Evan Kohlmann of the CT Blog steps into my wheelhouse:

The United States is gradually losing the online war against terrorists. Rather than aggressively pursuing its enemies, the U.S. government has adopted a largely defensive strategy, the centerpiece of which is an electronic Maginot Line that supposedly protects critical infrastructure (for example, the computer systems run by agencies such as the Department of Defense and the Federal Aviation Administration) against online attacks. In the meantime, terrorists and their sympathizers, unhindered by bureaucratic inertia and unchallenged by Western governments, have reorganized their operations to take advantage of the Internet’s more prosaic properties. […]

To counter terrorists, the U.S. government must learn how to monitor their activity online, in the same way that it keeps tabs on terrorists in the real world. Doing so will require a realignment of U.S. intelligence and law enforcement agencies, which lag behind terrorist organizations in adopting information technologies. At present, unfortunately, senior counterterrorism officials refuse even to pay lip service to the need for such reforms. That must change — and fast…

Caveat: I am not a Foreign Affairs subscriber so my comments are limited to the 500 word preview and what I remember of Evan’s comments on NPR this past weekend. Color me irresponsible if you wish.

Lashing together the follies of the cyber-hypsters and the presumption that the government is not already doing what he suggests is a little naïve. It is a basic tenant of intelligence collection that you drive your adversary off of channels you have no or little control to one that you “own” and it can be argued that given the flow of Internet traffic around the world , the capabilities of our intelligence agencies (in particular one in Maryland), and recent reporting about online surveillance activities, it is a little hard to believe that anyone thinks we are not already doing exactly what the author is recommending. If nothing else one need only note the rending of hair and gnashing of teeth that takes place when someone discovers that terrorist-related Web site is hosted by a US firm “and the government is doing nothing about it!” to catch the hint that maybe, just maybe, we have good reason to keep those sites alive.

I don’t mean to belittle the risks associated with “cyber” terrorism. Everyone I know – practicing experts, not talking heads – is in the “cyber-as-supplement” camp. As someone who has been involved in these issues to one degree or another for many years, the best description of the situation that might be offered is “the concern is real, the threat is exaggerated.” With the ‘Net becoming a primary source of information around the world, it makes little sense to take down or adversely impact the very medium that allows, to channel Brian Jenkins, a lot of people to watch but has yet to cause a lot of people to die.

I also don’t want to give the impression that the work being carried out by the folks at SITE or Internet Haganah is hurting CT efforts – sometimes you gotta send people to /dev/null – but there is a balance to be achieved that is hard for many to accept.

Maybe it is unfair for someone who was neck deep in the “cyber terrorism” portfolio to level such criticism, but given the age we live in I’d rather improve the baseline of knowledge about this area, not perpetuate the idea that Uncle Sam is an analog basket case. Dude, let’s grab a beer.

About the Author

Michael Tanji

Michael Tanji spent nearly 20 years in the US intelligence community. Trained in both SIGINT and HUMINT disciplines he has worked at the Defense Intelligence Agency, the National Security Agency, and the National Reconnaissance Office. At various points in his career he served as an expert in information warfare, computer network operations, computer forensics, and indications and warning. A veteran of the US Army, Michael has served in both strategic and tactical assignments in the Pacific Theater, the Balkans, and the Middle East.