The Demons We Imagine, The Icebergs We Ignore

Posted in: Criminal Law

Though the United States was spared the worst of it, the devastating cyberattack that crippled approximately 200,000 computers in 150 countries last Friday revealed yet again the enormity of the threat posed by hackers who can cause incalculable damage from anywhere on the globe, so long as they have a reliable internet connection. Yet the muted response to the attack in the national media and the public square reveals something even more important than the attack itself—something that has almost entirely escaped notice.

Cyberattacks of the sort unleashed last week represent an unprecedented challenge to national—indeed, to global—security. Yet the threat of such an attack does not prompt nearly the same sense of national urgency in this country as the far more modest threat of domestic attack by Islamic fundamentalists. The former poses a risk that is greater in scope, scale, and severity than anything facing the country today, dwarfing the risk posed by fundamentalists of any stripe. Yet the latter produces an unhinged hysteria, complete with overbroad travel bans, needless denunciations of Shar’ia law, and literally thousands of hate crimes over the past fifteen years. This hysteria is especially widespread among the most diehard Republicans, for whom antipathy toward Islam is almost literally an article of faith.

Why does the far greater risk generate far less national attention?

The first explanation is simple enough: Hacking is not yet associated with an identifiable subgroup of the population. It therefore exists as an act without an actor. And with no actor, there can be no demon; on that score the lesson of history is perfectly clear. Notwithstanding the risk to national security, cyberattacks cannot be made to loom large in the public imagination unless and until they take on a human form—that is, until we can put a face to the threat. Islamic fundamentalism, by contrast, fits perfectly in the American demonizing canon. We imagine that we can see, and therefore identify, target, and contain the Islamic terrorist, just as we have over the years targeted and contained Black men and Brown immigrants. The magnitude of the threat, in other words, is not nearly as important as the complexion of the target.

A second explanation draws less on race than on politics. A relatively subdued response to the latest attack might be attributable to the imbroglio over Russian interference with the U.S. and French presidential elections. Though last week’s attack was not launched by Russia—in fact, Russian computers were among the hardest hit—one can easily imagine that Republican politicians and pundits would treat the attack as a third rail, avoiding it at all cost. To acknowledge—let alone to stress—the connection between hacking and national security makes it all but impossible to suggest that the investigation into Russian meddling should be anything but prompt, wide-ranging, and robust. Coming fast on the heels of Trump’s decision to fire FBI Director James Comey, one can readily see why this would be a subject the right would avoid.

But perhaps the most important explanation is the most counterintuitive. Paradoxically, politicians and policymakers may opt to wave the flag of Islamic terror and ignore the risk of cyber-terror precisely because the former risk is small and insignificant, while the latter is massive and unmanageable. To understand how this might be the case, consider the progeny of the latest virus. As of this writing, we do not yet know who is responsible for the attack, and it may have been simply a massive extortion scheme. But we do know a thing or two about the virus itself. The attackers, whoever they are, modified a cyber-weapon developed by and stolen from the National Security Agency (NSA), which sets the stage for what follows.

U.S. policymakers consider it perfectly legitimate for the NSA to develop and, if necessary, deploy such a weapon in defense of national interests. They consider it entirely appropriate, for instance, that U.S. cyber-spies would plant a computer virus to thwart North Korean or Iranian nuclear ambitions. In fact, weapons like these are uniquely attractive, since they allow the U.S. to achieve its security goals without detection (at least, if all goes according to plan) and without putting U.S. troops at risk. And of course, other countries make the same calculus. We can predict with great confidence, therefore, that the developed world will continue to invest in ever more sophisticated means of penetrating and disabling computer systems used by others.

This in turn spurs the development of equally more sophisticated counter-measures, creating a spiral of increasingly complex mousetraps and mice. Yet this modern day arms race is unlike its Cold War predecessor. The former involved only a favored few, and for practical purposes meant a contest between the Soviet Union and the United States. Now, by contrast, the entire world—and especially the world of international commerce—relies on the interconnectivity of the Internet. But the most recent attack makes plain that the tools developed to advance national security can be readily converted into a weapon of mass disruption.

Therein lies the rub. The same conditions that make cyberwarfare irresistible to the U.S. and other countries, and which guarantee its continued use, also make it irresistible to those who would misuse it. Meanwhile, the technology and expertise involved in launching these attacks have become more and more widespread, which means that weapons like these are not only irresistible but will be increasingly commonplace. And the only surefire solution is to destroy or impair the interconnectivity that makes the Internet a unique engine of global productivity, and upon which the civilized world has come to depend. The result is a national security threat of unparalleled magnitude and exquisite irony—we have become utterly dependent on the very thing that makes us so vulnerable.

And that state of affairs is simply too terrifying to contemplate. People simply cannot wrap their minds around the idea that the most transformative technology of the modern era is also what creates unprecedented vulnerability. When faced with conditions of this sort, people naturally tend to seize on small problems that seem to admit of easy solutions while ignoring the massive conundrums that seem utterly intractable, particularly if addressing the latter would require wholesale changes in their way of life.

Examples of this are everywhere. Many people fret, for instance, that their cars contribute unduly to climate change, and gladly pay more for a car that squeezes an extra mile or two out of each gallon of gas. Yet they ignore (or are oblivious to) the fact that the agricultural production of meat has a far more serious environmental impact. Though certainly it is good to save gas, if you want to help the environment, you are better off giving up beef than giving up the Buick.

So why do so many make so much of so little? For all the worst reasons: Because they believe terror has a face, because spitting on that face allows them to ignore Russian intermeddling, and because it takes their mind off the iceberg that looms in our path.

  • Joe Paulson

    “Yet they ignore (or are oblivious to) the fact that the agricultural production of meat has a far more serious environmental impact.” See, e.g., “Comfortably Unaware: What We Choose to Eat is Killing Us and Our Planet” by Richard A. Oppenlander.

  • Chezzwizz

    It’s unfortunate, but it’s exactly as you stated:

    “People simply cannot wrap their minds around the idea that the most transformative technology of the modern era is also what creates unprecedented vulnerability.”

    I don’t think the population could handle the truth about the magnitude of security vulnerabilities that currently exist in our infrastructure. Even worse is that with each new technology iteration the available tested and reliable countermeasures grow thinner, as well as the available technicians needed to setup and maintain those countermeasures.

  • Brett

    Mr. Margulies proves a point that he probably does not want to make, amongst his tangential, misplaced and unsupported attacks on Republicans: that the size, strength and lack of control and credibility amongst government is a large problem, so large that it has allowed the technology to enable the computer hacking that just occurred to get into the wrong hands. Also, Mr. Margulies shamefully discredits criticism of Shar’ia law and its blatant discrimination of women. Also, the alleged Russian collusion has been investigated for months now, by three federal committees, and there has been no identification of any evidence of collusion. Further, President Obama’s intelligence chief, James Clapper, has publicly stated (on that bastion of liberalism NBC) that there is no evidence of any collusion.

  • LoneTree, WY

    And the fourth and unmentioned explanation: Domestic attack by some jihadist results in bombings, shootings, and slashings, i.e. blood shed and death. Domestic attack by some computer hacker does not.

  • James Lowell

    And what the left conveniently ignores is the fact that cyberterrorism, as terrible as it is, has killed nobody. On the other hand, terrorism by fanatical Islamic groups has killed thousands of people in the most grotesque of ways. As a life-long conservative, I place human damage far above property damage.