Skip to: Content
Skip to: Site Navigation
Skip to: Search

America the Vulnerable

America has become the fattest cyber attack target on the planet, writes Joel Brenner in his disturbing new book.

By / November 4, 2011

America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare Penguin Press 308 pp.


Top-secret fighter jet designs filched by foreign cyber spies. Oil companies' vital exploration data siphoned from corporate networks. A new, highly potent form of malicious software that can wreck industrial machinery like power generators.

Skip to next paragraph

Whether it's cyber spying, identity theft, or cyber sabotage, the drum beat of computer threats has become standard fare in articles, books, and movies. So much so, Americans can barely be bothered to peer up from their iPhones (really hand-held mobile computers) to register shock or astonishment at the latest travesty.

Thousands of stolen secret State Department documents dumped via Wikileaks onto the internet? Google's source code in the hands of Chinese hackers? Twenty terabytes of information – enough to fill a line of moving vans miles long if the data were on paper – stolen by cyber spies from Pentagon networks?

Just another day at the office. And yet we should be paying attention. America has, in its rise to global internet-connected preeminence, become the fattest cyber attack target on the planet with government and corporate networks alike as porous as Swiss cheese to advanced attackers, writes Joel Brenner in his disturbing new book American the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime and Warfare.

What he describes is a nation that has, unwittingly, created for itself a digital "glass house" in which virtually all data belonging to individuals, companies, and government can be gotten at one way or the other – by hook or crook, friend or foe.

"The United States cannot defend the electronic networks that control our energy supply, keep aircraft from colliding in midair, clear financial transactions, or make it possible for the president to communicate with his cabinet secretaries," he writes. "We cannot permit this situation to continue and remain in control of our destiny."

Brenner is not the first major voice to sound this warning. Richard Clarke, former counter-terrorism director until 2003 under President Bush, in his 2010 book "Cyber War," warned of a possible electronic sneak attack on the US in which the power grid could be a prime target. He, too, offered a good list of recommendations.

But Brenner's main service is to bring a much needed, recent insider perspective to the cyber-threat debate. Serving as national counterintelligence executive in the office of the National Intelligence Director from 2006-2009, he spent the previous six years as inspector general of the National Security Agency. He knows what he is talking about. We should listen to him. Carefully.

"Operation Aurora didn't just hit Google," he reminds us of the hacker attacks that stole the company's critical source code in late 2009 and early 2010. "It was a coordinated attack on the intellectual property of several thousand companies in the United States and Europe – including Morgan Stanley, Yahoo, Symantec, Adobe, Northrop Grumman, Dow Chemical and many others. Intellectual property is the stuff that makes Google and other firms tick."

So who did it? Brenner says "the operation was approved at high levels of the government of the People's Republic of China" – a member of the Politburo Standing Committee, Li Changchun. How does he know? Ironically enough, Li's role, detailed in secret State Department documents put onto the web by Wikileaks, was then written up by The New York Times. During his days in the intelligence office, Brenner was one of the most bluntly outspoken US officials on the Chinese cyber threat. It is truly ironic that his case is so strengthened by Wikileaks, a vulnerability he decries in the book.

While government officials know something must be done, the US still seems in slow motion, he writes. Even as numbers and sophistication of cyber attacks grow rapidly, defense of the nation's intellectual property in corporate systems, government networks – and even US critical infrastructure like financial, air traffic control, water, and power grid systems – is still far too feeble, he writes.


Read Comments

View reader comments | Comment on this story