Listen to the chatter from top officials, and you’d think that World War III was about to break out on the Internet. The defense secretary is warning about a digital “Pearl Harbor.” Former director of national intelligence Mike McConnell declares that the United States is “fighting a cyber war, and we’re losing.” Every new hack brings more pronouncements of network doom.
The scare talk, however, is misplaced. Yes, we’re facing enormous cybersecurity problems — just look at the high-profile penetrations of such companies as Sony and Lockheed or the millions of Americans whose personal information has been stolen online.
But these aren’t signs of some impending cataclysmic showdown as I explain in my new cybersecurity paper for The Brookings Institution. They’re markers of a rising tide of online crime that, in its own way, could be more dangerous than a cyberwar. According to the British government, online thieves, scammers and industrial spies cost U.K. businesses an estimated $43.5 billion in the past year alone. Crooks-for-hire will infect a thousand computers for $7 — that’s how simple it’s become. Sixty thousand new malicious software variants are detected every day. Forget “Pearl Harbor”; if we’re not careful, the Internet could be in danger of looking like the South Bronx circa 1989 – a place where crooks hold such sway that honest people find it hard to live or work there.
Could there be some online conflict in the future? Maybe. But crooks are draining billions from the legitimate global economy right now. Even the Pentagon’s specialists are worried, noting in their new cybersecurity strategy that “the tools and techniques developed by cyber criminals are increasing in sophistication at an incredible rate.”
Those tools also are becoming easier to use. The latest crimeware makes stealing passwords about as simple as setting up Web pages. One gang, recently arrested, used it to drain $9.5 million in just three months.