Juniper's Bitar at RSA: 'The Next World War Will Be Fought in Silicon Valley'
It's been a while since I attended a conference keynote presented by a speaker as apparently pissed off as Nawaf Bitar, senior vice president and general manager at Juniper Networks. His RSA Conference talk, entitled "The Next World War Will be Fought in Silicon Valley," was seasoned with infuriation and rife with get-off-your-butt admonitions.
"Our privacy is being invaded," he said. "Our intellectual property is being stolen. The public trust is at an all-time low. The attack on our information is outrageous. But you know what? I don't think we give a damn. I'm fed up with talking about outrage. It's easy to talk about outrage."
He then went on to compare what he considered true outrage -- the self-immolation of Tibetans protesting China's rule of their country, Nelson Mandela's refusal to renounce his views in exchange for release from prison, and the Tiananmen Square protests of 1989 -- with "liking" a cause on Facebook, retweeting a link, posting a bad review, and boycotting a tech security conference (referring, one assumes, to the 13 speakers who canceled their scheduled talks at the event over allegations that RSA agreed to incorporate a flawed encryption formula into one of its security products to satisfy a secret $10 million NSA contract.)
The second group, he said, are examples of "a new American disease," which he called First World Outrage.
The problem is, we're not really paying attention, Bitar declared, even when we're warned in no uncertain terms. He pointed to a Wired article (http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/) by James Bamford published in 2012 entitled "The NSA Is Building the Country's Biggest Spy Center (Watch What You Say)," which quoted an unnamed U.S. intelligence official: "Everybody's a target; everybody with communication is a target."
"We were explicitly told that we would be spied upon," Bitar said. "There are data centers and data closets all over the world collecting an unprecedented amount of our personal information…. We now know with stunning clarity how deeply our privacy is being invaded. What's really changing?"
Not that we would sit still for everything, Bitar allowed. Threats to families and livelihoods never fail to move people to action. If Edward Snowden's NSA revelations had raised our taxes, he argued, there would have been rioting in the streets. But it's "high time" that we added our information to that very short list of things we truly care about.
We are now facing the unintended consequences of our response to 911, he said, which, among other things, fueled a well-meaning U.S. government to build an information collection system "the like of which the world has never seen."
"Fast forward to today, and we have direct evidence of the depth and breadth of this information collection," he said. "The meta data of our phone calls. Backdoor access to systems. Deciphering encryption keys. Spying on companies. Spying on everyone!"
We should also be concerned (if not actually freaking out) about the changing threat landscape, he said. The past five years have seen attacks against nuclear sites, power grids, and the intellectual property of companies by hactivists, thieves, and increasingly nations seeking to exploit weaknesses in the "cyberfabric" of other nations. Government officials have voiced concerns that cyber attacks might now pose a greater threat than terrorism.
In fact, a cyber attack could, he asserted, lead to actual war.
"If an enemy shot down one of our passenger airliners, we would go to war," he said. "If a nation state compromised our air traffic control system and two passenger airliners collided, would we not also go to war?"
It took him a while to get there, but Bitar finally arrived at his call to action.
"Our information is being stolen," he said. "As individuals and citizens, we should be truly outraged -- not first-world outraged. The time for apathy is over. We cannot go on the offensive and hack back; we would lose the moral high ground. But we can no longer remain passive. It's time for a new type of defense, an active defense that disrupts the economics of hacking and challenges convention, a type of defense that interferes with the attackers, that breaks algorithms, that disrupts data collection. It's time for all of us to turn the tables on the attackers."
Bitar's concerns are not new, of course, and he offered no specific solutions. But his effort to create a kind of historical context for the current state of affairs in the world of cyber security was engaging, and his unvarnished outrage was refreshing. He didn't set himself on fire, so I'm not sure whether he could be faulted for expressing First World Outrage, but judging by the audience response to his talk, I suspect that he might have lit a fire under at least a few attendees.
Posted by John K. Waters on February 26, 2014