Author: Mal Clay
Cybersecurity has long been recognized by the defense establishment as a problem with mid- or long-term ramifications. With the infiltration of the New York Times by Chinese-based hackers, the hack of Facebook last week and the release of President Obama’s Executive Order “Improving the Security of the Nation’s Critical Infrastructure” cyber security issues are at last in the spotlight as an immediate concern.
Obama’s national cybersecurity strategy has two chief goals: to “improve our resilience to cyber incidents and reduce the cyber threat.” In the interest of achieving this the current system is divided into civilian homeland defense and military organizations. The Air Force is preparing to hire 1000 new personnel by 2016 to strengthen cyber capabilities. 80 percent will be hired from the military, and 20 percent as civilians.
Though understandable for sensitivity concerns with respect to military applications, the lag associated with this institutional approach is considerable. Our current policy ignores the potential represented by our labor supply in of existing, highly talent hackers.
When we lacked a navy during our revolution we hired privateers to challenge British naval superiority. In the wake of World War II, instead of prosecuting Nazi rocket scientists, we hired them in order to beat the Soviets in the space race. In today’s day and age we must be willing to increase our capabilities via hiring of hackers who may or may not have criminal records.
We have to embrace hacker culture – at least in hiring – for two key reasons. One, other nations such as China and Russia are already hosting hacking tournaments and challenges to discover, develop, and direct the efforts of national hackers.
Second, these hackers enjoy the problem solving and take great pride in their work. They will be using their skills regardless of who becomes their employers. The U.S. government would do well to be that employer.
Without direction from the government, hackers with causes – known as “hacktivists” – have already played a crucial role in providing democracy activists in Iran with tools to preserve and protect safe connections to the Internet. They were also crucial in providing online back-ways in the aftermath of the complete shut down by Mubarak in Egypt two years ago.
Though uncontrolled, the efforts of these talented grey hats – hackers who use their talents in legally ambiguous ways but with a certain moral ethic – have advanced certain foreign policy goals of the U.S. By not engaging with these groups, we forego opportunities to protect and defend our critical infrastructure from cyber attacks.
Recall that our present policy is guided by two goals: improve our resilience to cyber incidents and reduce the cyber threat. By hiring existing hackers both purposes are advanced. More talent on our side allows us to test and improve our systems and fewer freelance or simply bored hackers directly reduces the cyber threat faced by the nation.
The many-headed hydra of our disjointed policy approach has in some cases reduced our likelihood of achieving those goals. Recently, the U.S. government prosecuted Aaron Swartz – a talented Internet hero who pioneered RSS and was considered the father of Reddit – in spite of JSTOR dropping charges for his violation of the websites terms of service. Swartz killed himself in the wake of financial ruin due to the persistent court cases.
Now, instead of perhaps advancing the country’s cyber security interests, Swartz is a made a martyr by online activists and hackers whose skills could prove invaluable in protecting the nation from cyber attacks. This episode prompted increased attacks from non-governmental internet groups. The excessive prosecution under a law that makes it a felony to violate the terms of service of any web site an individual visits is a failure of public diplomacy making the U.S. more insecure on the cyber front.
The recent Executive Order issued by President Barack Obama advances the debate concerning cybersecurity. It represents an important step in making public the policies our government has already been operating under. This transparency is a move in the right direction but the government must take more explicit action to defend certain norms and hire existing talent, thereby leveraging powerful online communities and reducing the risk of friendly cyber-fire.
Malcolm Clayton is a junior DWA-Econ double major. He can be reached at [email protected] Do you have an opinion on this issue? If so, keep the conversation going and comment on the online version of this article at occidentalweekly.com or write a Letter to the Editor.
This article has been archived, for more requests please contact us via the support system.