Cyberwar is Hell

AV profiteers delight

Cyberwar is Hell, but never too hellish for feverish salesmanship. Take, for example, McAfee's recent botched attempt to sell the public on the merits of the fiendish "JPEG virus" said to be hanging over beloved digital stockpiles of family photos and Swedish pornography like the sword of Damocles.

The corporate deployment of fear and loathing started strong but quickly fizzled. While the Associated Press fell for the McAfee news ruse, publishing a corporate mouthpiece's blank claim that "[potentially] no file type could be safe" -- few others were quite so impressed.

The citizens of Slashdot, always edgy bellwethers of computer-geek tech and opinion, scoffed and revolted. A brief lynching-in-absentia party in honor of the anti-virus firm was held. A few loose cannons even went Oliver Stone, going so far as to toss around the old and much beloved conspiracy theory that the A-V industry is either hiring virus-writers or spreading their wares in order to massage sales.

But even though the JPEG virus stunt fell flat, when cyberwar is threatening, no amount of potential ill will or discouraging word can stay the dedicated computer security shill from his work.

So last week the Business Software Alliance emitted a "survey" which claimed many of its participants were convinced a major cyber-attack would be launched at the American government in the next twelve months.

It was critical, wrote flacks for the BSA, that the Bush administration move swiftly and not shirk in its "financial and philosophical commitments" -- i.e., the accelerated purchasing of more security software and consulting services -- in order to secure the infrastructure of the nation against the approaching cyber-attack. Vendors camouflaged within the BSA press release emerged to beat their breasts and assert that they stood ready to do their duty to help protect against the foul strike they knew was coming. Hurry with those financial and philosophical commitments, though.

"This survey accentuates the importance of network security and availability of solutions in the fortification of our homeland defense," said the president of Network Associates. It was insincere, stilted theatre but slightly superior, by virtue of vagueness, than the easily laughed off claims about the JPEG virus. (But will it be enough to make people forget about that unfortunate SEC investigation?)

Pros were hired and separate public relations firms with names like Ipsos and Edelman were enlisted to take the word of cyber-strike to the press for their BSA clients.

One foolish but very enthusiastic adjutant even wrote me to attest that security reps were alertly standing by to provide me with "color commentary" on the cyber-attack. He assured me that they would be able to tell readers and, by extension, government buyers what they should be thinking while preparing for the assault. They would know the right stuff, he indicated, because the clients had contracts with the Department of Defense, the FBI, the National Security Agency, and such. Since color comment is my specialty, there was no need to take him up on the offer.

Then it occurred to me that the cyberwar on terror, just like the real war on terror, really was a new kind of conflict. It was obvious that the job of rallying the country against the virtual danger of viruses could not be left to amateurs. Only heavy-handed PR and other stealthy special operations were to be trusted with this task. The cyberwar on terror would only be won if we were treated like fragile mushrooms, carefully kept in the dark and fed a rich mix of manure on the nature of roving computer danger.

Appeals to open the wallet in the name of patriotism and duty are common ingredients.

The National Cyber Security Alliance is another obscurely named group of vendors that has tasked itself with this job. One of its websites, Stay Safe Online, purports to offer on-line "tech talk" on net self-defense. While the substantive talk is thin, the message is thick.

"Protect Your Computer, Protect Your Country's Cyber-Infrastructure!" was the title of one safety chat, hosted by a Norton anti-virus salesman. "Your computer can be used to launch a cyber attack against the Web sites of other people and businesses, so make sure your computer has the proper Internet security software installed and help protect your country!" its introduction thundered.

Infected chips sink ships! Beware of careless installs!

Remember, Uncle Sam wants you ... to buy anti-virus software.

© 2002 SecurityFocus.com, all rights reserved.

Sponsored: Driving business with continuous operational intelligence