Safety Instrumented Systems / Fieldbus / Wireless / Stuxnet

Cyber Attack, But Wait We're the Good Guys!

Does Being the "Good Guys" Mean We Can Do Things We Would Find Objectionable If Others Did Them to Us?

Walt BoyesBy Walt Boyes, Editor in Chief

This is aimed primarily at citizens of the United States, but it isn't entirely an American phenomenon. So, even if you aren't an American citizen, you might want to read and think about this.  People have been suggesting for a while that we'd be in significantly less danger from external cyber attack if the political stance of the United States were different on some issues. If, for example, we had not gone to war in Iraq, or if we had not led a NATO coalition against the Taliban in Afghanistan, or if…the list is endless…we wouldn't be in danger from cyber attack from those quarters.

It is the same theme that was roundly condemned after the murders on 9/11. The reductio ad absurdum of this argument is that if the United States had only supported the Nazi genocide, there wouldn't be an Israel, and the Palestinians and Wahabi Muslims wouldn't have any reason to hate us. Silly? Stupid? Yes!

While that argument has logical flaws you can drive the U.S.S. Enterprise through, the other side of the discussion bothers me as well.

It is becoming apparent that the U.S. government had at least some involvement in the use of the Stuxnet malware to damage the Iranian uranium enrichment plant last year. The rumormill in cybersecurity land says that Duqu, the "son of Stuxnet" variant that has been deployed recently is a "warning" from the U.S. government to other countries about the dangers of attacking us through cyber means. That's as may be. The theory appears to run that because we're the good guys we can do those things, and they become therefore "good." Manifest Destiny.

But, if Stuxnet or Duqu or the recent U.S. government-sponsored assassinations were perpetrated against Americans by a foreign government, the U.S. government and citizenry would be screaming that these were unacceptable acts of war or terrorism.

I am troubled by this apparent schizophrenia in the body politic. But more, I am troubled by the suggestion that those are the only two intellectual stands possible. Much of my trouble comes from the ideals that we Americans say we stand for and have so many times missed the mark on.

We Americans have always believed that if we do things of questionable morality, ethics or legality, that we get the Good Guys' Seal of Approval anyway. And we don't understand why that looks significantly different from the outside staring in.

That same sense of schizophrenia has struck in economic terms. Companies that have made such a huge noise about "stakeholdership," while moving offshore and reducing their U.S. labor force and trying to end pension and health benefits—while at the same time paying their top executives something like 400 times as much as the average worker—give me the same sort of cognitive dissonance I see in our reaction to cyber terrorism.

It seems to me that what we're talking about is ethical citizenship. Whether that citizen is a government (and I most emphatically do not mean just the United States') or a corporation, talking like a good citizen and then acting like a thug is repugnant, unethical and carries with it the seeds of its own destruction.

In his keynote at Emerson Global User Exchange in October, Emerson's president, Steve Sonnenberg, said he wanted Emerson to be the end users' trusted partner and adviser. He proposed that one of the ways to do that is to manage ethically. Steve could not be more correct. It applies in government as well as in the way companies relate to their customers and to their employees.

In the immortal words of Walt Kelly's beloved Pogo, "We have met the enemy and he is us." And just remember how long ago those words were written.