By Neal O'Farrell, Security and Identity Theft Expert for CreditSesame.com
Einstein was wrong. World War IV will not be fought with sticks or rocks. It will be fought with bits and bytes, Trojans and bots, APTs and zero-days — it's already started and we're already losing.
I'm not a fan of drama, especially as a tool to encourage the masses in a specific direction and even for a good reason. But I'm not a fan of sugar coating either. That's why I think we need to speak honestly about war. And the fact that we're in one —right now, and have been for some time. It's just that this war is so very different to every war before and many of us can't see, hear, smell or touch it. But it doesn't mean it's not there and it's not urgent.
China has been attacking the U.S. for years—attacking businesses, government and the military, probing networks, planting malware, stealing secrets. It's also believed that China is always looking for catastrophic weaknesses that could be exploited at an appropriate time—in our financial, communications, food supply and energy systems.
If it turns out that the Russian government orchestrated or even facilitated or encouraged the recent cyber attacks on JP Morgan Chase and a dozen other major financial institutions, that would be as clear an act of war on American interests as the invasion of Ukraine was to the people of that country.
And while America is constantly under cyber attack, it's not sitting on its hands. It's been speculated that the very advanced Stuxnet malware that is believed to have done significant damage to Iran's nuclear program in 2010 was created jointly by Israel and the United States.
There are many who think that the notion of cyberwar is simply hype or scaremongering, and others argue that cyberwar can never actually be called a war because it doesn't fit with traditional definitions or understanding of what a war is.
In an article from the Council of Foreign Relations in 2013, one noted author argued that "the hype about everything "cyber" has obscured three basic truths: cyberwar has never happened in the past, it is not occurring in the present, and it is highly unlikely that it will disturb the future."
Around the same time, InfoWorld took an opposite position in an article titled "Unseen, all-out cyber war on U.S. has begun" and concluded that "One thing is clear: The era of cyber warfare is here, and it's happening on the homefront."
How Is This Different From Other Wars?
- There will be no clear and official declaration of the beginning of hostilities (a bit late anyway).
What this war has in common with previous wars is the dependence on infrastructure. Many of these attacks rely on a growing number of compromised and conscripted computers, phones and websites to spread malware and attacks, probe other computers, infect businesses, attack banks and accounts, steal personal information and disable our personal technologies.
And we're not powerless in our response. We don't have to sign up or show up in order to join up. And there's no need to flee to Canada. This is a war where every man, woman and child can play a role, and our most powerful weapon is lodged squarely between our ears. Our own awareness, vigilance, behavior, habits and choices can disable many of these attacks.
Are you for or against, in or out, awake or asleep?
This post originally appeared on CreditSesame.com. Neal O'Farrell, Credit Sesame's Security and Identity Theft Expert, is one of the most experienced consumer security experts on the planet. Over the last 30 years he has advised governments, intelligence agencies, Fortune 500 companies and millions of consumers on identity protection, cybersecurity and privacy. As Executive Director of the Identity Theft Council, Neal has personally counseled thousands of identity theft victims, taken on cases referred to him by the FBI and Secret Service, and interviewed some of the nation's most notorious identity thieves.