Worrying about threats to the electric grid is all the rage these days, with anxious planners troubled by electromagnetic pulse attacks or even solar superflares that could melt down the power net for months or even years, bringing civilization to a halt. But Richard Clarke and Robert Knake warn in "Cyber War" that if such a calamity occurs, the culprit behind it might not be a high-altitude nuclear burst or strange solar weather but a computer hacker in Beijing or Tehran.
Over the past few decades, American society has become steadily more wired. Devices talk to one another over the Internet, with tremendous increases in efficiency: Copy machines call their own repairmen when they break down, stores automatically replenish inventory as needed and military units stay in perpetual contact over logistical matters—often without humans in the loop at all. The benefits of this nonstop communication are obvious, but the vulnerabilities are underappreciated. The Internet was designed for ease of communication; security was (and is) largely an afterthought. We have created a hacker's playground.
Worse yet, computer hardware, usually made in China, is sometimes laced with "logic bombs" that will allow anyone who has the correct codes—the Chinese government comes to mind—to turn our own devices against us. Messrs. Clarke and Knake are particularly concerned with risks to the electric grid. Hackers might be able not only to trick generators into turning themselves off but also to command expensive custom equipment to tear itself apart—damage that could take months or longer to fix. The result wouldn't be a short-term blackout of the sort we're familiar with but something more like Baghdad after the Iraq invasion. And that's probably a best-case scenario.
Nor are electric-generating facilities, already the target of thousands of known hack attacks, the only vulnerability. Military secrets and valuable intellectual property are also at risk, Messrs. Clarke and Knake note. Yet efforts to protect against hacker-attacks have lagged behind increasingly sophisticated threats as the Pentagon concentrates on offensive, not defensive, cyberwar techniques. The emphasis may reflect the unhappy truth that, in a cyberwar, first-strike capability is an enormous advantage. The instigator can launch an attack before the targeted country has raised its defenses or disconnected vital services from the Internet altogether. The targeted country may be damaged so badly that it cannot respond in kind, and a weaker response would probably meet a well-prepared defense. The incentive to strike first, Messrs. Clarke and Knake argue, is destabilizing and dangerous—and all the more reason to bolster our preparedness.
Not that every first strike is malign; sometimes it produces a happy result. Messrs. Clarke and Knake are convinced that an Israeli air strike in 2007 against a secret North Korean-designed nuclear facility being constructed in the Syrian desert was a textbook case of cyber-aided warfare. Israeli computers "owned" Syria's elaborate air defenses, the authors say, "ensuring that the enemy could not even raise its defenses." How the Israelis accomplished the task isn't known, but Messrs. Clarke and Knake speculate that a drone aircraft may have been used to commandeer Syrian radar signals, or Israeli agents may have inserted a "trapdoor" access point in the computer code of the Russian-designed defense system, or an intrepid Israeli agent deep in Syria may have spliced into a fiber-optic cable linked to the defense system and then sent commands clearing the way for the bombing run.
Stealthy online intrusion and malicious hacking have evolved from low-level intelligence-gathering tools to weapons that are, potentially, as destructive as bombs and missiles. (How many Americans would die if the electricity went out for a week? A month? Six months?) Yet many policy-makers still seem to regard the threat as a sideshow. The Pentagon plans "net-centric" warfare without addressing the vulnerability of the "net" part; diplomats who discuss arms control deal almost exclusively with traditional weaponry, without considering more modern threats. Generals are astounded to hear about digital military weaknesses that already haunt every captain and major. Presidents Clinton and George W. Bush largely ignored the problem, and President Obama shows no sign of doing any better.
In some intelligence circles the threat of cyber attacks is scoffed at, but I think that Messrs. Clarke and Knake are right to sound the alarm. (Mr. Clarke, we should recall, was the head of counterterrorism security in the Clinton and George W. Bush administrations.) As Henry Fielding remarked long ago, those who lay the foundation of their own ruin find that others are apt to build upon it. By constructing, and then relying on, vulnerable systems that are now entwined with almost every aspect of American life, we have laid just such a foundation. The time has come to fix it or at least to refine the systems to avoid catastrophic failure.
"Just-in-time" inventory systems are highly vulnerable to transportation problems; "network computing" fails when the network does; and smart grids are open invitations to smart hackers. Too much of our critical infrastructure operates with increased vulnerabilities and reduced margins for error. "The same way that a hand can reach out from cyberspace and destroy an electric transmission line or generator," the authors note, "computer commands can derail a train or send freight cars to the wrong place, or cause a gas pipeline to burst."
Promoters of something called "resilience engineering" suggest that planners should put more effort into designing systems that resist disruption and that degrade gracefully, rather than failing calamitously when stressed. Such an approach would reduce our vulnerability to cyberwar—and to many other kinds of trouble as well.
**Mr. Reynolds, who teaches Internet law at the University of Tennessee, hosts "Instavision" at PJTV.com.
