Our insecure internet

Jack Goldsmith has a long review article on computer attacks and espionage in TNR (h/t Kenneth Anderson):

For the past few decades, and with increasing frequency, many thousands of foreign agents like the Google hackers, sitting before computer monitors abroad, have “entered” the United States to steal or to destroy valuable digital assets. They have raided the Pentagon and other government agencies to disrupt their communications and to lift sensitive or classified information. They have attacked American corporations and taken or destroyed untold millions of dollars worth of data or intellectual property. They have contacted CEOs and credibly threatened to destroy their businesses unless the CEOs met the extortionists’ demands. And they have planted malicious software--known ominously as malware--inside government and corporate headquarters, and in critical infrastructure systems such as electrical grids and power plants. Some of this malware allows them to monitor activities in these places; other malware, called “logic bombs,” enables them to trigger a destructive attack years later, if doing so would be useful.

If this were happening before our eyes--if thousands of foreign agents were physically entering our borders, breaking into brick-and-mortar buildings, and removing or destroying billions of dollars of proprietary information and monetary assets--the government would declare a national emergency. But it is happening largely out of public sight, on computers and computer networks, and so most people are not worried. The press is increasingly filled with scary stories about cyber thefts, cyber attacks, and even cyber war, and Google’s public confrontation with the Chinese raised awareness of the problem. But the cyber menace is still largely invisible to the public, which naturally discounts threats it cannot see, no matter how alarming the headlines.

Worth a look.