The phenomenon of last week’s widespread cyberattack, using weapons developed by the United States National Security Agency to disrupt major computer operations all over the globe, is not surprising, but it does call for urgent action.
The villains of U.S. Western movies at one point were the people who sold repeating rifles to Native Americans to use in place of their bows and arrows. In modern times, weapons proliferation grew much more lethal when the United States developed the atomic bomb, intended to end World War II more rapidly, but the technology then got handed to the Soviet Union.
More recently, America’s and others’ cyberweapons creatively have been used to mess up Iran’s nuclear enrichment program, using the computer worm known as Stuxnet. It also appears that U.S. cyberaction has been used to gum up North Korea’s rocket launches.
The problem now is that some of the clever procedures NSA developed have leaked out, or have been developed independently by people in basements and elsewhere in Kiev, Moscow and Pyongyang, and are being used as they were last week from Ukraine to sabotage important systems. The NSA is showing itself to be leaky. The lessons that must be drawn are, first, that the NSA must button up its files and techniques much more tightly, and, second, that whatever cyberweapons we have, we must also stay ahead in that game in our capacity to protect our own cyber infrastructure.