Many readers probably do not remember “Red” Adair. He was the go-to guy whom you called as a last resort to cap a blazing or gushing oil well, either on land or offshore. In April 1977 he capped a well in the North Sea that was the second largest leak of the time, and he participated in capping the Kuwaiti oil wells set alight by Iraq during the 1991 Persian Gulf War. He died in 2004 having sold his company in 1993. Of course he comes to mind when looking at images of the gushing oil leak following the BP oil rig’s burning and sinking into the Gulf of Mexico. BP management mentioned that they had engaged the teams that capped the Kuwaiti wells, so it is likely that Adair’s successors are involved in the current effort. But could Red Adair himself have capped this well and prevented so much oil leaking into the sea? We’ll never know.
We all like to think that superheroes … Superman, Batman, and Iron Man … will arrive in the nick of time to save us from catastrophic consequences. Well, how about Cyber Man or Woman? If a nation is subjected to a major cyber attack, which takes down systems and networks and grinds the economy to a standstill, is it reasonable to assume that a cyber superhero (played by Bruce Willis, no doubt) will pull us out of the jaws of disaster?
The concern about cyber attacks is reinforced by the article “The Enemy Within” by Mark Bowden in the June 2010 issue of The Atlantic Monthly. It is about the Conficker worm. The article tells how, despite the intense efforts of today’s cyber Red Adairs (the “Conficker Cabal,” as they are called), Conficker still remains a major threat; in other words … the bad guys are winning (or possibly may have already won).
If you look into what made Red Adair a hero in his time, you learn that he had deep knowledge and intense courage, and he developed the very best equipment for the tasks at hand. There are some information security experts with extensive knowledge of cyber attacks and cyber warfare. However, in Bowden’s article, Rodney Joffe, SVP and Chief Technologist at Neustar, claims that “There aren’t more than a few hundred people in the world who understand this stuff.”
Most information security experts, in my experience, are really nice people, but they do not seem ready, willing or able to confront adversaries in a rough and tumble. They say what should be done, but do not seem able to muster the forces that are needed to succeed against our adversaries.
Richard Clarke has just published a book on cyber warfare, detailing vulnerabilities and sources of attack. But, in a recent interview with Rachel Maddow on MSNBC, which I described in my May 18, 2010 column “What Richard Told Rachel,” he appears too cerebral and objective … he doesn’t energize anyone to action. Howard Schmidt has the courage to take on the formidable task of White House cyber coordinator, but I haven’t seen him rant and rave about our needing to man the ramparts or charge the enemy (wherever they might be). Vice Admiral Michael McConnell (USN, Ret.) is low key when he states that nothing significant will be done by the public and private sectors until after we have experienced a major attack (see my March 29, 2010 column “Cybergeddon … Ho Hum”).
On the other hand, President Obama, to his credit, did make a major speech on the topic on May 29, 2009 and has shown that he can fight for causes that he truly believes in. However, I don’t think that he has been sufficiently coached on the imminent dangers that face our cyber livelihoods and existence. In fact, his recent statements about not knowing anything about iPods, iPads, PlayStations, etc. give one pause as to the degree to which he might be fully cognizant of the real potential impact of cyber attacks.
When academics address the topic, it is usually from the vantage point of an interesting challenge requiring some game-changing technologies … and these solutions are likely to be years away. No urgency there.
Our defense, intelligence and law enforcement agencies are heavily involved, but predominantly with respect to their own turf. So what is left?
What we need are convincing cybersecurity and cyber defense calls to action, leaving intellect and reserve behind. An appropriate exhortation, taken from William Shakespeare’s Henry V, might be: “Once more unto the breach, dear friends … !”
Once more …