As you may have guessed by now, I'm not a fan of hacking. And I never have been -- not even in the romantic old days of clever young programmers taking on "big computing." One reason was that, having grown up with these folks in Silicon Valley, I saw them less as juvenile Robin Hoods liberating the computer world from oppression, and more as just a bunch of arrogant gearheads who wanted to show they were smarter than their more successful, mainstream peers.
Just as important, I've always been haunted by secondary consequences of hacking -- something apparently lost on the perpetrators. When I read about a virus or worm crashing millions of computers and processors, I remind myself that some of those devices are embedded within or wired to things like fetal monitoring systems, surgical equipment, robotic bomb demolition equipment ... and ICBMs.
Have any hacks of the past killed babies or other vulnerable people? Will they? Do hackers even care -- or do they like the idea that they have the power to not only cripple major institutions, but even kill by proxy?
Finally, my time as an investigative reporter proved to me that today's clever new hack by some brilliant, resentful kid in his parent's basement is tomorrow's weapon of choice for some really nasty people around the world: mobsters, child pornographers, totalitarian regimes, enemies of freedom everywhere.
Would anyone be surprised if a "group or state" -- cough, cough *North Korea* -- this time used a repurposed piece of old malware, no doubt developed by some U.S. hacker a decade ago, against us?
The awful irony to all of this is that, having spent a generation now figuratively patting hackers on the heads for their crimes and telling them not to do it again, we seemed to have put ourselves into the trap of treating all such assaults as a form of victimless crime, a kind of practical joke perpetrated by people with more brains than sense. Sure, we send one or two to prison for awhile, but we're more likely to hire a successful hacker to help us fight the next generation of his ilk ... once more, taking a defensive posture.
And this is what that attitude has earned us. One of the most interesting bits of news to come out of the coverage of this cyber attack was the fact that, according to the Department of Homeland Security, the rate of online security breaches on government and private institutions in this country is skyrocketing -- 72,000 last year, double the number of the year before.
Meanwhile, the occasional story will bubble up in the mainstream media about the Chinese government sponsoring teams of hackers to probe our defenses. Similar stories have appeared about terrorist groups in the Middle East. And we know that the Iranian government, during the recent protests, went to great lengths to shut down outside coverage in the form of blogs, tweets and YouTube videos.
At what point do we decide that such assaults on our sovereignty, our institutions and our fellow citizens are unacceptable? When do we get out of our defensive crouch and actively go after governments that are attacking us through cyberspace? Will it be after a Web Pearl Harbor catches us by surprise and crashes our financial markets -- or kills thousands of people trapped in computer-controlled transportation systems run amok, or in a darkened city trapped in a blizzard or heat wave, or babies in microprocessor controlled incubators?