Slashdot Mirror

← Back to Stories (view on slashdot.org)

"Cyber War" Is Just the Latest Grab for Defense Money

Posted by Unknown on from the monocle-polishing-terrorists-are-stealing-our-yachts dept.

New submitter Curseyoukhan writes "The phrase 'cyber war' is being used to scare us into coughing up money and liberties, just like 'anarchist' once was, and 'terror' still is. To quote H.L. Mencken, 'The whole aim of practical politics is to keep the populace alarmed (and hence clamorous to be led to safety) by menacing it with an endless series of hobgoblins, all of them imaginary.'"

1 of 161 comments (clear)

  1. Arguably even worse than that... by fuzzyfuzzyfungus · · Score: 5, Interesting

    There is an unfortunate additional quirk in this case: Since, naturally, the 'cyberwarriors' don't want to be stuck purely in the tedious and thankless job of playing defense, there is a demand for 'offensive capabilities'. This creates a perverse incentive: If a flaw is disclosed and patched or mitigated, it is no longer of offensive utility, so now the market for zero-days and exploit payloads isn't just black hats, scammers, and criminals; but 'respectable' defense industry types.

    This is not a merely theoretical problem.

    VUPEN is the crass, attention-whoring, bad-boy of the industry; but practically the entire who's-who of staid, tight-lipped, defense contractors has a division peddling bugs somewhere in the business.

    Even if we were 100% warm and fuzzy about the use these exploits are being put to by these firms customers(Only the good guys, pinkie swear!), this situation is insane from the perspective of actual 'security'. Whose economies, financial systems, and infrastructure depend most heavily on complex IT systems? Ummm, mostly wealthy developed countries. Whose citizens are most vulnerable to electronic compromise of financial information and such? Countries with high rates of internet penetration and lots of computers. Who has the capability to deploy electronic attacks against unpatched vulnerabilities? Virtually everyone.

    In addition to the usual grab for rights and money, this 'cybersecurity' industry begets insecurity, because of the demand for 'offensive capabilities', despite the fact that we are the ones with the most to lose in an insecure environment. At least classic corporate welfare military R&D is merely expensive, and once you hand over the money, Raytheon or whoever goes off to build some impractical toy that is largely useless; but at least largely harmless....