Military Review English Edition May-June 2014 | Page 43
CYBERSECURITY
be driving back the key to a solution.8 Glenny’s
assessment is that we have a surplus of technology being thrown at the problem but a shortage
of human intelligence. While we continue to pour
billions of dollars into ubertechnological solutions
to cybersecurity, he proposes instead that we look
at the characteristics and abilities of the hackers at
the center of the problem. While the hacker is only
one piece of the overall cybersecurity threat, this
piece may be the most vulnerable. Many figures in
the business of hacking are not Mafiosi craving the
high life, but shy, socially awkward math geniuses
who, in his view, are prone to being swayed by
sponsors more sophisticated than they are. Glenny
presents some facts regarding several recent
well-known cybercriminals, including Scotsman
Gary McKinnon, Ukrainian Dimitry Golubov,
Sri Lankan Renukanth Subramaniam, American
Max Vision, Nigerian Adewale Taiwo, and Turk
Cagatay Evyapan. He describes some common
qualities they and many other hackers share. These
include advanced math and science abilities along
with advanced computer hacking skills developed
during their childhood and early teen years, before
their moral compasses were formed. He also, interestingly, points out characteristics consistent with
Asperger’s Syndrome, a mild form of autism, as
well as its attendant depression. These disabilities
in the real world often seem to accompany amazing
skills in the virtual world of computer hacking.
By choosing to prosecute and punish rather than
attract and hire these savants, the United States is
punishing and alienating its best chance of finding and fixing the problems that vex it, or so the
argument goes. Glenny makes a compelling case
that, sometimes, we should consider hiring them
instead—as our adversaries do. China, Russia,
and other countries, he asserts, recruit and employ
these gifted people before and after their involvement in cybercrimes. These countries mobilize
them to work for the state, while we continue to
rely on our criminal justice system to investigate
and punish them.9
Have a Back-up Plan?
Long-time computer engineer Danny Hillis
warned early in 2013 that while we spend a great
deal of energy and attention focused on protecting the computers on the Internet, we give little
MILITARY REVIEW
May-June 2014
Staff Sgt. Kenneth Tecala, an aviation operations sergeant, and Chief
Warrant Officer 2 Ben Carmichael, command and control system integrator, both with Air Defense Artillery Management, Brigade Aviation
Element, Headquarters and Headquarters Company, 2nd Brigade
Combat Team, 1st Armored Division, troubleshoot the Rocket, Artillery
and Mortar Warning system during Network Integration Evaluation
13.1 at McGregor Range, N.M., 13 November 2012. (U.S. Army, Sgt.
Candice Harrison)
thought to the security of the Internet itself as a
medium.10 Hillis considers the Internet an emergent
system. He says we do not fully understand it, like
the weather and the economy: “it’s changing so
quickly that even the experts don’t know exactly
what’s going on.”11 He says that because of how
the Internet has expanded, we do not even know
how an effective denial-of-service attack would
affect us, so we need “a plan B.”12
The good news is that a backup system consisting of a basic plan for alternate ways essential services can continue communicating and functioning
should be relatively easy to design, according to
Hillis.13 Although he does not offer details on how
41