basic internet search ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Å“ which has been already been nicely used by Google to track emerging
flu epidemics ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Å“ Twitter seems to have introduced too much noise into the
And yet the bottom line is that tracking the
frequency of Twitter mentions of swine flu as a means of predicting
anything thus becomes useless
AS RUSSIAN tanks rolled into Georgia in August, another force was also mobilisingÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Ânot in the physical world, but online.
The actual damage done was minimal: some e-mail was disrupted and some target sites were rendered unavailable to the public.
The cyberattacks on Estonia in 2007, also launched from Russia, were more effective because EstoniaÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s government relies far more heavily on the internet (its parliament declared internet access a human right in 2000). They briefly upset the operations of some government organisations, including telephone access to the emergency services.
The Estonian and Georgian cyberattacks have put to the test a host of theories about cyberwarfare: how to define it; whether to engage in it; and how to defend against it.
Many cyberattacks are really examples of vandalism or hooliganism,
A cyberattack on a power station or an emergency-services call centre could be an act of war or of terrorism, depending on who carries it out and what their motives are.
For a cyberattack to qualify as ÃƒÂ¢Ã¢â€šÂ¬Ã…â€œcyberwarÃƒÂ¢Ã¢â€šÂ¬Ã‚Â, some observers argue, it must take place alongside actual military operations.
As Mr Schneier puts it: ÃƒÂ¢Ã¢â€šÂ¬Ã…â€œFor it to be cyberwar, it must first be war.ÃƒÂ¢Ã¢â€šÂ¬Ã‚Â
Not everyone agrees. For years there has been talk of a ÃƒÂ¢Ã¢â€šÂ¬Ã…â€œdigital Pearl HarbourÃƒÂ¢Ã¢â€šÂ¬Ã‚ÂÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Âan unexpected attack on a nationÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s infrastructure via the internet, in which power stations are shut down, air-traffic control is sabotaged and telecoms networks are disabled. There have even been suggestions that future wars could be waged in cyberspace, displacing conventional military operations altogether.
So far there have been no successful attacks of this type, but that does not stop people worrying about themÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Âor speculating about how to launch them.
The strongest definition of cyberwar requires that cyberattacks cause widespread harm, rather than mere inconvenience. The Georgian attacks did not cause physical harm, unlike the military operations going on at the same time.
Such was the intensity of the attacks on Estonian websites, however, that the countryÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s defence minister, Jaak Aaviksoo, warned that the action ÃƒÂ¢Ã¢â€šÂ¬Ã…â€œcannot be treated as hooliganism, but has to be treated as an attack against the stateÃƒÂ¢Ã¢â€šÂ¬Ã‚Â.
what counts as ÃƒÂ¢Ã¢â€šÂ¬Ã…â€œthe use of forceÃƒÂ¢Ã¢â€šÂ¬Ã‚Â in cyberspace. Do DDoS attacks count? Perhaps not if aimed at a newspaper website, but what about an air-traffic control system?
Agreement on a definition is needed, says Mr Hollis, because under international law a country that considers itself the victim of an act of war has the right to self-defenceÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Âwith conventional military (not merely electronic) means. And members of an alliance with mutual-defence obligations, such as NATO, may be duty-bound to respond to an attack on any of their members. So the cyberattack on Estonia, a NATO member, could in theory have prompted a military response.
There is no consensus among conventional military types about how to deal with such cyberattackers.
Colonel Charles Williamson, of the intelligence and surveillance division of AmericaÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s air force, proposed that the United States should establish its own ÃƒÂ¢Ã¢â€šÂ¬Ã…â€œbotnetÃƒÂ¢Ã¢â€šÂ¬Ã‚Â
Mr Robb is sceptical of the ability of formal military organisations to wage cyberwarfare.
It may make more sense for existing military bodies to concentrate on defence, by identifying the most vulnerable parts and working out how to protect them. ÃƒÂ¢Ã¢â€šÂ¬Ã…â€œAnything they can do to us, we should be able to counter fasterÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬ÂthatÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s the appropriate deterrence paradigm for this cyberage,ÃƒÂ¢Ã¢â€šÂ¬Ã‚Â says Thomas Barnett, a military strategist at Enterra Solutions, a technology firm. ÃƒÂ¢Ã¢â€šÂ¬Ã…â€œWe should concentrate on making ourselves resilient.ÃƒÂ¢Ã¢â€šÂ¬Ã‚Â
One way for governments to do this, says Richard Bejtlich, a former digital-security officer with the United States Air Force who now works at GE, an American conglomerate, might be to make greater use of open-source software
It may be that open-source defence is the best preparation for open-source attack.
A great, skeptical piece from the Economist about all the recent buzz–scaremongering according to the Economist–over the threat of cyberwar. I’m glad someone else has noticed the near-hysteria combined with lack of details and large sums of money up for grabs by those stoking the hysteria while providing little evidence to back their claims.
For years military experts and computer scientists have speculated about the possibility of
a nationÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s infrastructure being attacked using computers, rather than bombs.
Estonia in 2007 and Georgia in 2008. In each case, government websites were brought down by a deluge of traffic, apparently from Russia. The actual damage done was minimal, but it has all added to the sense of urgency, in America in particular, about the need to protect critical infrastructure from such an attack.
In the past few weeks there have been alarming reports that AmericaÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s systems have already been infiltrated.
Does this mean America is suddenly under attack, and that war has broken out in cyberspace?
But the most likely explanation for the sudden spate of scare stories is rather more mundane: a turf war between American government agencies over who should oversee the nationÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s cyber-security.
At stake are tens of billions of dollars in funding promised for a multi-year cyber-security initiative.
In February Barack Obama launched a review of AmericaÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s cyber-security efforts. The findings are expected to influence how funds are allocated and the relative balance of power between the various agencies. Frantic jockeying for position may explain the recent scare stories, and their curious lack of detail.
So do not be surprised if cyber-security miraculously seems to improve once Mr Obama decides how to divide up the money and the power. But that is no excuse for frightening everybody, nor for making an already murky subject much murkier. The agencies involved need to focus on improving security, not playing politics and spreading scare stories.