Part 3 (2/2)
Four years later, in the spring of 2012, the Internet-inspired protest movement challenging the obviously fraudulent process used in the first round of the elections (in which Putin was ultimately victorious, as expected), one Russian a.n.a.lyst said, ”The old people come and the old people come and the old people come and all vote for one candidate-for Putin. Why are they voting for Putin? Watch TV. There is one face: Putin.” And indeed, one of the many reasons for television's dominance in the political media landscape of almost every country is that older people both simultaneously vote in higher percentages and watch television more hours per day than any other age group. In the U.S., people aged sixty-five and older watch, on average, almost seven hours per day.
In many nations, inst.i.tutions important to the rise and survival of democracy, like journalism, have also been profoundly affected by the historic transformation of communications technology. Newspapers have fallen on hard times. They used to be able to bundle together revenue from subscriptions, commercial advertising, and cla.s.sified advertising to pay not only for the printing and distribution of their papers but also the salaries of professional reporters, editors, and investigative journalists. With the introduction of television-and particularly with the launch of evening television news programs-the afternoon newspapers in most major cities that people used to read upon returning home from work were the first to go bankrupt. The loss of increasing amounts of commercial advertising to television and radio also began to hurt the morning newspapers. Then, when cla.s.sified advertising migrated en ma.s.se to the Internet and the widespread availability of online news sources led many readers to stop their subscriptions to newspapers, the morning newspapers began to go bankrupt as well.
Eventually, Internet-based journalism will begin to thrive. In the U.S., digital news stories already reach more people than either newspapers or radio. As yet, however, a high percentage of quality journalism available on the Internet is still derived from the repurposing of articles originally prepared for print publications. And there are as yet few business models for journalism originating on the Internet that bundle together enough revenue to support the salaries of reporters engaged in the kind of investigative journalism essential to provide accountability in a democracy.
Like the journalism essential to its flouris.h.i.+ng, democracy itself is now stuck in this odd and dangerous transition era that falls between the waning age of the printing press and the still nascent maturation of effective democratic discourse on the Internet. Reformers and advocates of the public interest are connecting with one another in ever larger numbers over the Internet and are searching with ever greater intensity for ways to break through the quasi-hypnotic spell cast over the ma.s.s television audience-day after day, night after night-by constant, seductive, expensive, and richly produced television programming.
Virtually all of this programming is punctuated many times each hour by slick and appealing corporate messages designed to sell their products and by corporate issue advertising designed to shape the political agenda. During election years, especially in the United States, television viewers are also deluged with political advertis.e.m.e.nts from candidates who-again because of the economics of the television medium-are under constant and unrelenting pressure from wealthy and powerful donors to adopt the donors' political agendas-agendas that are, unsurprisingly, congruent with those contained in the corporate issue advertising.
Public goods-such as education, health care, environmental protection, public safety, and self-governance-have not yet benefited from the new efficiencies of the digital age to the same extent as have private goods. The power of the profit motive has been more effective at driving the exploitation of new opportunities in the digital universe. By contrast, the ability of publics to insist upon the adoption of new, more efficient, digital models for the delivery of public goods has been severely hampered by the sclerosis of democratic systems during this transition period when digital democracy has yet to take hold.
EDUCATION AND HEALTH CARE IN A NEW WORLD.
The crisis in public education is a case in point. Our civilization has barely begun the necessary process of adapting schools to the tectonic s.h.i.+ft in our relations.h.i.+p to the world of knowledge. Education is still too frequently based on memorizing significant facts. Yet in a world where all facts are constantly at our fingertips, we can afford to spend more time teaching the skills necessary to not only learn facts but also learn the connections among them, evaluate the quality of information, discern larger patterns, and focus on the deeper meaning inherent in those patterns. Students accustomed to the rich and immersive experience of television, video games, and social media frequently find the experience of sitting in desks staring at chalk on a blackboard to be the least compelling and engaging part of their day.
There is clearly a great potential for the development of a new curriculum, with tablet-based e-books and search-based, immersive, experiential, and collaborative online courses. E. O. Wilson's new, enhanced digital textbook Life on Earth is a terrific example of what the future may hold. In higher education, a new generation of high-quality ventures has emerged-including Coursera, Udacity, Minerva, and edX-that is already beginning to revolutionize and globalize world-cla.s.s university-level instruction. Most of the courses are open to all, for free!
The hemorrhaging of government revenues at the local, state, and national level-caused in part by the lower wages and persistent high unemployment a.s.sociated with the outsourcing and robosourcing in Earth Inc., and declining property values in the wake of the global economic crisis triggered in part by computer-generated subprime mortgages-is leading to sharp declines in budgets for public education at the very time when reforms are most needed. In addition, the aging of populations in developed countries and the declining percentage of parents of school-aged children have diminished the political clout wielded by advocates for increasing these budgets.
Even though public funding for education has been declining, many creative teachers and princ.i.p.als have found ways to adapt educational materials and routines to the digital age. The Khan Academy is a particularly exciting and innovative breakthrough that is helping many students. Nevertheless, in education as in journalism, no enduring model has yet emerged with enough appeal to replace the aging and decaying model that is now failing to meet necessary standards. And some online, for-profit ventures-like the University of Phoenix and Argosy University Online-appear to have taken advantage of the hunger for college-level instruction on the Internet without meeting their responsibility to the students who are paying them. One online college, Trinity Southern University, gave an online degree in business administration to a cat named Colby Nolan, which happened to be owned by an attorney general. The school was later prosecuted and shut down.
Health care, like education, is struggling to adapt to the new opportunities inherent in the digital universe. Crisis intervention, payment for procedures, and ridiculously expensive record keeping required by insurance companies and other service providers still dominate the delivery of health care. We have not yet exploited the new ability inherent with smartphones and purpose-built digital health monitors to track health trends in each individual and enable timely, cost-effective interventions to prevent the emergence of chronic disease states that account for most medical problems.
More sophisticated information-based strategies utilizing genomic and proteomic data for each individual could also clearly improve health outcomes dramatically at much lower cost. Epidemiological strategies-such as the monitoring of aggregate Internet searches for flu symptoms-are beginning to improve the allocation and deployment of public health resources. While interesting experiments have begun in these and other areas, however, there has as yet been no effectively focused public pressure or sustained political initiative to implement a comprehensive new Internet-empowered health care strategy. Some insurance companies have begun to use data mining techniques to scour social media and databases aggregated by marketing companies in order to better a.s.sess the risk of selling life insurance to particular individuals. At least two U.S. insurance companies have found the approach so fruitful that they even waive medical exams for customers whose data profiles cla.s.sify them as low-risk.
THE SECURITY CONUNDRUM.
With all of the exciting potential for the Internet to improve our lives, why have the results been so mixed thus far? Perhaps because of human nature, it is common for us to overemphasize the positive impacts of any important new technology when it is introduced and first used. It is also common, unfortunately, for us to give short shrift to the risks of new technologies and underestimate unintended side effects.
History teaches, of course, that any tool-the mighty Internet included-can and will be used for both good and ill. While the Internet may be changing the way we organize our thinking, and while it is changing the way we organize our relations.h.i.+ps with one another, it certainly does not change basic human nature. And thus the age-old struggle between order and chaos-and dare I say good and evil-will play out in new ways.
More than four centuries ago, when the explosion of information created by the printing press was just beginning, the legend of Doctor Faust first appeared. Some historians claim that Faust was based on the financier and business partner of Gutenberg, Johann Fust, who was charged in France with witchcraft because of the seemingly magical process by which thousands of copies of the same text could be replicated perfectly.
In the Faust legend, which has appeared in varying forms over the centuries, the protagonist makes a deal with the devil in which he exchanges his soul for ”unlimited knowledge and worldly pleasures.” Ever since then, as the scientific and technological revolution accelerated, many new breakthroughs, like nuclear power and stem cell technology, among others, have frequently been described as ”Faustian bargains.” It is a literary shorthand for the price of power-a price that is often not fully comprehended at the beginning of the bargain.
In our time, when we adapt our thinking processes to use the Internet (and the devices and databases connected to it) as an extension of our own minds, we enter into a kind of ”cyber-Faustian bargain”-in which we gain the ”unlimited knowledge and worldly pleasures” of the Internet. Unless we improve privacy and security safeguards, however, we may be risking values more precious than worldly wealth.
For individuals, the benefits of this bargain-vastly increased power to access and process information anywhere and anytime, a greatly increased capacity to communicate and collaborate with others-are incredibly compelling. But the price we pay in return for these incalculable benefits is a significant loss of control over the security and privacy of the thoughts and information that we send into this extended nervous system. Two new phrases that have crept into our lexicon-”the death of distance” and ”the disappearance of privacy”-are intimately connected, each to the other. Most who use the Internet are tracked by many websites that then sell the information. Private emails can be read by the government without a warrant, without permission, and without notification. And hacking has become easy and widespread.
The same cyber-Faustian bargain has been made by corporations and governments. Like individuals, they are just beginning to recognize the magnitude of the cybersecurity price that apparently has to be paid on an ongoing basis. And to be clear, virtually no one argues with the gains in efficiency, power, productivity, and convenience that accompany this revolutionary change in the architecture of the information economy. What is not yet clear is how the world can resolve-or at least manage-the ma.s.sive new threats to security and privacy that accompany this s.h.i.+ft.
Internet and software companies are themselves also making the same bargain, with a historic and ma.s.sive s.h.i.+ft from software, databases, and services located within computers themselves to ”the cloud”-which means, essentially, using the Internet and the remote servers and databases connected to it as extensions of the memory, software, and processing power that used to be primarily contained within each computer. The growing reliance on the cloud creates new potential choke points that may have implications for both data security and reliability of service. In late 2012, several popular Internet companies in the U.S. that rely on Amazon.com's cloud services were all knocked out of commission when problems shut down Amazon's data centers in Virginia.
The world's historic s.h.i.+ft onto the Internet confronts us with a set of dilemmas that are inherent in the creation of a planet-wide nervous system connecting all of us to the global brain. Some of these dilemmas have arisen because digital information is now recognized-and valued-as the key strategic resource in the twenty-first century.
Unlike land, iron ore, oil, or money, information is a resource that you can sell or give away and yet still have. The value of information often expands with the number of people who share it, but the commercial value can often be lost when its initial owner loses exclusivity. The essence of patent and copyright law has been to resolve that tension and promote the greatest good for the greatest number, consistent with principles of justice and fairness. The inventor of a new algorithm or the discoverer of a new principle of electromagnetism deserves to be rewarded-partly to provide incentives for others to chase similar breakthroughs-but society as a whole also deserves to benefit from the widespread application of such new discoveries.
This inherent tension has been heightened by the world's s.h.i.+ft onto the Internet. Longtime technology thought leader Stewart Brand is often quoted as having said in the early years of the Internet, ”Information wants to be free.” But what he actually said was, ”On the one hand, information wants to be expensive, because it's so valuable,” adding, ”On the other hand, information wants to be free, because the cost of getting it out is getting lower and lower all the time. So you have these two fighting against each other.”
Because digital information has become so strategic in the operations of Earth Inc., we are witnessing a global, multip.r.o.nged struggle over the future of the Internet, with battlefronts scattered throughout the overlapping worlds of politics and power, commerce and industry, art and culture, science and technology: * Between those who want information to be free and others who want to control it and exchange it for wealth or power; * Between those who want people to be free and those who want to control their lives; * Between individuals who share private information freely on social networks and others who use that information in unantic.i.p.ated and sometimes harmful ways; * Between Internet-based companies who indiscriminately collect vast amounts of information about their customers and customers who value their privacy; * Between legacy centers of power that occupied privileged positions in the old order of information now breaking down and new centers of inchoate power seeking their own place in the new pattern struggling to emerge; * Between activists (and ”hacktivists”) who value transparency and nations and corporations that value secrecy; * Between corporations whose business models depend upon the ability to protect intellectual property contained in computers connected to the Internet and compet.i.tors who seek to steal that intellectual property by using other computers also connected to the Internet; * Between cybercriminals intent on exploiting rich new targets in the flows of wealth and information on the Internet and law enforcement organizations whose strategy for stopping cybercrime sometimes threatens to destroy historic and hard-won boundaries between the spheres occupied by individuals and the episodic desire by their governments to invade those private spheres.
The complexity of the world's transition to the Internet is even more fraught because all of these conflicts are occurring simultaneously on the same common Internet that everyone shares. And, not surprisingly, proposed remedies for problems in one set of conflicts frequently enhance the potential for disrupting efforts to resolve problems in other sets of conflicts.
Proposals to require measures that eliminate anonymity on the Internet in order to protect cybersecurity and fight cybercrime pose a deadly threat to the ability of dissidents in authoritarian countries to propose reforms and connect with others seeking change in their governments. By the same token, the dream of reformers that the global Internet will inevitably drive global change in the direction of more freedom for individuals, regardless of where they live, strikes fear in the hearts of authoritarian rulers.
Even in free countries, activists who expose information that governments have tried to keep secret often trigger intrusive new government measures to expand the information they collect about citizens. When the Wikileaks organization, run by an Australian living in Sweden on servers based in Sweden, Iceland, and possibly other locations, publicized information stolen from the U.S. government, the subsequent crackdown enraged other hacktivists, who then broke into numerous other government and corporate websites around the world.
Because the Internet crosses national boundaries, it diminishes the ability of nation-states to manage such conflicts through laws and regulations that reflect the values in each nation (or at least the values of the governments in power). Independent groups of hacktivists have been able to break into sites controlled by the FBI, CIA, the U.S. Senate, the Pentagon, the International Monetary Fund, the official website of the Vatican, Interpol, 10 Downing Street in London, the British Ministry of Justice, and NASA (even breaking into the software of the s.p.a.ce station while it was...o...b..ting the Earth). When the FBI organized a secure conference call to discuss how to respond to such attacks with Scotland Yard, hackers recorded the call and put it on the web. The inmates have clearly taken over a large part of the Internet asylum when Nurse Ratched's private conversations about security are broadcast for all to hear.
The extreme difficulty in protecting cybersecurity was vividly demonstrated when EMC, a technology security company used by the National Security Agency, the Central Intelligence Agency, the Pentagon, the White House, the Department of Homeland Security, and many leading defense contractors, was penetrated by a cyberattack believed to have originated in China. EMC's security system was considered the state of the art in protecting computers connected to the Internet-which, of course, is why it was used by the organizations with the greatest need for protecting their digital data. It remains undisclosed how much sensitive information was stolen, but this attack was a sobering wake-up call.
In 2010, U.S. secretary of defense Robert Gates labeled cybers.p.a.ce as the ”fifth domain” for potential military conflict-alongside land, sea, air, and s.p.a.ce. In 2012, Rear Admiral Samuel c.o.x, the director of intelligence at the U.S. Cyber Command (established in 2009), said that we are now witnessing ”a global cyber arms race.” Other experts have noted that at this stage in the development of cybersecurity technology, offense has the advantage over defense.
Securing the secrecy of important communications has always been a struggle. It was first mentioned by ”the father of history,” Herodotus, in his description of the ”secret writing” that he said was responsible for the Greek victory in the Battle of Thermopylae, which prevented ancient Greece's conquest by Persia. A Greek living in Persia, Demaratus, witnessed the preparations for what the leader of Persia, Xerxes, intended as a surprise invasion and sent an elaborately hidden warning to Sparta. Later during the same war, a Greek leader shaved his messenger's head, wrote what he wished to convey on the messenger's scalp, and then ”waited for the hair to regrow.” From the use of ”invisible ink” in the Middle Ages to n.a.z.i Germany's use of the Enigma machine during World War II, cryptography in its various forms has often been recognized as crucial to the survival of nations.
The speed with which the Internet proliferated made it difficult for its original architects to remedy the lack of truly secure encryption-which they quickly recognized in the Internet's early days as a structural problem. ”The system kind of got loose,” said Vint Cerf.
It is theoretically possible to develop new and more effective protections for the security of Internet data flows, and many engineers and information scientists are working to solve the problem. However, the rapidity with which Earth Inc. adapted to and coalesced around the Internet has made industry and commerce so dependent on its current architecture that any effort to change its design radically would be fraught with difficulty. And the extent to which billions of people have adapted their daily lives to the constant use of the Internet would also complicate efforts to fundamentally change its architecture.
McKinsey, the global management consulting firm, concluded in a recent report that four trends have converged to make cybersecurity a problem: * Value continues to migrate online and digital data has become more pervasive; * Corporations are now expected to be more ”open” than ever before; * Supply chains are increasingly interconnected; and * Malevolent actors are becoming more sophisticated.
As a result, this radical transformation of the global economy has created what most experts describe as a ma.s.sive cybersecurity threat to almost all companies that are using the Internet as part of their core business strategy. Particular attention has been focused on what appears to be a highly organized and persistent effort by organizations in China to steal highly sensitive information from corporations, government agencies, and organizations that have links to one or both categories.
U.S. intelligence agencies have long been a.s.sumed to conduct surveillance of foreign governments, including through cybertools to take information from computers if they have reason to believe that U.S. security is threatened. What is different about the apparent Chinese effort is that it seems to be driven not only by military and national intelligence concerns, but also by a mercantilist effort to confer advantage on Chinese businesses. ”There's a big difference,” says Richard Clarke, the former counterterrorism czar. ”We don't hack our way into a Chinese computer company like Huawei and provide the secrets of Huawei technology to their American compet.i.tor Cisco. We don't do that.”
There is no doubt that U.S. companies are being regularly and persistently attacked. Recent research published by the Aspen Inst.i.tute indicates that the U.S. economy is losing more than 373,000 jobs each year-and $16 billion in lost earnings-from the theft of intellectual property. Shawn Henry, formerly a top official in the FBI's cybercrime unit, reported that one U.S. company lost a decade's worth of research and development-worth $1 billion-in a single night.
Mike McConnell, a former director of national intelligence, said recently, ”In looking at computer systems of consequence-in government, Congress, at the Department of Defense, aeros.p.a.ce, companies with valuable trade secrets-we've not examined one yet that has not been infected by an advanced persistent threat.” The U.S. Secret Service testified in 2010 that ”nearly four times the amount of data collected in the archives of the Library of Congress” was stolen from the United States. The director of the FBI testified that cybersecurity will soon overtake terrorism: ”The cyberthreat will be the number one threat to the country.”
Another digital security company, McAfee, reported that a 2010 series of cyberattacks (called ”Operation Shady RAT”) resulted in the infiltration of highly secure computer systems in not only the United States, but also Taiwan, South Korea, Vietnam, Canada, j.a.pan, Switzerland, the United Kingdom, Indonesia, Denmark, Singapore, Hong Kong, Germany, India, the International Olympic Committee, thirteen U.S. defense contractors, and a large number of other corporations-none of them in China.
But the United States-as the nation whose commerce has migrated online more than that of any other nation-is most at risk. The United States Chamber of Commerce was informed by the FBI that some of its Asia policy experts who regularly visit China had been hacked, but before the Chamber was able to secure its network, the hackers had stolen six weeks' worth of emails between the Chamber and most of the largest U.S. corporations. Long afterward, the Chamber found out that one of its office printers and one of its thermostats in a corporate apartment were still sending information over the Internet to China.
Along with printers and thermostats, billions of other devices are now connected to the Internet of Things, ranging from refrigerators, lights, furnaces, and air conditioners to cars, trucks, planes, trains, and s.h.i.+ps to the small embedded systems inside the machinery of factories to the individual packages containing the products they produce. Some dairy farmers in Switzerland are even connecting the genitals of their cows to the Internet with a device that monitors their estrous cycles and sends a text when a cow is ready to be bred. Interspecies ”s.e.xting”?
THE PERVASIVENESS AND significance of the Internet of Things has clearly raised the possibility that cyberattacks can not only pose risks to the security of important information with commercial, intelligence, and military value, but can also have kinetic impacts. With so many Internet-connected computerized devices now controlling water and electric systems, power plants and refineries, transportation grids and other crucial systems, it is not difficult to conjure scenarios in which a coordinated attack on a nation's vital infrastructure could do real physical harm.
According to John O. Brennan, the White House official in charge of counterterrorism, ”Last year alone [2011] there were nearly 200 known attempted or successful cyberintrusions of the control systems that run these facilities, a nearly fivefold increase from 2010.” In the spring of 2012, Iran announced that it had been forced to sever the Internet connections of major Iranian oil terminals on the Persian Gulf, oil rigs, and the Tehran offices of the Oil Ministry because of repeated cyberattacks from an unknown source. Later that year, Saudi Arabia's state-owned oil company, Aramco, was the victim of cyberattacks that U.S. security officials said were almost certainly launched by Iran, which announced in 2011 that it had established a special military ”cybercorps” after one of its nuclear enrichment facilities, in Natanz, was attacked by a computer virus. The attack on Aramco, which replaced all of the data on 75 percent of the firm's computers with an image of a burning American flag, demonstrated, in the words of former national counterterrorism czar Richard Clarke, that ”you don't have to be sophisticated to do a lot of damage.”
The Stuxnet computer worm, which was probably set loose by Israel and the U.S. working together, found its way-as intended-into a small Siemens industrial control system connected to the motors running the Iranian gas centrifuges that were enriching uranium as part of their nuclear program. When the Stuxnet worm confirmed that it was inside the specific piece of equipment it was looking for, it turned itself on and began to vary the speeds of the motors powering the Iranian centrifuges and desynchronize them in a way that caused them to break apart and destroy themselves. In 2010, an even more sophisticated software worm, called Flame, which a.n.a.lysts said ”dwarfs Stuxnet” in the amount of code it contains, reportedly began infecting computers in Iran and several other nations in the Middle East and North Africa.
Although the result of the Stuxnet attack, which slowed down the Iranian effort to develop weapons-grade nuclear material, was cheered in much of the world, many experts have expressed concern that the sophisticated code involved-much of it now downloaded on the Internet-could be used for destructive attacks against Internet-connected machinery and systems in industrial countries. Some have already been inadvertently infected by Stuxnet. After a wave of cyberattacks against U.S. financial inst.i.tutions in late 2012 that security officials said they believed were launched by Iran, U.S. Defense Secretary Leon Panetta publicly warned that a ”cyberPearl Harbor” could do serious damage to U.S. infrastructure.
Because computer viruses, worms, and other threats can be resent from remote servers located in almost any country around the world, the original source of the attack is often virtually impossible to identify. Even when circ.u.mstantial evidence overwhelmingly points toward a single country-China, for example-it is difficult to identify what organization or individuals within that country are responsible for the attack, much less whether the Chinese government or a specific corporation or group was ultimately responsible. According to Scott Aken, a former counterintelligence agent and expert in cybercrime, ”In most cases, companies don't realize they've been burned until years later when a foreign compet.i.tor puts out their very same product-only they're making it 30 percent cheaper.”
While organizations in China have apparently been the princ.i.p.al offenders in this category, a large number of Western corpor
<script>