Military Review English Edition May-June 2014 | Page 43

CYBERSECURITY be driving back the key to a solution.8 Glenny’s assessment is that we have a surplus of technology being thrown at the problem but a shortage of human intelligence. While we continue to pour billions of dollars into ubertechnological solutions to cybersecurity, he proposes instead that we look at the characteristics and abilities of the hackers at the center of the problem. While the hacker is only one piece of the overall cybersecurity threat, this piece may be the most vulnerable. Many figures in the business of hacking are not Mafiosi craving the high life, but shy, socially awkward math geniuses who, in his view, are prone to being swayed by sponsors more sophisticated than they are. Glenny presents some facts regarding several recent well-known cybercriminals, including Scotsman Gary McKinnon, Ukrainian Dimitry Golubov, Sri Lankan Renukanth Subramaniam, American Max Vision, Nigerian Adewale Taiwo, and Turk Cagatay Evyapan. He describes some common qualities they and many other hackers share. These include advanced math and science abilities along with advanced computer hacking skills developed during their childhood and early teen years, before their moral compasses were formed. He also, interestingly, points out characteristics consistent with Asperger’s Syndrome, a mild form of autism, as well as its attendant depression. These disabilities in the real world often seem to accompany amazing skills in the virtual world of computer hacking. By choosing to prosecute and punish rather than attract and hire these savants, the United States is punishing and alienating its best chance of finding and fixing the problems that vex it, or so the argument goes. Glenny makes a compelling case that, sometimes, we should consider hiring them instead—as our adversaries do. China, Russia, and other countries, he asserts, recruit and employ these gifted people before and after their involvement in cybercrimes. These countries mobilize them to work for the state, while we continue to rely on our criminal justice system to investigate and punish them.9 Have a Back-up Plan? Long-time computer engineer Danny Hillis warned early in 2013 that while we spend a great deal of energy and attention focused on protecting the computers on the Internet, we give little MILITARY REVIEW May-June 2014 Staff Sgt. Kenneth Tecala, an aviation operations sergeant, and Chief Warrant Officer 2 Ben Carmichael, command and control system integrator, both with Air Defense Artillery Management, Brigade Aviation Element, Headquarters and Headquarters Company, 2nd Brigade Combat Team, 1st Armored Division, troubleshoot the Rocket, Artillery and Mortar Warning system during Network Integration Evaluation 13.1 at McGregor Range, N.M., 13 November 2012. (U.S. Army, Sgt. Candice Harrison) thought to the security of the Internet itself as a medium.10 Hillis considers the Internet an emergent system. He says we do not fully understand it, like the weather and the economy: “it’s changing so quickly that even the experts don’t know exactly what’s going on.”11 He says that because of how the Internet has expanded, we do not even know how an effective denial-of-service attack would affect us, so we need “a plan B.”12 The good news is that a backup system consisting of a basic plan for alternate ways essential services can continue communicating and functioning should be relatively easy to design, according to Hillis.13 Although he does not offer details on how 41