News+

Richard Clarke: Cyberwar threat demands U.S. defense strategy

3 min read

Security expert Richard A. Clarke offers stark examples in arguing that the threats of cyberwar and cyberespionage are not just science fiction hype:

–Israeli F15 and F16s screamed across the Syrian border in September 2007 and bombed a nuclear reactor construction site, but Syrian radar screens showed nothing but peaceful green. The Israelis had hacked into the Syrian air defense and seized control of the software system.

–British intelligence told the top chief executives in the country: Assume that your corporation has been hacked, and that all of your vital information, all your intellectual property, all your research and development has been stolen.

–The Pentagon acknowledged in August that the secret American SIPRNet defense network was hacked two years earlier by a foreign intelligence service using the Internet.

Clarke has been a principal US government security strategist, serving as security and counterterrorism adviser to Presidents Bill Clinton and George W. Bush before and after the 9/11 attacks. Introducing Clarke at a seminar at Harvard Kennedy School’s Belfer Center for Science and International Affairs, director Graham Allison noted that Clarke was the only government official to apologize to the American people after the attacks, telling the 9/11 commission, “Your government has failed you.”

Yet Allison said Clarke himself was one of the most effective players within the government in recognizing and addressing the growing threat of catastrophic terrorism. And when Clarke left government in 2003, he wrote what Allison called the best book on the war on terrorism, “Against All Enemies.”

Clarke, a faculty affiliate in the Belfer Center, is now working to focus attention on another threat that could pose equally grave challenges to the nation’s security. Clarke has co-authored a new book, “Cyberwar: the Next Threat to National Security and What to Do About It.” He briefed a directors’ seminar at the Belfer Center on Sept. 14 about the risks of cyber attacks, and suggested ways for the United States to develop a credible defensive strategy against cyber threats.

Clarke, who is a partner of Good Harbor Consulting, a security and risk consulting firm, surveyed the range of cyber risks in crime, espionage and warfare in his on-the-record introductory remarks. He called cyberterrorism a comparatively minor threat, saying terrorists have shown little capacity to use the Internet for anything other than propaganda. And Clarke said that cybercrime, while costly to the economy and to financial institutions, tended to involve stealing small amounts of money from lots of people.

Cyberespionage is more serious and immediate, he said, threatening not only governments but also businesses. But the prospect of cyberwar, Clarke said, poses especially  serious threats that have not received the national or international focus that they deserve.

The Belfer Center site has this video of Clarke’s opening remarks as well as a full transcript.