Are we really at risk from sophisticated technological warfare? Since stuxnet there’s been a lot of talk about ‘terrorists’ using malicious code to undermine our critical infrastructure. I’m sceptical however. I just don’t see it being really effective. Computer systems are exceptionally resilient and when you attack only the software in most cases a problem can be corrected within say, 24 hours. Even if an attack took out the control systems for a power plant or our water supply the backups are available, the hardware is undamaged, the disruption could be costly but the affect on Joe in the street is simply annoyance and inconvenience. You destroy a building and you can cripple an organisation, you damage the data on a disk and someone just has to retrieve the off-site backup tapes.
No terrorist organisation has ever successfully mounted a ‘terror attack’ on a country or organisation. I’m sure of this because I don’t know about one. If I’m not even aware of it then it’s not been very successful on terrorist terms and the one worm that made the global media was almost universally pronounced to be the responsibility of a national government or huge corporate entity. Industrial sabotage on a corporate or national scale is still not terrorism and more importantly it was actually an abject failure despite being hugely sophisticated.
Currently I just can’t believe that it’s worth the investment of resources to pursue cyber warfare in the form of malicious software. I won’t rule out data-mining or hacking as effective tools for terrorism (as they are potentially for marketing or stock market prediction), but this only informs extortion or targeting of other behaviours. Having information alone is not effective; using it to educate your methods can be clearly advantageous. It’s not really cyber warfare though in my opinion just a modern facet of civilian and military intelligence.
Maybe the level of sophistication will continue to increase, but there will always be real barriers to progress such as the autistic nature of critical systems and physical and mechanical fail-safe’s. I reserve the right to revise my opinion but for now I suspect this whole affair to be a storm in a teacup.