You are here: 国产小呦女 School of International Service Centers Security, Innovation, and New Technology Book Review - The Perfect Weapon: War, Sabotage and Fear in the Cyber Age

Technology

Book Review - The Perfect Weapon: War, Sabotage and Fear in the Cyber Age

By |

David E. Sanger鈥檚 riveting work, The Perfect Weapon: War, Sabotage and Fear in the Cyber Age, explores the quandary of how to use and defend against cyber-attacks. He describes听the perfection of cyber weapons as their almost limitless ability to steal money, pilfer secrets,听sabotage critical infrastructure, undermine democracies, and tear societies apart at the seams.听Cyber weapons are available to large and small powers, democracies and dictators and they have听altered the geopolitical landscape forever. The panoply of questions that this fact raises makes听Sanger鈥檚 book fascinating. How does a nation respond to, deter, or defend against a stealthy,听effective, deniable cyberattack? Is it better to threaten an overwhelming cyber counterattack?听Or should it be a non-cyber response, ranging from economic sanctions, a conventional military听response or even going nuclear? Does a nation 鈥渂unker-in鈥 and harden its defenses? (Sanger听alleges this is a 10-year task for the United States.) The author takes on all of these questions and听more. Organized into thirteen nearly stand-alone chapters, four important threads run throughout听the book: (1) A strategic partnership between government and private sector technology听companies is vital; (2) Cyber transparency is a required; (3) A good cyber offense requires a听good cyber defense; and (4) There is an underlying risk of escalation into conventional war.

David Sanger is a senior national security correspondent for The New York Times and has been on three Pulitzer Prize-winning teams. As part of his journalistic career, Sanger served as听the paper鈥檚 White House correspondent during both the Clinton and Bush administrations. This听book is sourced almost exclusively from the author鈥檚 firsthand interactions with world leaders听and cyber experts. His direct access to presidents, politicians, technology CEOs, and security听leaders around the world is unparalleled. The foreshadowing of things to come is chilling. The听insights into the threat are eye-opening for a cyber neophyte. For instance, what cyber threat听could possibly cause a steady hand, like former US Secretary of Defense James Mattis, to听recommend a policy of nuclear deterrence in this arena?

The book is easy to read for anyone interested in geopolitics and the conundrums of听offensive and defensive cyberwar. The author does not delve deeply into the technical issues听underpinning cyberwar but provides enough details for the tech savvy reader to appreciate and听explore further. In addition to the four pervasive themes, this book focuses on the 鈥7 sisters of听cyber conflicts鈥 鈥 US, Russia, China, Britain, Iran, Israel, and North Korea. The United States is听portrayed as surprisingly aggressive and predictably vulnerable in this arena.

The role of private companies is interwoven throughout the book. Sanger illuminates the听complex debates concerning personal privacy and electronic device security. Who is right when听law enforcement demands access to a 鈥榮ecure鈥 iPhone? Do the ends justify the means when law听enforcement pays one private company to break a security system designed by another company,
intended to ensure a US citizen鈥檚 privacy?

Sanger provides an insightful history of a time when government collaboration with听industry was easier and explains why it is dysfunctional today. An example of why there is a听bad public-private relationship is Snowden鈥檚 leak of a secret NSA briefing revealing (with a听smiley face graphic) where the NSA will tap into the Google Cloud. Consequently, it is not听surprising that Google鈥檚 head of security told Sanger 鈥淣o hard feelings, but my job is to make听their job hard,鈥 referring to the NSA. Sanger juxtaposes such areas of public-private friction
with historical illustrations of close cooperation, such as the 鈥減roud鈥 American company,听AT&T鈥檚 Bell Laboratories, enthusiastically supporting successful Cold War efforts in the 1980s.

Sanger advocates for greater cyber transparency on several fronts. How does a nation听begin to discuss setting international rules about the use of weapons whose existence and use are听not acknowledged? Additionally, how do听institutions defend against threats if the intelligence听community will not share information of a known threat, its details, and reliability, for fear of
compromising sources? A perfect example is the FBI鈥檚 anemic attempts to warn the Democratic听National Committee (DNC) of Russian cyber intrusion into their network well before the 2016听election. The warning went unheeded, and the DNC fumbled the response. The timeline was听such that 鈥渂abies were conceived and born鈥 before the DNC looked into the warning, and the US
presidential election was directly impacted.

The reader becomes well informed regarding the United States鈥 frequently used and听effective offensive capabilities. Despite eras of timidity, especially under President听Obama,听the听US听has听set听many听cyberattack听precedents.听The听descriptions of Stuxnet and Olympic Games are听riveting and the results satisfying to an American reader. Sanger also explains how the US has听seen its cyber weapons stolen and turned back on it (not so satisfying).听

Sanger states that ten years will be required for the United States to develop a defense听that听is听adequate听for听cyber听deterrence.听But听this听argument听is听underdeveloped compared to other听issues in the book and needed greater detail to make such a long timeline convincing. A听comparison to 鈥淭he Great Firewall鈥 of China might have been a good place to start. Perhaps the听public sector 鈥 private sector relationship in the United States could be expanded to encompass
national cyber security standards such as regulations, incentives, and penalties for non-听compliance. This might be a natural extension of Sanger鈥檚 鈥渄efend forward鈥 and 鈥渄eterrence听through transparency鈥 of offensive capability argument.

The author provides recommendations, mostly relating to cyber transparency. In听particular, establishing a cyber 鈥渞ed-line鈥 requires a credible deterrent that the United States听presently lacks. Sanger does not advocate for Mattis鈥 nuclear deterrence concept but听recommends that the United States鈥 powerful offensive cyber capability be clearly revealed and听publicly employed to establish strong deterrence. Weaker states such a North Korea currently do听not fear a US response to egregious cyber-attacks. Public attribution and responses to attacks are听also required for an effective cyber policy. Faster technologies and the use of artificial听intelligence will increase the destructive power of cyber-attacks. The author believes that听cyberwar arms control agreements must come out of the shadows and that the days where only听nations with conventional weapons could threaten the United States are gone.


About the Author:听

Steve Bruner is a recently retired Lieutenant Colonel in the United States Army with tours in Bosnia, Kosovo, Iraq and Afghanistan. His career culminated with a four year stint coordinating strategic level crisis response exercises at NATO's Joint Warfare Centre in Stavanger, Norway. 听He is currently completing a MA in International Affairs: Comparative and Regional Studies for Eurasia focused on security issues at 国产小呦女's School of International Service. His primary research interests are the geopolitical challenges and security threats around the Black Sea. He hopes to rejoin NATOs efforts to predict and prepare for emerging threats upon his graduation from 国产小呦女. 听


*THE VIEWS EXPRESSED HERE ARE STRICTLY THOSE OF THE AUTHOR AND DO NOT NECESSARILY REPRESENT THOSE OF THE CENTER OR ANY OTHER PERSON OR ENTITY AT AMERICAN UNIVERSITY.

more_csint_reviews