You’re Scared of the Wrong Things

August 7, 2014

We’re Scared of the Wrong Things Americans freak out over small threats and ignore big ones The world—it seems—is on the verge of collapse. Wars rage...

We’re Scared of the Wrong Things

Americans freak out over small threats and ignore big ones

The world—it seems—is on the verge of collapse. Wars rage in Africa and the Middle East. The Ebola virus spreads across West Africa. Edward Snowden, Chinese hackers and Anonymous make a mockery of national cyber security. Religious fanatics are trying to get their hands on nuclear and chemical weapons.

Americans are afraid. And who can blame us? Spend too long with any of the major news outlets and the future can look pretty bleak.

But many of things Americans fear the most more or less are fantasies. That doesn’t stop us from spending time, effort and billions upon billions of dollars trying to defend ourselves. Meanwhile, we often ignore the real threats—the technology, people and phenomena that actually can hurt us.

What are Americans getting wrong about national security? From nuclear terrorism to the much-ballyhooed “cyber 9/11,” here’s where we think our priorities are wrong. And while we’re at it, we’ll mention what we think you really should be afraid of.

America’s Cyberwar defense team. Air Force photo

Don’t worry about ‘cyber 9/11'

Read about cyberwarfare in the media or in statements from Pentagon officials, and you’d be left with the impression that an army of hackers is on the verge of wiping out the U.S.

Here’s just one example. Last month, 10 formers members of the 9/11 Commission warned that a coordinated cyberattack could rival the 9/11 attacks in damage.

“One lesson of the 9/11 story is that, as a nation, Americans did not awaken to the gravity of the terrorist threat until it was too late,” the ex-commissioners wrote. “We must not repeat that mistake in the cyber realm.”

While cyber war is very much real, it’s tricky to untangle the actual threats from the ones we tend to exaggerate.

For one, it’s not easy building a cyberweapon that can cause serious industrial damage. Like the Stuxnet virus that tore through Iran’s nuclear centrifuges, these weapons are the purview of the richest nation-states.

Stuxnet’s creators didn’t just build a worm—they built a replica of the Iranian nuclear site targeted in the attack. That’s not something any hacker could do. The overwhelming majority of cyberattacks are small-scale shenanigans that include countries, but also their ad-hoc cybermilitias and organized crime groups.

This misperception helps fuel the Pentagon’s over-reliance on “cyberoffense,” as Peter W. Singer noted in his book Cybersecurity and Cyberwar: What Everyone Needs to Know.

If cyberwar is massively destructive, the logic goes, then there’s little we can do to defend against it. Meanwhile, hackers are able to steal billions of dollars worth of military blueprints, trade secrets and other forms of intellectual property every year.

It’s not that we shouldn’t be afraid of cyberattacks. But we’re afraid of the wrong kind. Al Qaeda launching cyber-9/11? Not so much. But Russian and Chinese hackers looking for technical data on a secret drone project? Or how about the inner negotiating strategies for Fortune 500 companies?

Absolutely.

—Robert Beckhusen

A data-center ripe for the plunder. Photo via Wikimedia commons

Worry about cybercrime, instead

The U.S.—and the rest of the world, for that matter—aren’t ready to deal with cybercrime.

On Aug. 6, The New York Times reported on a group of Russian hackers stealing billions of passwords and other personal information. In February, a security firm discovered more than 300 million stolen credit cards on a black market Website. Hackers stole millions of Target credit card numbers in December.

In April, the security firm Codenomicon discovered the Heartbleed vulnerability and made it public. The faulty SSL code ran for two years before experts found it. Internet companies fixed the problem. The public panicked anyway and changed millions if not billions of passwords.

The public always panics and changes passwords. What else are we supposed to do?

Cybercrime has gotten a lot worse over the past few years. The most recent report from the Bureau of Justice Statistics reported that 16.6 million Americans were victims of identity theft in 2012. They reported a loss of $24.7 billion. That’s $10 billion more than the next highest form of property crime.

And that’s just identity theft. It doesn’t take into account all the other forms of cybercrime such bank fraud. It’s also just a report on cybercrime that victims have discovered. Often, targets of attacks don’t detect the violation for months or years, if at all.

Worse, cybercrime is often stateless. Hackers operate across borders. It’s hard for Washington to justify entering a sovereign nation to round up computer criminals. And when it does pursue foreign cybercriminals, it risks upsetting diplomatic relations.

In July, the Justice Department arrested a Russian hacker in Guam. The Kremlin wasn’t happy about it. Russia—the source of an overwhelming amount of U.S. cybercrime—doesn’t typically prosecute hackers so long as they target computer systems outside of Russia.

Cybercrime is a growing threat and an international problem. It requires an international solution. But at the moment, the public and the its servants largely are reactionary.

We change our passwords when we hear about the next breach. The Justice Department chases down whichever perpetrators it can, but that barely makes a dent in the rampant cybercrime.

Matthew Gault

Dirty bomb disposal training in Qatar. ASQ-Qatar CBRN photo

Don’t worry about dirty bombs

Nuclear and chemical weapons are favorite bugaboos of television writers. 24 and Homeland pit their heroes against madmen wielding Weapons of Mass Destruction—to name just two.

But those are just stories. We overstate the real threat that WMDs pose. An analysis of a recent news story conducted by the Combating Terrorism Center at West Point helps explain why.

In June, the Islamic State of Iraq and Syria militant group seized uranium from the University of Mosul in Iraq. Later, ISIS took over an old chemical weapons factory in Al Muthanna. It seemed like an army of zealots now could assemble its own WMDs.

This was not the case.

WMDs are complicated and fragile. Nuclear and chemical weapons require a degree of scientific acumen that some roving militant group such as ISIS doesn’t possess.

In the Iraq cases, the age of the captured materials also degraded their capability. Ditto the reliability of the containers. If ISIS wanted to turn the raw materials into something deadly, they’d need to transport them to a more stable and secure location.

It’s doubtful the materials would survive the trip with their lethality intact.

Even if a bunch of militants managed to build a dirty bomb out of the uranium or thorium, the effects would be nothing like the catastrophic destruction and widespread sickness that screenwriters and fear-mongers claim. Uranium and thorium are inert and relatively stable. You have to ingest or inhale to cause any real radioactive damage.

They’re also heavy. Any bomb containing the materials would do the most damage in its initial blast. Attempts to turn to the radioactive matter into a cloud would be ineffective. The material would litter the ground harmlessly before more than only a few victims inhaled the material.

In short, the weapons are too complicated and the resources too scarce and unstable. The chances are small of a terrorist organization acquiring the materials to carry out such an attack. Even when they do acquire the materials, they don’t know what to do with them.

—Matthew Gault

Megacity Tokyo. Chris 73 photo via Wikimedia commons

Worry about wars in megacities, instead

The 21st century has seen the rise of megacities—truly massive, unbroken urban environments whose populations exceed the entire headcounts of some small countries.

These include the New York-Boston-Washington corridor, Beijing and Germany’s Rhine-Ruhr region. But the growth of megacities in poor countries—cities like Lagos, Dhaka and Mumbai—creates the conditions the Pentagon believes will draw the U.S. into a future war.

“It is inevitable that at some point the Army will be asked to operate in a megacity and currently the Army is ill-prepared to do so,” the Army’s Megacities Concept Team warned in a June report.

The Army defines megacities as urban areas with population greater than 20 million, and estimates there will be 37 such cities around the world by 2025, with most of them in developing countries. Where populations go, so does conflict.

That’s particularly the case when there are too many people sharing too few resources—and the police and the army more or less give up on being able to manage them.

“As people flock into the cities you get this donut-shaped ring of outside territory dominated by non-state armed groups,” David Kilcullen, a military theorist who studies megacities, told Small Wars Journal last year. “And these groups can actually lock the city down. They have a choke-hold on the key resources that the city requires in order to survive.”

But how do you fight a war in such an environment? The Army has no idea. The U.S. fought in Baghdad for nearly a decade, a city one-quarter the size of the smallest megacities. If it doesn’t start learning now, it’ll cost lives later.

—Robert Beckhusen

An Al-Qaeda press conference from 1998. AP photo

Don’t worry about foreign terrorism

9/11 scarred America. It arguably was the single most effective terror attack in history. It also was an anomaly—a plot carried out with astounding luck by a small group of fanatics. After the attack, the U.S. quickly ramped up counter-terrorism spending to a whopping $75 billion dollars a year.

All that money seems to have purchased a lot of security. Incidents of foreign terrorism targeting Americans are down. Way down. But according to the Heritage Foundation’s figures, incidents of terrorist activity had dwindled to historic lows prior to 9/11.

The number of incidents spiked after the the Twin Towers fell, but lately have fallen to the same low level we saw in the years leading up to 9/11. Foreign terror attacks on the United States and its citizens were far more frequent decades ago. The most dangerous five-year period was 1987 to 1991. There were 635 attacks.

Terrorism is scary. The attacks seems to come from nowhere. The damage is horrifying. The deaths seem senseless. The perpetrators are willing to die for an ideology most people do not understand.

But in truth, terrorist attacks aren’t very likely—and the U.S. has gotten good at stopping plots in their early stages. It also helps that most would-be-terrorists usually aren’t very bright.

In 2007, a group of six men—all born overseas—conspired to assault Fort Dix in New Jersey. The FBI got wind of their plan when the group asked a retail store to make a DVD of their jihadi training exercises.

Umar Farouk Abdulmutallab attempted to detonate a bomb in his underwear on a Northwest Airlines flight back in 2009. He succeeded in lighting his crotch on fire.

Authorities in New York busted up a terrorist plot aimed at blowing up the Kennedy International Airport. It was apparent from taped conversations of the leader that the group was more interested in airport as a symbol than as infrastructure.

“To hit John F. Kennedy, wow. They love John F. Kennedy. Like, he’s the man,” Russell Defreitas said. “If you hit that, the whole country will be in mourning. It’s like you can kill the man twice.”

If authorities hadn’t foiled the plot, then the plotters’ ignorance of various security measures at the airport would have. It’s hard to kill Kennedy twice.

—Matthew Gault

The aftermath of the Oklahoma City bombing. FEMA photo

Worry about domestic terrorism, instead

We live in fear of foreign terrorism. But while there are terror group that no doubt wish to strike at the homeland, the number of attacks are a statistical blip compared to attacks by domestic extremists.

You can just look at what law enforcement worries about the most. The Department of Homeland Security recently surveyed several hundred police officers, asking them what they perceived to be the biggest terror threat.

The report, released in July, did not rank jihadi threats as the most grave. These ranked second, and didn’t distinguish between foreign and domestic radicals.

Instead, law enforcement worried most about so-called “sovereign citizens.”

These are loosely-affiliated radicals who reject most laws at federal, state and local levels. Individuals belonging to the sovereign citizen movement likewise are responsible for a spate of cop killings in recent years.

In June, a sovereign citizen illegally encamped on federally-owned land shot a California Highway Patrol officer and a ranger with the Bureau of Land Management. These stories are common, if dispersed. Most violent encounters with sovereign citizens never circulate outside the local news.

The DHS report also cites militia groups, racist skinheads, neo-Nazis and both animal rights and environmentalist extremists as ranking highly among law enforcement’s fears. But efforts to counter jihadi groups still receive the bulk of our resources.

Daryl Johnson—an ex-DHS analyst who authored a report on a rise in domestic right-wing extremist groups—lost his job at the agency after criticism DHS unfairly singled out conservatives. Following the uproar, DHS cut staff focused on domestic terrorism.

But Johnson insists it’s not about unfairly picking on the right. “Domestic right-wing extremists trumped all other forms of ideologically-motivated violence in the U.S. for number of deaths during this time period [post-9/11],” he told the Senate Judiciary Committee in 2012.

—Robert Beckhusen

Sign up for a daily War is Boring email update here. Subscribe to WIB’s RSS feed here and follow the main page here.

If you have any problems viewing this article, please report it here.