In the War on Terrorism, the U.S. desperately needs cyber-whizzes to protect its critical computer infrastructure. The threat is real: imagine terrorists disrupting the Eastern–U.S. power grid during an August heat wave, while simultaneously shutting down the 911 emergency-response system. The CIA reports that 20 countries, some of which may sponsor terrorism, are preparing cyber-war capabilities for use against the U.S. And we’re not prepared: Congress gave the feds an F in cyber-security this past November.
Hackers, who readily spot network weaknesses, can help. Not all hackers are destructive, if clever, anarchists: most go about their illegal activities as a kind of ego-boosting “gotcha,” breaking into protected computer systems without doing harm, but only exposing how the systems are vulnerable to attack. System administrators can then patch the hole before someone else does real damage. Why not put some of these bright people to work fighting terror?
The private sector is already hiring hackers. The network security firm @stake is built around a clique of Cambridge, Massachusetts–based hackers who scripted some of the system-breaching tools that the real cyber–bad guys use to this day. Companies now pay these erstwhile mischief makers to perform attack simulations on their computer networks.
Foreign governments use hackers, too—but Washington isn’t interested, at least not publicly. Richard Clarke, head of the new federal Office of Cyber Security, likes to tell the story of three teenagers—two Californians and one Israeli—who broke into Pentagon logistics and transportation systems in the midst of a brewing crisis in Iraq in early 1998. Pentagon chiefs feared that the Iraqis had done it but eventually found the teen culprits. The two Americans were prosecuted, sentenced to three years’ probation, and forbidden unsupervised use of the Internet; the Israeli, acclaimed as “damn good” by then–prime minister Benjamin Netanyahu, wound up working for the Israeli military.
A spokeswoman for Congressman Stephen Horn, chairman of the House subcommittee that flunked the feds in computer security, explains that federal cyber-warriors must pass “background checks and security clearances.” It’s a reasonable precaution. Nonetheless, the feds might still use hackers with less than sainted pasts to help secure non-classified networks and to train law-enforcement officials in the techniques of cyber-crime—just as the CIA will be recruiting unsavory characters who can help us fight terror. Even those hackers caught breaking cyber-crime laws—the United States Security Act of 2001 makes hacking a crime punishable by up to 20 years in prison—could be “flipped” to serve our national interests, with software that logs a computer’s every keystroke used to keep an electronic eye on their computer activities.
When the digital war begins in earnest—that’s when, not if—we’ll need an expanded, experienced cyber-militia to help us win it.