. Anti-virus software became a lucrative business (…) (V)iruses and worms are not simple anomalies or »enemies« of digital capitalism, but an integral part of it. Hence, capitalism is viral in itself, meaning that its essence lies exactly in its capability of infecting the outside in order to replicate itself. There is no absolute Other for the capitalist logic of expansion. What is crucial is the understanding of this constant double articulation of the virus as a threat and an integral part of the contemporary society. The seemingly contradictory themes of the virus as the threat and the essence of capitalism are, in fact, intertwined and operate in sync. The ideas of risk control, safety measures and the construction of the responsible user are thus to be read as integral elements of viral capitalism: with these elements, or discourses, the fear of computer viruses has been turned into a part of the flows of consumer capitalism, products and practices that »buy off« anxiety.13 Parikka’s argument of the »constant double articulation of the virus as a threat and an integral part of the contemporary society« is extremely valuable and accurate, perhaps even more so than he realizes. Parikka points primarily to the proposed viral menace as being incorporated into a larger capitalist information economy via the lucrative antivirus software business; however, one could elaborate on Parikka’s assertion by suggesting that precisely what is wrong with Gates’ vision of the »friction- free economy« is its representation as a steady-state condition in which no progress can be made or measured. The threat of breaks and stoppages of the system ÖZG 16.2005.3 139 must always exist since they are what cause the system to flow in the first place. Thus, I would push Parikka’s case further by claiming that the computer virus industry has not only become an integral component of the global information economy, it has become one of the primary drivers of it.

43

Reps of Cyberterror Bad - Gds

Documents

Transcript of Reps of Cyberterror Bad - Gds