War on CyberHype 0

The BBC reports some sensible comments. No doubt they will be lost in the rush to sell scary books and make scary headlines (emphasis added):

Bruce Schneier claims that emotive rhetoric around the term does not match the reality.

He warned that using sensational phrases such as “cyber armageddon” only inflames the situation.

Mr Schneier, who is chief security officer for BT, is due to address the RSA security conference in San Francisco this week

Speaking ahead of the event, he told BBC News that there was a power struggle going on, involving a “battle of metaphors”.

(snip)

His point of view was backed by Howard Schmidt, cyber security co-ordinator for the White House.

“We really need to define this word because words do matter,” said Mr Schmidt.

“Cyber war is a turbo metaphor that does not address the issues we are looking at like cyber espionage, cyber crime, identity theft, credit card fraud.“

The portion I put in bold illustrates part of the reason for the success of the “cyberwar” hype.

Unscrupulous persons do lots of different nasty things.

Nasty things done with computers have in common one thing: they are done on (gasp!) computers.

Many persons, even those adept at using individual computer applications, such as a web browser or an office suite, have no idea how a computer or a network does what it does. Therefore the hypesters can fool persons into thinking that the many nasty things are actually one nasty thing–“cyyyyyyyyyyybeeeeerwaaaaar”–because they are done on (gasp!) computers.

They can therefore write white papers, sell scary books, get interview gigs on telly vision, and, perhaps most significantly, get lucrative consultancy gigs writing more white papers, promoting more scary books, and appearing in more interviews on the telly vision.

I’m not saying there is no reason to worry. Both individual computer users and system admins should practice safe HEX.

But there’s no reason to predict cybergeddon.