Thus did the Great Darkness begin…
There is a tight correlation between the escalation of cyber warnings and the introduction of government legislation or agency budget requisitions. This is an empirical fact. In fact, you can go further: the more contentious the legislation, the more dire the warning; the greater the budget request, the more severe the threat.
The problem is that these threats and warnings are peppered with lies. On Thursday, the president of the United States lied to the world, and more specifically to the American people. He wrote in the Wall Street Journal:
Last month I convened an emergency meeting of my cabinet and top homeland security, intelligence and defense officials. Across the country trains had derailed, including one carrying industrial chemicals that exploded into a toxic cloud. Water treatment plants in several states had shut down, contaminating drinking water and causing Americans to fall ill.
Taking the Cyberattack Threat Seriously
That is a lie. It didn’t happen. There was no toxic cloud. Contaminated water did not make Americans ill (at least not cyber-instigated contamination). It was, he says later in the article , “a simulation.” But by now his sensationalist lies have had their effect – they have frightened the American public into accepting the article’s ultimate conclusion:
For the sake of our national and economic security, I urge the Senate to pass the Cybersecurity Act of 2012 and Congress to send me comprehensive legislation so I can sign it into law.
It’s time to strengthen our defenses against this growing danger.
Here in the UK we are suffering this same linkage between threat and legislation. In the UK, the legislation is the proposed Communications Bill; which shares with the Cybersecurity Act greater ease and facility in sharing information between industry and government. That’s how both governments describe it; and that sounds innocuous and worthwhile. But when you translate that into reality, its truly evil nature is clear. ‘Industry’ equates to your Google and Hotmail and Facebook and LinkedIn and every other account you have on the internet. ‘Sharing’ equates to government ability to take on demand without judicial warrant. That is, ‘sharing’ means the ability of government to access your accounts and to monitor your movements.
But do not ever expect government to share information back with the people. It is contrary to their secrecy DNA. Years ago I took part in a very worthwhile UK project called WARP (Warning, Advisory and Reporting Point) that came out of CESG. My purpose was to extend the WARP concept beyond the public sector and into the private sector. At one point I was operating three separate private sector WARPs. I gave up when CESG issued a security warning to all of the public sector WARPs and withheld it from the private sector WARPs. This is government’s view of sharing: we take; we do not give.
The true purpose behind most of the cyber legislation on both sides of the Atlantic has little to do with security. It has all to do with control. While the internet gives liberty to the people, it withholds control from the government. The internet must therefore be controlled; and if that destroys our liberty, so be it. If our governments succeed, history will look back on the first two decades of the 21st century and say, ‘that is when the Great Darkness began…’