How do you keep a concept like our perennially impending "Electronic Pearl Harbor" fresh and exciting a decade after its introduction? By tying it in to Y2K, of course.
FBI cybercop Michael Vatis recently warned that terrorists posing as Y2K programmers may be planting trapdoors and logic bombs in corporate software -- a theory that's been swimming around the media pool for a few months now.
Gear, "The New Magazine for Men," tackled the manly topic of Y2K cyberterror in its October issue, and opened by gravely warning about "a new breed of hacker." Unlike the old breed, who would "tag sites" for fun, today's hackers are out for cash, the article claims.
The proof: the case of "Kevin Poulson" [sic], who hacked into telephone company computers to cheat at radio station contests.
As much as I like being a trend-setter, I must point out that the last time I committed a computer crime George Bush was in the White House and no one was tagging sites on a Web that did not yet exist.
Reporters Mike DiPaola and Bill Scannell -- it took two guys to write this -- show the level of accuracy and sourcing typical of mainstream "cyberterror" coverage. They lament that I "served only 51 months" for my crimes, graciously knocking a year off my time. They write about Kevin Mitnick, falsely reporting that he landed "on the FBI's Most Wanted list." They describe Back Orifice as a "virus" that gives anyone the capacity to penetrate "virtually any computer, anywhere."
And they bring it all home to Y2K cyberterror, and threw in a dash of xenophobia, by citing an anonymous source at an unidentified corporation who "had actually caught a foreign [consultant] programmer altering code" while making Y2K repairs.
Horrors. Reminds me of the time I caught an auto mechanic modifying my car. Frightening stuff.
The article includes the usual quote that Congressman Curt Weldon offered reporters earlier this year, upon learning that unclassified Pentagon systems had been cracked over the Internet. Again. "It's not a matter of if America has an electronic Pearl Harbor. It's a matter of when," Weldon said.
A Nexis search reveals that the phrase "Electronic Pearl Harbor" was first invoked in January 1991, by Infowar pundit Winn Schwartau. Nearly a decade later, we haven't even had an electronic Grenada.
Of course, it's not fair to single out these two reporters; "cyberterror" is as attractive a topic for the press as it is for computer security consultants, law enforcement officials, and politicians. And because it doesn't actually exist, everyone needs to spin things a little to keep the concept alive.
So every break-in to an unclassified Defense Department site gets a cool and foreboding code name, like "Solar Sunrise" or "Midnight Maze." The same stories about hackers moving satellites or changing medical records get loudly recycled, and quietly debunked, again and again, while we all throw out the word "cyberterrorist" to describe the pimply architects of every random website hack, until it becomes part of the vernacular and press and public alike forget that terrorism traditionally involves some sort of terror.
Our critical infrastructure is vulnerable to sophisticated intruders-- there's no doubt of that. It should be fixed. But it has been vulnerable for at least 20 years, and so far no terrorists have shown that their amazing skill at pulling triggers or lugging around diesel-soaked manure translates into the ability to move satellites.
Now the year 2000 is less than three months away, and as the sole representative of the "new breed" of hacker, I can assure you the electronic Pearl Harbor will once again fail to materialize.
Kevin Poulsen is a columnist for ZDTV's CyberCrime