Tuesday, November 24, 2009


Much of the national cyberwar discussion, what there is of it, is dominated by trash reporting. More recently, the worst examples have been so bad they appear almost inexplicable, perhaps the result of people thinking "What could cyberwar do to this country?" -- then taking a second to come up with the answer: "Anything and everything!"

No rational perspective, no actual relationship to what risk statistics exist in the real world, are allowed to intrude into this process. The enemy, after all, is everywhere, capable of anything at anytime.

"[Some alleged expert], speaking before a health IT standards committee organized by the Health and Human Services Department, said what 'keeps me up night and fairly scared' is that an attacker could get into a system and, for example, change data fields that indicate patients who have an allergy to penicillin do not have an allergic reaction to the antibiotic," reads a National Journal blog posting here.

While reading this, you should keep in mind that the National Journal is one of the prime places for cyberwar hype. It is a publication which asserted last year that China had caused power blackouts in the US and, more recently, delivered the often cited risible junk from Booz Allen Hamilton's Mike McConnell on how Wall Street and the financial markets could be hit by cyberwar, bringing the country to economic collapse.

The magazine's reports on cyberwar are always lengthy, and they work from the logic that the truth of a thing is determined by the number of people who can be found to assert it.

"In another manner of speaking, if one can fill a room with bull, hearsay and gossip, there's always a magic tipping point where it transforms into fact, like lead turns into gold when touched by the Philosopher's Stone in alchemy," I wrote a year ago.

The cyberwar narrative has always been driven by groupthink.

And to spend too much time asking for details and proof is to be drawn into the deranged world of the American way of threat description.

So for the National Journal, a lecture is cited, one in which it said cyberwarriors might change medical records, leading to death. "About 400 patients in the United States die each year from penicillin allergies, according to the Web site Wrong Diagnosis," it reads.

However, it astonishingly misses the point of a statistic on medical error -- as proof of the common hazard always posed by simple human frailty, not as a potential metric of damage in cyberwar.

Indeed, one can find a substantial archive devoted to this subject at the Journal of the American Medical Association.

A glance at its first page of results -- not a trace of cyberwar fiddling to be found.

This facet of the cyberwar argument would not be complete if, in standard US fashion, we are not seen as planning it for our many potential adversaries, since every foreign country with networked computers, and even a few with hardly any, are generally labelled as potential culprits.

"Illustrative applications of cyberattack .... Altering electronic medical records of adversary military leaders."

The above, taken from a slide presented by Herbert Lin, in a talk entitled "Technology, Policy, Law and Ethics Regarding US Acquisition and Use of Cyberattack Capabilities."

Because of this, it would seem only a matter of time until news stories show up suggesting the US has engaged in secret cyberwar with [fill in the blank], a facet of which involves another unverifiable story, one in which the [designated country's] general of this or that had his prescription changed, causing him to die suddenly.


Anonymous Anonymous said...

Just so the record is clear -- my viewgraphs did indeed provide altering electronic medical records as an illustrative application of cyberattack. But in my talk, I said quite explicitly that the report on which those viewgraphs were based did NOT advocate any of the illustrative applications presented, nor did it have any evidence that any of those things had actually happened.

Your caution about how "news" gets generated is quite well-taken.

Herb Lin

12:05 PM  

Post a Comment

<< Home