This page contains only the credited written responses from Internet experts and stakeholders who answered this question in the 2014 Pew Research/Elon University Future of the Internet Survey. Some survey respondents chose to identify themselves; a majority remained anonymous. We share most of the for-credit respondents’ written answers here. Workplaces are attributed for the purpose of indicating a level of expertise; statements reflect personal views. To read the full report, click the image below.
Credited responses by those who answered this survey question
Internet experts and highly engaged netizens participated in answering an eight-question survey fielded by Elon University and the Pew Internet Project from late November 2013 through early January 2014.
This survey question asked respondents to share their answer to the following query:
By 2025, will a major cyber attack have caused widespread harm to a nation’s security and capacity to defend itself and its people? (By “widespread harm” we mean significant loss of life or property losses/damage/theft at the levels of tens of billions of dollars.) Explain what vulnerabilities nations have to their sovereignty in the coming decade and whether major economic enterprises can or cannot thwart determined opponents. Or explain why you think the level of threat has been hyped and/or why you believe attacks can be successfully thwarted.
Among the key themes emerging from 1,642 respondents’ answers were: Internet-connected systems are inviting targets; the Internet is critical infrastructure for nation-states, businesses, transportation, energy, banking/finance, and essential daily life for billions of people; the tools already exist to mount cyber attacks and they will improve in coming years–but countermeasures will improve, too. Security is generally not the first concern in the design of Internet applications; it seems as if the world will only wake up to these vulnerabilities after catastrophe occurs. Major cyber attacks have already taken place, for instance the Stuxnet worm and attacks in nations where mass opposition to a regime has taken to the streets; similar or worse attacks are a given. Cyber attacks are a looming challenge for businesses and individuals; certain sectors are especially vulnerable; there are noteworthy divides between the prepared and the unprepared. There is steady progress in security vfixes; despite the vulnerabilities, a distributed network structure will help thwart the worst attacks; security standards will be upgraded; the good guys will still be winning the cyber security arms race in 2025. Deterrence works, the threat of retaliation will keep bad actors in check, and some bad actors are satisfied with making only small dents in the system so they can keep mining a preferred vulnerability and not have it closed off. Hype over cyber attacks is an exaggeration of real dangers fostered by the individuals and organizations that will gain the most from creating an atmosphere of fear.
To read full official survey analysis, please click here.
To read anonymous responses to the report, please click here.
Following is a large sample including a majority of the responses from survey participants who chose to take credit for their remarks in the survey; some are the longer versions of expert responses that are contained in the official survey report. More than half of respondents chose not to take credit for their elaboration on the question (anonymous responses are published on a separate page). They were asked: “Will a major cyber attack have caused widespread harm to a nation’s security and capacity to defent itself and its people by 2025?”
Jeremy Epstein, a senior computer scientist working with the US National Science Foundation as lead program director for Secure and Trustworthy Cyberspace, responded, Yes. “Damages in the billions will occur to manufacturing and/or utilities. But because it ramps up slowly, it will be accepted as just another cost (probably passed on to taxpayers through government rebuilding subsidies and/or environmental damage), and there will be little motivation for the private sector to defend itself. Due to political gridlock and bureaucratic inertia, the government will be unable to defend itself, even if it knows how. The issue is not primarily one of technical capability (although we’re sorely lacking in that department). The primary issue is a lack of policy/political/economic incentives and willpower to address the problem.”
Glenn Edens, director of research in networking, security, and distributed systems within the Computer Science Laboratory at PARC, a Xerox Company, responded, No. “Maybe I’m being optimistic but there is steady progress in security, again the basic architecture of the Internet is wrong on so many levels—so much needs to be fixed. The loss of financial gains is more likely than a loss of life.”
Bob Briscoe, chief researcher in networking and infrastructure for British Telecom, wrote, No. “There will have been major cyber attacks, but they are less likely to have caused widespread harm. They will be stealth attacks to extract information and exploit it for commercial and political gain. Harm to an enemy is only a desire of less sophisticated individuals. Anyone who amasses the ability to mount a major cyber attack, better than their opponent, also doesn’t want to lose their position of advantage. They are likely to shift to strategies of gain for their own position, rather than explicit harm to their victim, which would alert their victim and close off their channels of attack, and set back their advantageous position.”
Stuart Umpleby, a systems theory expert and professor at George Washington University wrote, Yes. “In addition to cyber attacks there are threats from individuals who have access (e.g., Manning, Snowden, Bernie Madoff, Steven Cohen). Digital equipment is vulnerable to solar flares and EMP (electromagnetic pulse). There can be overlooked or underestimated design flaws (e.g., the Y2K bug, Long Term Capital Management, financial derivatives, or the change in the Glass-Steagall Act). Possible solutions: 1. Decentralization can stop cascade effects. However, decentralization plus connection can lead to vulnerabilities since no one is in charge. 2. Oversight and regulation. However, technical regulation requires highly skilled people and the private sector pays higher salaries. Firms also try to keep secrets. In finance the banks are now in a position to write the rules that regulate them. Big banks are getting bigger. So far losses in the billions have been due to financial and political design flaws more than technical design flaws.”
David Clark, a senior research scientist at MIT’s Computer Science and Artificial Intelligence Laboratory, noted, No. “The nation-states with the capability to deliver such an attack do not have the motivation to do so. While there will be some actors (e.g., terrorist organizations) that might have the motivation, they currently do not have the skills, and there are easier ways to cause this sort of damage. However, the odds of this outcome are not zero, only low in my view.”
John E. Savage, chair in computer science at Brown University and a fellow of the IEEE, and the ACM, wrote, Yes. “The integration of national critical infrastructures such as the electrical grid, the financial industry, and corporations into the Internet has created a system that is more fragile than is generally recognized. Computer security in these systems has been and is very weak. While it is unlikely that any one major nation is likely to try to damage the critical infrastructure of another given the potential for blowback, accidents and misunderstandings are a serious possibility. An example of this is the aggressive posture of China vis-a-vis its surrounding waters. They have claimed control over the entire South China Sea through which 25 percent of the world’s maritime shipping occurs and now are claiming sovereignty over a large portion of the East China Sea. If tensions rise over their assertions and an accident occurs at the same time that shuts off the electricity in a large portion of the United States and malware attributed to China is found within computers controlling the electric grid, escalation and further damage are likely. The undersea cable system carries more than 95% of the global Internet traffic. This includes at least $10 billion in financial transactions per day. Damage to a large portion of this system lasting days or weeks could easily reach the threshold cited in the question. The Federal Bank of Boston handles more than $4 billion in transactions per day for the Federal Reserve. If its systems were damaged, the threshold could be reached in a few days.”
Jari Arkko, Internet engineer with Ericsson and chair of the Internet Engineering Task Force, wrote, No. “It is hard to predict what will happen. A single financial transaction gone wrong or a single vehicle accident could cause the damage that you ask about. But I still consider the risk of these events far smaller than many other similar issues, certainly far below financial fraud that we’ve used to seeing from insiders and rogue traders, for instance.”
Barbara Simons, a retired IBM computer scientist, former president of the ACM, and current board chair for Verified Voting, responded, Yes. “I don’t know how you measure the value of democracy in financial terms, but if we move to Internet voting, which is a real danger, we run a very serious risk of having elections stolen. Internet voting is vulnerable to attacks by anyone from anywhere, including insider attacks. And of course it’s impossible to conduct a recount to determine whether or not the declared results are correct.”
Mike Caprio, a software engineer for a consulting firm, wrote, No. “Cyber attacks are a boondoggle invented by military-industrial contractors to bilk governments out of billions of dollars. The infrastructure is not as fragile or attackable as they would claim.”
Vint Cerf, Google vice president and co-inventor of the Internet Protocol, responded, Yes. “While it has been predicted for a long time, there is no question that intellectual property theft is an increasingly serious problem and the potential hazard of data pollution looms. Estonia is the prototypical example. A lot will have been done by 2025 to increase security and safety online but there will still be exploitable vulnerabilities. Systems that observe their own behavior and the behavior of users may be able to detect anomalies and attacks. There may well be some serious damage in the financial sector especially (identity theft is still a problem, etc.). The use of things like Bitcoin, if prevalent, will produce wildly gyrating values and high risks.”
Riel Miller, the head of foresight for UNESCO, based in Paris, wrote, No. “Assuming that vintages of systems remains significant—meaning that the vulnerability of uniformity is avoided—no one attack can be too devastating. Only if some so-called ‘brilliant’ plan manages to create a unified and homogenous infrastructure will this kind of danger really become serious.”
Christian Huitema, a distinguished engineer with Microsoft, observed, Yes. “We are already witnessing the theft of trade secrets, with impact well worth tens of billions of dollars. We are also seeing active development of cyber weapons by many world powers. Historically, such new weapons are always used at least once or twice before nations realize it is too dangerous and start relying on diplomacy.”
Jonathan Grudin, principal researcher at Microsoft Research, responded, No. “Perhaps I am optimistic, but this concern seems exaggerated by the political and commercial interests that benefit from us directing massive resources to those who offer themselves as our protectors. It is also exaggerated by the media because it is a dramatic story. President Eisenhower worried that we would suffer if we had leaders who would not rein in the military-industrial complex, and it is clear our leaders are powerless to rein in the military-industrial-intelligence complex, whose interests are served by having us fearful of cyber attacks. Obviously there will be some theft and perhaps can exaggerate it to claim tens of billions in losses, but I don’t expect anything dramatic and certainly don’t want to live in fear of it.”
Jim Hendler, a professor of Computer Science at Rensselaer Polytechnic Institute, wrote, Yes. “I don’t believe a single major cyber attack of this kind will be a key event, rather there will be a growing number of smaller attacks and crime which cause increased awareness and willingness of people to take better cyber security—security online will become a necessary part of life, varying by where in cyberspace one is—much the way home security or car security is today.”
Christopher Wilkinson, a retired European Union official, board member for EURid.eu, and Internet Society leader, said, No. “Governments and corporations will invest heavily in thwarting attacks. There will be more cyber attacks, but damage on the scale suggested above is unlikely.”
Joel Halpern, a distinguished engineer at Ericsson, wrote, Yes. “Any response to this is very much a guess, as what will happen depends both on what can happen and on what people choose to do. I would not be surprised if there was a network-based event which caused tens of billions of dollars in damage. I would expect that it is more likely to occur by accident than it is by deliberate action. This is based on the observation that random coincidental failures are much harder to plan for than human intention.”
Tim Bray, an active participant in the IETF and technology industry veteran, wrote, No. “I’m sure there will be devastating economic attacks against companies, sectors, and perhaps whole economies, mostly executed by criminals for gain. But I don’t anticipate much in the way of successful state versus state attacks.”
Herb Lin, chief scientist for the Computer Science and Telecommunications Board at the National Research Council of the US National Academies of Science, replied, Yes. “More likely is cyber sabotage of individual enterprises. On a large scale, cyber attacks may be combined with kinetic attacks and the combination may cause large-scale damage.”
Peter McCann, a senior staff engineer in the telecommunications industry, responded, No. “The potential for destructive terrorist acts carried out through computer networks has been dramatically over-hyped. To the extent that computers are put in control of life-critical processes, there will be air gaps and safeguards in place that prevent malicious outside instructions from interfering in their operations.”
Stuart Chittenden, the founder of the conversation consultancy Squishtalks, replied, No. “A tit-for-tat incremental escalation will arise, not a single catastrophic ‘hack’ or cyber assault. As one entity institutes a capacity to create or exploit a vulnerability, other entities will be developing remedies.”
Seth Finkelstein, a programmer, consultant and EFF Pioneer of the Electronic Frontier Award winner, wrote, No. “In general, for critical infrastructure, I’d say there’s enough low-level threat from ongoing minor attacks to make it difficult to pull off a really major attack. Much of this entwines with credit card security. Grabbing a bunch of credit card numbers is both far more profitable and far easier to do than massive disruption. So defending against that type of ongoing crime is sort of like an immune system challenge that helps guard against even more harmful attacks.”
Mattia Crespi, president of Qbit Technologies LLC, responded, Yes. “The modeling of complex algorithms and new forms of processing power will determine the need of new levels of security. On the edge on quantum computing, the world is about to face the need of a new standard for security. The bridge from a ‘now relatively secure world’ to a new ‘truly secure world in he quantum era’ will be full of pitfalls and dangers. Terrorist attacks may find their ways in a system adapting its security standards.”
Bill Woodcock, executive director for the Packet Clearing House, responded, No. “Not unless there’s significant inflation between now and then. Direct losses associated with cyber attacks are always difficult to calculate and attribute. Indirect and intangible losses from large attacks may easily top tens of billions of today’s dollars, or even relative value accounting for enlargement of the economy between now and then. We’re at least 25 years in to cyber attacks now, and although they get larger, and the economy and population becomes more dependent upon the resources that are vulnerable to them, they still don’t have the effect on physical assets and infrastructure that doomsday-predictors have always worried they would. I’m not sure that problem will get worse as people become more sophisticated. I think we’re already over that hump.”
Charlie Firestone, executive director of the Aspen Institute Communications and Society Program, responded, Yes. “There will continue to be an arms race between those seeking to gain access to protected sites, for whatever reason, and those devising protective solutions. Some attacker, at some point in the next 12 years, will beat a country or major economic enterprise that has let its guard down (in terms of keeping up with the latest security techniques).
Isaac Mao, chief architect of Sharism Lab, said, No. “New security standards will help out.”
Fred Baker, Internet pioneer, longtime leader in the IETF and Cisco Systems Fellow, responded, Yes. “This is a little like asking whether the existence of a nuclear arsenal implies the eventuality of nuclear attack. I do believe that it is possible to perpetrate such attacks now, and we have seen tete-a-tete between nation-state actors in Eastern Europe, the Middle East, Asia, and North America. However, the perpetration of an attack that causes ‘significant loss of life or property losses/damage/theft at the levels of tens of billions of dollars’ is likely to draw a comparable retaliation, and like the outcomes of nuclear assault, become its own counter-measure. It may, like nuclear arsenals, become a matter of treaty discussion.”
Paul Jones, a professor at the University of North Carolina and founder of ibiblio.org, responded, No. “Nations and others who hold necessarily secure information are getting better and better about protecting their essential assets. Yes, a bunch of credit card numbers and some personal information will leak. Yes, you may not be able to place an order for a few hours. But it’s less and less likely that say all pacemakers in a major city will stop at once or that cyber attacks will cause travel fatalities. I expect increased tension between individual needs, commercial needs and national needs for privacy, mobility and security. TOR everywhere? Perhaps.”
Tony Siesfeld, director of the Monitor Institute wrote, Yes. “It is only a matter of time. As our lives are stored on our own devices and critical information stored through the system (from doctors to tax authorities to our favorite retailers), we become extremely vulnerable to either an intervention that snoops and steals our information or an intervention that disrupts or disables the network and exchange of information over a wide area for an extended period of time.”
David Cohn, director of news for Circa, responded, No. “It is, of course, a constant game of one-upsmanship. Criminals get bigger guns, defense gets bigger guns, and so forth. However—short of a major leap—the checks and balances here minimize the harm.”
Stowe Boyd, lead researcher for GigaOM Research, said, Yes. “A bellicose China might ‘cyber invade’ the military capabilities of Japan and South Korea as part of the conflict around the China sea, leading to the need to reconfigure their electronics, at huge cost. Israel and the United States have already created the Stuxnet computer worm to damage Iran’s nuclear refinement centrifuges, for example. Imagine a world dependent on robotic farm vehicles, delivery drones, and AI-managed transport, and how one country might opt to disrupt the spring harvest as a means to damage a neighboring opponent.”
Bill St. Arnaud, a self-employed green Internet consultant, wrote, No. “Businesses, research groups, network operators, and various Internet organizations have taken considerable steps in the past few years to thwart wide-scale attacks. The demise of the Internet from attacks has been predicted for years. There will still be thousands of small-scale attacks per day, but wide-scale, economically crippling attacks are extremely unlikely.”
Clifford Lynch, executive director for the Coalition for Networked Information (CNI) and adjunct professor at the School of Information at the University of California-Berkeley, wrote, Yes. “The entire information security situation seems to be totally out of control at this point at every level: individual consumers, businesses, critical infrastructure, military systems. Obviously, the kind and degree of vulnerability varies from sector to sector, but it certainly seems clear that non-state actors of various kinds can cause massive damage. I am also concerned that so much of the thinking seems to be focused on ‘attacks’ and ‘data breeches’ and similar events, as opposed to long-term infiltration of systems, continuing monitoring, subtle data corruption, and the insertion of disinformation, which are at least as dangerous.”
Doc Searls, director of ProjectVRM at Harvard University’s Berkman Center for Internet & Society, wrote at length on this issue:
“I imagine that Iran would already claim that it has suffered harm though the (alleged but widely acknowledged) Stuxnet attack by the US and Israel on Iranian nuclear facilities. No doubt other forms of cyber warfare are ready for deployment by the U.S., Russia, China and other countries. Since what can be done will be done, sooner or later, it is reasonable to expect harm in $billions (at current valuation) — to some country, or number of countries. On the other hand, the whole world is now one big system, and it will be very hard to contain the effects of a cyber attack, as we discovered (predictably) with Stuxnet.
“Two questions need to be asked: 1) Who in a country is most capable of cyber-warfare? Is it the government or the hackers? 2) Is it in the national interest of a country to attack another with which it enjoys a high degree of business and other dealings? In business today, many old enemies are now close friends, at least in business.
“In Russia today the concentration of techno-experts making money through botnets off of the (mostly US-based) many-billion-$ advertising industry is very high. Is there a higher concentration of experts inside the Russian government? Almost certainly not, given the billions being made in Russia’s clandestine botnet business.
“My point here is that actors in the private sector, especially the bad-guy ones, may have stronger cyber warfare skills than their own governments. And they are already doing damage in the form of many billions of dollars siphoned off the flow of advertising money through Google and other companies.
“What happens when the online advertising business, which has many characteristics of mania and bubble, starts to fail? If one doubts that failure will happen, consider this: more than 61% of traffic on the Net already isn’t human, and a third of that number is busy impersonating human traffic, no doubt for fraudulent purposes. Also, according to Michael Tiffany of White Ops, ‘at least 15 percent of American broadband households are participating in a botnet right now.’ And the numbers are going up.
“Both cryptography and cracking it continue to get more sophisticated. Those who are good at it won’t stop. And all the countries capable of cyber warfare—China, the US, Russia, India, the UK, Israel and so on — are not going to stop preparing for it and doing everything they can to stay ahead of both their friends and their enemies, real and perceived. This constitutes a cold war of sorts. Likewise, spying also won’t end. Spy agencies will do what they were created to do. They have always been, by nature and charter, outside the laws of both their own countries and those they spy on.
“So we have this broad class of things we know—notably the level of cyber crime happening constantly, and its effects on the whole Internet—and a narrow class of things we don’t, which is what the spy agencies know but won’t say. (Yes, Snowdens come along from time to time, but the spying will continue.)
“To sum up, I believe we can safely predict that cyber crime will be one of the daggers that burst the online advertising bubble, the collapse of which will cause harm to some industries (e.g., online publishing). But all bets are off for what will happen in cyber warfare. The one clear thing is that national boundaries and interests are far more blurred than they ever were when wars happened in the physical world alone.”
Dean Thrasher, founder of Infovark, Inc., commented, No. “I find it difficult to believe that modern, critical systems would be built without fail-safes, overrides, or other controls that could be used in the event of an emergency. Cyber attacks will continue to cause disruptions to companies and individuals, and perhaps entire government agencies, but it’s hard to imagine a cyber attack that would pose an existential threat for any nation.”
Susan Caney-Peterson, a self-employed writer and editor, wrote, Yes. “The technically inept and ignorant politicians of the early 21st century in the United States will have acted slowly and poorly to threats from Eastern Europe and China. Attacks will have taken place on the US electrical grid, with Chinese hackers having compromised it back in the 2000s with no one acting on it then. Attacks on individual data will have become routine and only the wealthy will have precautions in place, thanks to the hiring of privacy experts, which become as necessary as tax accountants were in the past. More money will be spent by the government on gathering data on individuals than on national cyber security, until the cyber equivalent of 9/11 takes place.”
Peter Janca, managed services development lead at MCNC, the nonprofit regional network operator serving North Carolina, commented, No. “The incremental nature of attack escalation is enabling governments and private entities to keep up, or at least not get so far behind that an earthquake event like the World Trade Center attacks of 9/11 is likely to happen.”
Lyman Chapin, co-founder and principal of Interisle Consulting Group, wrote, Yes. “Responding ‘no’ is a counter-intuitive answer to this question, but consider that the opportunity and the motivation to carry out such an attack have existed for at least a decade. The question really hinges on what we interpret as major. There will be cyber attacks, and damages will ensue, but I think enough diversity has been built into the system to enable it to survive.”
Karl Fogel, a partner with Open Tech Strategies and president of QuestionCopyright.org, said, No. “Most physical systems that have digital controls are complex enough, and have enough manual intervention built in, that a cyber-attack is just a problem to be dealt with rather than a catastrophe that causes a loss of power grid, airplane crashes, driverless car crashes, water supply poisoning, trains trapped in tunnels, etc. We already have such systems in many places, and there have not been cyber attacks that carry over directly into the physical realm with major consequences. I wouldn’t expect engineering principles to be significantly different by 2025.”
Leah Lievrouw, a professor of information studies at the University of California-Los Angeles, noted, Yes. “The escalating use of cyber warfare and ‘cracking’ techniques by ‘legitimate’ governments, military and law enforcement, and corporate interests, as well as by insurgent political groups, criminal enterprises, repressive regimes, industrial espionage, etc.—coupled with state-sponsored efforts to weaken infrastructure security (e.g., cryptography) to ensure their unrestricted access to data ‘anytime, anywhere’—would seem to promise a high probability of a major disruption at some point in the next decade with the potential for extensive harm. Extensive interconnectedness has enormous, demonstrable benefits, and corresponding potential for ‘networked’ damage.”
Garland McCoy, president and founder of the Technology Education Institute, said, No. “Mutually-assured destruction worked then, works now, and will work in cyberspace.”
Mike Liebhold, senior researcher and distinguished fellow at the Institute for the Future, wrote, Yes. “Growing pervasive threats will inevitably have an enormously negative impact on: Privacy, e-commerce, finance, infrastructure, and world peace.”
Stephen Abram, a self-employed consultant with Lighthouse Consulting Inc., wrote, No. “War seems to always be with us. It’s not entirely Science Fiction that digital security is a moving target and the holes are discovered through attacks and not solved through barriers and moats any longer. If by 2025 we have solved this problem I’d be surprised.”
Stewart Baker, a partner at Steptoe & Johnson, a Washington law firm, wrote, Yes. “Cyberwar just plain makes sense. Attacking the power grid or other industrial control systems is asymmetrical and deniable and devilishly effective. Plus, it gets easier every year. We used to worry about Russia and China taking down our infrastructure. Now we have to worry about Iran and Syria and North Korea. Next up: Hezbollah and Anonymous.”
Robert Bell, of IntelligentCommunity.org, responded, No. “While the possibility of such widespread disruption certainly exists, it has become a priority among most industrialized nations to understand and respond to the threat. I expect smaller-scale incidents but not large-scale loss of life or billions of dollars of property loss.”
Raymond Plzak, former CEO of the American Registry for Internet Numbers, and current member of the Board of Directors of ICANN, wrote, Yes. “I would say significant yes, but widespread, no. Just as previous threats over the course of history were thwarted or averted, others succeeded by the use of surprise often coupled with innovation. Such will continue to be the case in the future. Only a thorough understanding of the environment and the ability to anticipate the outlying case or method while not fixating on them will continue to be the path to success.”
Ebenezer Baldwin Bowles, founder and managing editor of CornDancer.com, replied, No. “Cyber attacks a decade hence shall remain a nuisance but not a foundational threat to a mature nation-state or a fully funded transnational corporation—always costly per annum to defend against and mitigate after the fact, but never the gateway to an apocalypse. The Internet is too vast, too dynamic, too widely distributed, and too resilient to ever fall prey to an online assault by terrorist cells, cyber gangs, lone geniuses, or hostile military units. The Internet is vulnerable to ‘widespread harm’ only through direct and massive munitions-based attacks on significant nodes of the physical infrastructure—server farms, electrical grids, energy distribution systems. Determined online opponents are limited by the fundamental underlying structure of the Internet.”
Paul Saffo, managing director at Discern Analytics and consulting associate professor at Stanford University, replied, Yes. “The question is missing the button I wanted to push: ‘Maybe.’ This is a classic wild-card issue: uncertain probability but potentially enormous impact. We will certainly have a steadily increasing number of cyber attacks by both state and non-state actors. The uncertain part is the scale of effects, and that is time-dependent: there is a race on between cyber defense tools and cyberattack capability, and at any given moment, one is slightly ahead of the other. On balance, it is a nail-biter. It is a close call, but I think we will have a bunch of scares, but will squeak through. More generally, my fear is that we are neglecting the risk of ‘cyber errors’ in creating wild disruptions. Stupidity is always more common than evil.”
Kevin Carson, a senior fellow at the Center for a Stateless Society and contributor to the P2P Foundation blog, wrote, No. “I expect a lot of small-to-medium attacks will lead to extensive decentralization and hardening, and to the degraded functioning of all large, visible institutions.”
Patrick Tucker, futurist and author of The Naked Future: What Happens In a World That Anticipates Your Every Move? said, Yes. “Today, cities around the world use supervisory control and data acquisition (SCADA) systems to manage water, sewage, electricity, and even traffic lights. Independent analysis has found that these systems suffer from 25 different security vulnerabilities. That’s bad enough, but then consider how human error and incompetence makes these common systems even less secure. Many of the IT managers that use these systems haven’t changed the manufacturer-installed security codes. As writers Indu B. Singh and Joseph N. Pelton have pointed out in The Futurist magazine, that failure to take even the most basic security precautions leaves these systems open to remote hacking.”
John Saguto, an executive decision support analyst for geospatial information systems for large-scale disaster response, responded, No. “It will not get this extreme. Whatever is ‘done’ can be ‘undone,’ so the paranoid ‘loss’ issue is more of inconvenience than real loss, perhaps there will be varying degrees of ‘loss’ not noting that will shift the balance of power. Now, nature on the other hand, is another story.”
Peng Hwa Ang, director of the Singapore Internet Research Center at Nanyang Technological University and longtime participant in global Internet governance discussions, wrote, Yes. “Because of the greater reliance on networks, should there be an attack on the network, lives will be affected. Already, the cut (deliberate or otherwise) of mobile services has caused deaths in some of the locales of such cuts. It is difficult to imagine no major cyber attack in 20 years.”
Kelly Baltzell, CEO for Beyond Indigo, wrote, No. “I believe cyber attacks do happen but think the threat level is completely hyped. Fear makes people cringe and not employ their own internal power and common sense. Right now with the NSA issues and such, we are finding out that the major countries are already spying, hacking, and causing problems. The use of the term ‘for national security’ invokes people to panic, fear, and give up the privacy they do have in exchange for what they think is safety. People just need to be rational and realize that other people in other countries just want to live, raise their families, and enjoy life. It takes a lot of energy to hate and create negativity on an ongoing basis.”
Fernando Botelho, a social entrepreneur working to enhance the lives of people with disabilities wrote, No. “International actors with the know-how and resources to mount a meaningful attack will not do so, as they are equally vulnerable. This is not to say that minor highly-visible attacks will not be used in political posturing.”
David Hughes, a retired US Army Colonel, wrote, Yes. “It is simply going to happen. First of all in a singular incident, which will then trigger the design and building of parallel or backup capabilities, requiring billions in investment, both government, corporate/institutional, and eventually individuals at their homes.”
Thomas Haigh, an information technology historian and associate professor of information studies at the University of Wisconsin, responded, No. “As the Internet becomes ever more vital it remains inherently vulnerable and the opportunities for an economically disruptive attack continue to grow. Likewise, as more power, transportation, and other systems are coupled to the network there will be real opportunity for physical disruption. However, I would expect the threat of conventional retaliation to deter such attacks just as, for example, it has prevented state-sponsored chemical weapons attacks.”
Mike Roberts, Internet pioneer and former CEO with ICANN and longtime Internet Society leader, responded, Yes. “The distributed ‘network of networks’ architecture protects us from a concerted attack that brings down major sections of the net. Having said that, businesses forced to spend sums they never imagined in order to protect their ability to provide goods and services over the Net, and governments are discovering they can’t fake a commitment to security for their own facilities. The Obamacare server fiasco is just one of the more visible examples of politicians believing their own hype about the Net. There ought to be a highly regarded annual award for ‘demonstrated Internet security competence.’”
Laurel Papworth, a social media educator, commented, No. “This is unlikely as we move to peer-to-peer networks the public are pretty good at spotting and dealing with threats, certainly members of the open source community are, more so than closed systems. It will be less vulnerable, not more.”
Joe Kochan, chief operating officer for US Ignite, a company developing gigabit-ready digital experiences and applications, wrote, Yes. “Cyber attacks will become a pillar of warfare and terrorism between now and 2025. So much of a country’s infrastructure—commerce, finance, energy, education, health care—will be online, and gaining control of or disrupting a country’s online systems will become a critical goal in future conflicts.”
Fred Hapgood, a science and technology writer, responded, No. “On this level, the tens of billions of dollars mark, the risk is very low. A loss on this level will trigger serious retaliation and the hackers responsible can never be 100% certain that they haven’t left a trail somewhere. So they will wait for the worst case, and the worst case will probably not arise. Maybe in the context of a shooting war. The stakes would have to be very high.”
Jeff Jarvis, director of the Tow-Knight Center for Entrepreneurial Journalism at the City University of New York Graduate School of Journalism, wrote, Yes. “There will be continuing attacks bringing continuing damage. The question is how big an industry that will spawn in securing systems against such danger and mitigating risk. But security comes not only from government and industry. It also comes from the huge forces of collaboration and volunteerism that can coalesce around open source as a means of assuring that many eyes will watch for vulnerabilities and many hands will fix the faults that are found.”
Bryan Alexander, senior fellow at the National Institute for Technology in Liberal Education, responded, No. “Because the real research and development in this field isn’t directed at nations. Instead it’s about taking money from those who have it—i.e., crime. National cyber attacks seem to be tending less towards the notorious ‘electronic Pearl Harbor’ and more towards harassment and sabotage. So we can expect successors to Stuxnet: ‘Oops, it looks like a Chinese aircraft carrier lost power for a day.’ ‘Huh, the American embassy in Paris is suffering a DDoS attack.’”
David Allen, an academic and advocate engaged with the development of global Internet governance, responded, Yes. “It depends upon further progress toward global governance schemes—overall—that actually work. By no means is that certain.”
Michael Glassman, an associate professor at Ohio State University, said, No. “There may be attempts at cyber attacks but they will not be extraordinarily damaging. There are a couple of reasons why this isn’t as big a problem as it could be at this point. First it seems it is much easier to play defense than offense on the Internet. Defenders can move quickly and always understand their program much better than an intruder. Also the best hackers tend to be apolitical and very independent. They would be difficult for a government to recruit and would be much more likely to work as part of a crowd sourced response to a state attack.”
Lee McKnight, a professor of entrepreneurship and innovation at the Syracuse University’s School of Information Studies, said, Yes. “Cyber security extortionists just made $100 million in 60 days (see ‘Cryptolocker’). So on one hand it is easy to extrapolate and imagine significant harm done to individual users and institutions given the black hats’ upper hand in attacking systemic vulnerabilities, to the extent of tens of billions in financial losses; and in loss of life. But security systems are progressing as well; the white hat good guys will not stop either. While inter-connected digital systems will be far more pervasive in 2025, they will still be, largely, amalgams of not fully automated and interconnected systems, which also provides a degree of insulation against national cyber attacks causing the degree of harm to people and property imagined by this question. While in principle all systems are crackable, it is also possible to embed security far more deeply in the Future Internet than it is in the present Internet environment. Obviously it is in the interest of the cyber security industrial complex and its participating firms to hype threats. On other hand, a great deal of critical infrastructure is very vulnerable to cyber and physical attack. Imagining bad scenarios where those facts intersect is worrisome, but I remain optimistic the good guys will keep winning; in general.”
Hal Varian, chief economist for Google, predicted, Yes. “There will certainly continue to be cyber attacks around the world. However, I don’t think that such attacks will involve losses of tens of billions of dollars. For that to happen we would have to see systems down for several days. Katrina was the costliest US hurricane and it did about $100 billion of damages. Most hurricanes have been in the $20 billion range. I don’t see cyber attacks coming anywhere close to hurricanes in terms of the associated property losses.”
Darel Preble, executive director and founder of the Space Solar Power Institute, wrote, No. “The major damage to our national power grids is not from cyber attacks but from natural causes—squirrels, ants, ice, falling trees, wind, and simple human error.”
Geoff Livingston, author and president of Tenacity5 Media, responded, Yes. “Cyberwar is the battlefield of now. Don’t kid yourself. Battlefields in Sudan, Afghanistan, and Syria are real, but there is a new battlefield and everyday wars are won and lost between individuals, businesses, and countries. The Pentagon and China military are regularly engaged in digital spats. We really have no idea how deep this goes, but we are much closer to William Gibson’s vision in the seminal cyberpunk novel Neuromancer than any of us would like to admit.”
Uta Russmann, a professor of strategic communication management and new media based in Vienna, Austria, wrote, No. “A few nations will always have the knowledge and institutions (e.g., NSA spying on German leader Merkel) to thwart determined opponents as this is a situation in their focus.”
Dave Burstein, editor of Fast Net News, responded, Yes. “The US and other countries are spending billions of dollars developing cyber warfare capability and actively using it in modest ways. If we continue to have wars like Iraq, Afghanistan and the cold war against Iran we will likely use our capabilities. Yes/no is not the right way to answer this; it’s really ‘maybe.’”
Ousmane Musatesa, an academic and self-described citizen of the world, wrote, No. “All these supposed threats are just scarecrows to push citizens in such a big distress that I give up all decisions to the association politics-economics powers.”
Francois-Dominique Armingaud, a retired computer engineer from IBM now teaching security at universities, wrote, Yes. “Unfortunately, wherever there is use there will be misuses. We can work to limit it, but as with a garden the job must constantly be done. Computers were initially designed without thinking they would communicate. Communications were designed without thinking there would be rogue users. A complete redesign of computer and communication architectures could possibly lead to better security by 2025.”
Thad Hall, an associate professor of political science at the University of Utah, wrote, No. “Such an attack is completely possible—the nation’s cyber security is quite porous—but the actors who have the greatest ability to pull off such an attack (another sovereign state) would be hurt because of the collateral damage.”
Marcus Cake, network society content architect and strategist with WisdomNetworks.im, responded, Yes. “Major cyber attacks are likely and will cause widespread harm. However, the harm caused by cyber attacks in a network society will be a fraction of the harm caused by hierarchies in the Information Age. Hierarchies in the Information Age cause widespread harm. Harm includes unsustainable income inequality, national insolvency, personal insolvency, war, collapse of global and national financial systems, bank insolvency, high-risk leverage ratios in financial and other institutions, money printing. It is unlikely that distributed structures that provide full transparency, distributed income, productivity, and distributed prosperity with collective wisdom and community participation would lead to many of the harmful events of the Information Age that are possible due to opaque unaccountable hierarchies.”
Avery Holton, a professor at the University of Utah, said, No. “Security against such attacks is keeping pace with the attack planning. While there may be smaller scale disruptions, a major attack should not occur.”
David P. Collier-Brown, a system programmer and author, wrote, Yes. “Attacks on old infrastructure, notably power, traffic-lights, railway crossings and railroad switching. Predominantly by non-geographically-concentrated terrorists, as terrorists based in a particular country or state-sponsored attacks invite convention-arms responses. Some on first-generation automated systems like 2013 cars, under the same geographical-origin constraints.”
Liza Potts, a senior researcher at Michigan State University, commented, No. “I would like to hope that our most critical systems are not connected to anything that could do that kind of damage.”
Alex Halavais, an associate professor of social and behavioral sciences at Arizona State University, said, Yes. “It may be that we don’t even know it is an attack, which is the scary part. The indignation of Google and the rest with the NSA owning their foreign data stores belies the more troubling bit, which is that some of the largest platforms we use are desperately insecure.”
Gary McGraw, the CTO for Cigital, Inc., wrote, No. “There is a real possibility this kind of thing will exist and will be demonstrable. However, it will not occur.”
Brian Butler, a professor at the University of Maryland, wrote, Yes. “Since we have not had these (at least not publicly) the will isn’t there to deal with it at the level of resources needed. Hence, it is just a matter of time until a perfect storm of unaccounted for vulnerabilities and overconfidence, and external threat coincide. This is another place where the entrepreneurial mantra of ‘fail often’ plus overconfidence will eventually lead to problems (though there is a possibility that the increasing risk aversion among baby boomers (with their substantial influence) might balance this out.”
Elizabeth Albrycht, a senior lecturer in marketing and communications at the Paris School of Business, wrote, No. “Perhaps it is just wishful thinking, but I think we’ll muddle along on the sharp edge, as we have done to date.”
Dominic Pinto, a trust and foundation manager active in the Internet Society and IEEE, said, Yes. “Forcing everything pretty well online exposes everything to the risk of being hacked—if not by commercial interests and of course the more ordinary criminals but of course as we now know on a huge scale by the state through their security agencies (whether or not the politicians or the bureaucracies actually know and control these activities).”
Brian Newby, a new media entrepreneur and author, commented, No. “I think the losses will continue to be incrementally greater but then the defenses catch up. I don’t foresee loss of life but certainly loss of dollars but not at that magnitude.”
Rajnesh Singh, regional director in the Asia-Pacific region for the Internet Society, wrote, Yes. “I do think we are seeing—sometimes in small doses and sometimes larger—instances of the waters being tested—be it by individuals, groups or entities and nation-states. When nation-states start building cyber defense and attack regimes, there is far much more to it than hype. However, we should be mindful that we don’t end up destroying that which sustains us. The Internet, and all that it enables, is a large part of the world economy and has allowed tremendous opportunities for progress and socio-economic development. Any disruption could have a multiplier effect and end up causing unintended consequences long term that may impact the instigator as well. I expect the technical community will rise to the challenge and offer solutions that will continually improve the capabilities of users at large—threats will evolve and so will solutions to the threats.”
David Burstein, CEO at Run for America and author of Fast Future: How the Millennial Generation is Shaping Our World, commented, No. “There will likely have been a collective group of smaller attacks by 2025, which in aggregate will have caused widespread harm, but the attacks we are going to see are more likely to be smaller individually than a so-called doomsday scenario. The most likely scenario will be ongoing corporate espionage, which by 2025 will allow companies in other countries to hack into American corporate systems and steal trade secrets to either rip-off individual products or to advance their own place in the market.”
David Brin, author and futurist, wrote, Yes. “We must move from the 1990s obsession with ‘efficient’ production—e.g., just-in-time manufacturing. That proved disastrous after Fukushima. In nature, resilience is just as important as efficiency. If we work on it, our resilience will make a crucial difference making such attacks futile.”
Giuseppe Pennisi, an employee of the Economic and Social Council of the Republic of Italy, said, No. “I feel the era of major cyber attacks is over.”
Mikey O’Connor, an elected representative to the GNSO Council of ICANN, representing the ISP and connectivity provider constituency, said, Yes. “Cyber infrastructure constantly teeters on the edge of collapse. However, the odds of a ‘successful’ cyber attack causing extreme harm continue to rise—to almost-certainty between now and 2025—as attackers shift from individuals with limited resources to state-funded warriors. The severity and breadth of harm that can be caused also continues to rise as dependence on cyber-resources increases. Similarly, developing countries will become more vulnerable as they ramp up their Internet capability and dependence.”
Jerry Michalski, founder of REX, the Relationship Economy eXpedition, wrote, Yes. “A tremendous proportion of the devices on the Net—personal computers as well as devices—have been compromised already, or will be compromised in the near future. Any device that isn’t attended to regularly to keep it from being vulnerable should be written off as part of the darknet. Targeted attacks should rise, as should dysfunctional ideas (memes), spread to sew discord or doubt. Far too much of the world’s computing capacity is defenseless. Anything with firmware that can’t be upgraded securely in the field is vulnerable. Loss of life may be more difficult than loss of property, as property becomes ones and zeroes. National boundaries will matter less and less, despite countries’ attempts to secure those boundaries and control their populations. People will join ‘nations of choice,’ giving their allegiance to loose organizations that have principles they love, such as Burning Man, the Tea Party, Occupy, and others that will emerge in the next few years.”
Larry Gell, founder and director of the International Agency for Economic Development (IAED) wrote, Yes. “My first job was working for the generals who ran the US Air Force Strategic Air Command. Our protection depends on our strategic rapid reaction to such attacks, and our ability to implement them somewhere at our choosing. What makes you think potential enemies are not thinking likewise?”
David Solomonoff, president of the New York Chapter of the Internet Society, said, Yes. “Likely attacks are getting easier and there a lot of new technologies—medical prostheses, critical infrastructure, Internet of Things, that are not properly secured.”
Jason Pontin, editor in chief and publisher of MIT Technology Review, wrote, Yes. “Oh, sure it is possible. Although not at your defined level, there has already been a ‘Pearl Harbor’ event: the Stuxnet computer worm that was used to attack Iran’s nuclear capabilities. Do we really believe that the infrastructure of a major industrial power will not be so attacked in the next twelve years? The Internet is an insecure network; all industrialized nations depend on it. They’re wide open.”
Ian Peter, pioneer Internet activist and Internet rights advocate, wrote, Yes. “Tens of billions of dollars is not that much in terms of what damage can be done in a cyber attack, so yes. Equally, I believe investment in countering cyber attacks will exceed tens of billions of dollars per annum if it hasn’t done so already. Whether cyber attacks carried out by nations or cyber attacks carried out by individuals pose a greater threat at that time is difficult to guess. Both are likely to become more serious issues.”
Andrew Bridges, a partner and Internet law litigator and policy analyst at Fenwick & West LLP, wrote, Yes. “Arguably this has already happened with the Stuxnet. An attack on GPS satellite systems or time stamping systems could be devastating. I don’t think the threats relating to these systems have been hyped. I do not know whether major economic enterprises can thwart these attacks.”
Jay Cross, chief scientist at Internet Time Group, responded, Yes. “Connectedness begets vulnerability.”
Miguel Alcaine, International Telecommunication Union area representative for Central America, responded, Yes. “Nations, companies, organizations worth an attack, have already started their continuing work to prepare for a potential attack. The race between potential attackers and the ones defending different assets will never stop, and such a race by itself will have a price tag in the billions of dollars if not more. The trend to have some sort of national or institutional defense will continue. It is also healthy to highlight that the lower the defenses of an entity, also the lower the potential profit of attacking them.”
Justin Reich, a fellow at Harvard University’s Berkman Center for Internet & Society, said, Yes. “The potential of threat is as real as the potential of nuclear annihilation. It hasn’t happened because mutually-assured destruction works, or at least it has for 70 years. We will have this constant, relatively low-grade probing, piracy, and state-sponsored cyber-terrorism.”
Henning Schulzrinne, Internet Hall of Fame member and a technology developer and professor at Columbia University, said, Yes. “Primarily financial services (both trading and financial transactions) and maybe the power grid seem vulnerable and their disruption is most likely to inflict large collateral damage. Both are dominated by legacy systems, with a limited willingness to make the necessary investments in upgrades and, particularly for utilities, limited technical depth in their staff.”
Ben Shneiderman, professor of computer science at the University of Maryland, wrote, Yes. “Cyberattacks will grow, but defense will improve, all requiring big investments and creating jobs. Epidemics, tornados, floods, and earthquakes will still be more deadly. Climate change and environmental destruction are by far the greatest threats.”
Olivier Crepin-Leblond, managing director of Global Information Highway in London, UK, replied, Yes. “The probability of a major cyber attack is not ‘if’ but ‘when.’ Unless a global cyber-warfare non-aggression pact (like the nuclear non-proliferation treaty, or the treaty against chemical warfare) is signed between the world’s powers, chances are that the cyber attacks will be state sponsored. There is also a high chance that cyber attack technologies will be making it into terrorist hands. Without a global cyber-warfare non-aggression pact, it will be impossible to distinguish whether a cyber attack is state sponsored or independent terrorism. To-date there is talk in many locations, including in the Council of Europe, to draft a global cyber warfare convention, but no country around the world is ready to take the first step to engage in such a convention, for fear of giving up its privilege of using such methods in the future. It might indeed be too early to sign such a pact if we cannot know to what extent cyber attacks could cripple our economies.”
Oscar Gandy, an emeritus professor at the Annenberg School, University of Pennsylvania, said, Yes. “I’m a little bit put off by the framing of this question in terms of national sovereignty/security, and then defining harm in terms of losses through theft. We’ve already seen several examples of security threats/challenges, etc. There is little reason to think this kind of vulnerability will be magically overcome; indeed, the previous questions about AI invite the assumption that multiples of person hours will be spent in devising/testing attacks against all sorts of systems, some with dollar value impacts exceeding the current liquidity of a great many nations.”
Neil McIntosh, a British journalist working for a major US news organization, wrote, Yes. “It would be easy enough to worry only of Hollywood-style attacks on infrastructure; electricity grids, military facilities, and so on. I’m sure there’s risk enough there. But greater, more realistic (and harder to defend against) danger may lurk in less glamorous places. For instance, the global banking industry has individual players whose failure would, on their own, bring their host nation to its (financial) knees. This would undoubtedly have an impact on that nation’s sovereignty and—by extension—its ability to defend itself. It doesn’t take a huge leap to imagine a situation in which a major financial institution finds its systems under attack; an attack that, then, brings into play those huge sovereign risks. I’m afraid I find this scenario plausible.”
Mark Nall, a program manager for NASA, responded, Yes. “Current threats include economic transactions, power grid, and air traffic control. This will expand to include others such as self-driving cars, unmanned aerial vehicles, and building infrastructure. In addition to current methods for thwarting opponents, growing use of strong artificial intelligence to monitor and diagnose itself, and other systems will help as well.”
Andrew Chen, an associate professor of computer science at Minnesota State University-Moorhead, responded, Yes. “The ‘smart grid’ is the most substantial danger. Cyber attacks that target a ‘smart grid’ will result in loss of power to large numbers of places simultaneously, causing infrastructure damages. Likely places that this will cause substantial damages will be airports, trains and train stations, draw bridges, traffic signals, and so on. No single instance will be ‘widespread harm,’ but all of these together will add up to that in only a short period of time. Unless there is some unforeseen major new technological development (such as widespread availability of quantum cryptography-based one-time-pads), the only way to prevent this will be to refrain from adopting ‘smart grid’ technologies.”
William Schrader, co-founder and CEO of PSINet Inc., the first commercial ISP, predicted, Yes. “Absolutely, cyber attacks will have massive destructive impact some time in the next 11 years somewhere on earth. All nations have economic systems which are tightly interwoven among industrial production and distribution, commercial operations, communications, stock markets, financial institutions, personal lives, military and policy operations, and political balance (or imbalance). The critical infrastructure vulnerabilities are known to management of that infrastructure, to the authorities and to those determined to disrupt them. There has been a constant battle among forces to disrupt and forces to maintain during the past two decades. The risk and impact of this type of threat cannot be over-hyped. I choose not to identify specific vulnerabilities or attack scenarios.”
Judith Perrolle, a professor at Northeastern University in Boston, wrote, Yes. “The US government’s series of cyber attacks on citizens, economic entities, and governments around the world has already done this. People have died from faulty equipment producing gas pipeline explosions and from drone bombings of civilians. US companies have lost billions worth of business as foreign customers no longer trust their products and services. One way to counter such attacks is by diplomacy and respect for international law, especially by the United States. As one of my students once titled a paper on Stuxnet: ‘People who live in electronic houses shouldn’t throw worms.’ A second line of defense is to design computer and information systems to be more secure. Our current systems are incredibly vulnerable, by design. US cyber security efforts seem dedicated to breaking into computer systems, not securing them.”
Thorlaug Agustsdottir, public relations manager for the Icelandic Pirate Party, wrote, Yes. “See Vanity Fair magazine’s Enter the Cyber Dragon from 2011 and the follow-up story from earlier in 2013. This is a huge issue for the years to come. The technical/code aspect of Web crime will become ever more advanced, as will social engineering and phishing methods. Internet security and privacy issues are without a doubt the largest issues of the years to come.”
Jeff Jaffe, the CEO for the World Wide Web Consortium, the standards-setting body for the Web, wrote, Yes. “In the past, the hardest security threat to defend against has been the insider threat. That will continue, with untold losses in economic espionage and other security losses.”
Jim Warren, longtime online freedom and privacy advocate and editor publisher of microcomputer periodicals, responded, Yes. “It seems likely that there will be far more cyber-attacks for the purpose of theft and/or economic harm to their targets, than for the purpose of causing physical harm to individuals or groups.”
Dave Kissoondoyal, CEO for KMP Global Ltd. and Internet consultant, wrote, Yes. “I would not say that a major cyber attack will have caused widespread harm to a nation’s security and capacity to defend itself and its people, but the risks will be there. By 2025, there will be widespread use of cyber terrorism and countries will spend a lot of money on cyber security.”
Fred Zimmerman, a respondent who did not share other self-identifying details, wrote, Yes. “Already the Snowden defection to Russia was a major cyber attack that fits this description. His actions cost the US tech industry billions of dollars in lost revenue and caused the US government to lose advantages that it had enjoyed in almost every interaction with foreign governments.”
Nishant Shah, a visiting professor at The Centre for Digital Cultures at Leuphana University in Germany, responded, Yes. “This presumes that there is a disjoint between the digital infrastructure and the national sovereignty, whereas we have only seen that there is symbiotic relationship between the two. As the digital evolves, surely, the very idea of what a nation is, where its territories are, and how it governs itself are also changing. And as nations become more digital in their organization and logic, they will make themselves vulnerable to cyber attacks—but they still own and possess a vast infrastructure of the digital and the cybernetic and will be able to shift attentions and resources in producing defenses which are in the interest of the people.”
Kalev Leetaru, Yahoo fellow in residence at Georgetown University, responded, Yes. “This scenario is quite possible as infrastructure becomes more Internet-connected and the value to hackers increases, and with many rogue states now creating their own cyber armies.”
Rashid Bashshur, senior advisor for eHealth for the University of Michigan Health System, observed, Yes. “Hopefully, we will have a better understanding of the causes of massive problems of insecurity in personal safety and cyber safety. Mischief, greed, and hostility cannot be ruled out. But they can, and should be, alleviated. We can’t stay dumb forever.”
Ian O’Byrne, a professor at the University of New Haven, wrote, Yes. “Governments are beginning to use cyber attacks as a means to wage war. A growing online criminal contingent is beginning to get quite sophisticated with attacks to the general public (e.g., the Cryptolocker virus). These trends will continue. Be sure to do your back-ups, people.”
Marcel Bullinga, a futurist and trend watcher, predicted, Yes. “The answer is connected to the privacy-enhanced infrastructure. If you have accomplished that, you have a safe infrastructure as well, not so vulnerable to cyber attacks. I guess a wildcard will do the trick of speeding up the creation of a safe infrastructure—the explosion of a nuclear reactor or the theft of $200 billion in one second caused by a cyber attack. On the other hand, do you realize that Google and Facebook and Apple are the major global cyber attackers, profiting from massive data theft?”
Ben Fuller, dean of humanities and sustainable development at the International University of Management in Windhoek, Namibia, responded, Yes. “A major vulnerability lies in the capacity of nations and businesses to understand cyber threats and to take prudent preventative steps. For example, I am involved in the administration of .NA here in Nambia. A few years ago we were one of the first ccTLDs worldwide to implement Internet Domain Name System Security (DNSSEC). DNSSEC is an important security protocol for Domain Name System operations. Implementing DNSSEC is neither complicated nor prohibitively expensive. Namibia, despite its apartheid past, has grown into an upper-middle-income country according to the World Bank, hence our economy depends heavily on the Internet—the banking, financial, mining, transport, and tourism sectors in particular. Yet, local interest in adopting DNSSEC has been disappointing. This is one instance where network administrators are not taking advantage of existing tools to improve network security. One wonders if our experience with DNSSEC represents a larger pattern. If many networks here in our country might be vulnerable. Internet users are regularly reminded to keep their operating systems and software up to date, to install security software, to take some time to learn how to secure your personal devices. This is all commonsense stuff. The spread of mobile and personal devices means that these commonsense messages need to be spread to larger parts of the population. With more people connected there are more ways to gain access to, and potentially harm, larger networks. How these messages are transmitted and how effective they are will go a long way toward thwarting large-scale attacks.”
Tiffany Shlain, filmmaker, host of the AOL series The Future Starts Here and founder of The Webby Awards, observed, Yes. “There will be attacks, but just as quickly as they happen, we will figure out how to combat them. The Web is merely an extension of us as humans. We are good and bad and everything in between. But ultimately, I believe we are good. The Web will at some point have large-scale manipulation with malicious intent, but we will learn from it and overcome it.”
Karen Riggs, a professor of media arts at Ohio University, replied, Yes. “Technological advances and implementation reflect values of producers and consumers. As a society increases its dependency on information and communication technologies to assemble, hold, manipulate and share information, it increases vulnerability to its population. This risk includes deepening communication channels among perpetrators whose goals are to create joint action with those whose interests are similar to theirs. Among the most terrible of risks will be using data and manipulating technical communication to collapse economic systems in such sectors as banking and stock markets. Another likely scenario is that enemies of states will infiltrate ICT systems not simply to steal secrets but to push their own agendas, often in subtle ways, through the destruction of data and message integrity. Nations will be less able to maintain filters between their states and citizens. Finally, social and international definitions of threat and enemies of state will continue to be challenged, as actions by such individuals and collectives as Wikileaks, Edward Snowden, and Anonymous develop greater muscle.”
Frank Pasquale, a law professor, wrote, Yes. “As the wealthy segregate themselves into enclaves or diversify their residences across continents, they (and the political class they heavily influence) will continue to disinvest in infrastructure. Moreover, intelligence agencies and leaders of critical infrastructure will disdain the types of immutable audit logs that could help record and detect and solve vulnerabilities, because they don’t want to be held personally accountable for failures. The situation leaves both electrical grids and banking infrastructures vulnerable to catastrophic attack.”
Joe Touch, the director of the Information Sciences Institute’s Postel Center at the University of Southern California, replied, Yes. “I believe that critical resources can be protected or they can be increasingly interconnected, but that doing both is inherently problematic. Despite the Internet being touted as a fundamentally distributed system, it is more of an amplification mechanism for a small amount of coordinated information. My primary concern is whether we will partition the Internet in the process of trying to protect that bootstrapping information, such as when DNS restrictions result in alternate DNS root systems.”
Andrew Rens, chief counsel for The Shuttleworth Foundation, wrote, Yes. “My answer could equally well be ‘yes unless appropriate changes are mode’ or ‘no if appropriate changes are made.’ Whether a major cyber attack causes widespread harm depends on whether some systems are changed in order to prevent not attacks but the likelihood that they will be widespread. It is certainly possible to configure networks so that they are both highly connected (with few links between most modes) and modular with weak links between strongly connected clusters. In the events of disaster, such as attacks, the weak links must be broken so that only specific clusters suffer damage. A cyber attack must be understood from a network architecture perspective as a type of disaster, as are natural disasters and internal system failures. What must be done is in principle obvious, although implementation may prove difficult. 1) End centralization of systems such as control of power grids and instead use decentralized network protocols to manage co-operation. 2) Make networks modular so affected clusters can be isolated. 3) Build in overrides that enable the decoupling of local physical systems from digital systems so humans can operate systems when computers fail. 4) Encourage the creation of robust cities that can generate their own water and power at least in need. 5) Decentralize the financial system so there are not just a few players that are massively dependent on one another but many more players. Reinstate the Glass-Steagal Act so that damage to investment banks doesn’t affect the day-to-day activities of people. While what must be done is obvious it is unlikely that policy makers and business leaders will demonstrate the will to protect their citizens. Instead there is likely to be a proliferation of agencies with draconian powers engaging in intrusive, if no longer universal, surveillance which are unable to prevent or mitigate attacks because the solution is decentralization not policing.”
Peter S. Vogel, Internet law expert at Gardere Wynne Sewell, LLP, wrote, Yes. “All indications are that cyber attacks will escalate. In particular the recent report from the National Intelligence Council predicts significant widespread harm. Assuming the widespread media reports in 2013 about government cyber directed attacks against other governments and businesses are true, there is no reason to believe this will subside by 2025.”
Marc Prensky, futurist, consultant, and speaker, replied, Yes. “We are already under massive cyber attacks around the world related to intellectual property. Billions or even trillions of dollars have already been stolen. I believe the concept of intellectual property as we know it won’t survive. Little people are unlikely to be harmed in great numbers by this, but countries and their relationships will face major upheavals.”
Amy Webb, digital media futurist and founder of Webbmedia Group, wrote, Yes. “It’s quite possible. One big challenge is that in the digital space, typical geographic boundaries don’t apply. If you have a credit card, that company is likely using Amazon Web Services with servers in multiple countries. Amazon protects itself, but individual countries establish laws describing what constitutes a crime and how cybercrime will be punished. There is no overarching law that rules everyone, and culturally different activities are more accepted than others. Likewise, depending on the person, her knowledge, and where she lives in the world, she may regularly pass along security bugs and viruses that could, along with many other users, contribute to a widespread outage. In order for us all to be safe and protected, collaboration and cooperation among governments, businesses, and individuals is necessary.”
Lillie Coney, a legislative director specializing in technology policy for a member of the US House of Representatives, said, Yes. “The Internet is like oxygen. If you do something to it in one place it will likely impact the quality of oxygen in other places. An attack may happen but the impact will likely lead to the same reaction to poison gas or chemical weapons that resulted from World War I. My greater concern is an accident or a new application or technology that adversely impacts the way the Internet functions. The other greater threat is to monetize the Internet by controlling who can have websites, use an email address, or communicate. The early days of radio were open and anyone could broadcast. That soon gave way to a regulatory framework that used the cost of licensing to control who could own a station. Innovation became proprietary and it basically stopped making changes. Radio remained essentially the same.”
Jamais Cascio, a writer and futurist specializing in possible futures scenario outcomes, wrote, Yes. “Depending upon how it’s understood, this could also be a ‘yes’ or ‘no’ answer. We’ll likely see a major attack that has a cyber component, but less likely to see a major cyber-only attack. In this cyber-add-on scenario, other forms of attack (from simple bombing to infrastructure damage to bioweapons) are enhanced by digital or electronic assaults meant to hamper our ability to recognize and respond to the main thrust of the attack. Cyber is a force-multiplier, in strategic terms, but not necessarily a useful solo vector. Here’s why: hitting a system large enough and pervasive enough that its loss will have major, widespread harmful consequences would take an extraordinary combination of time, coordination, sophistication and luck. Networked systems already exist in a hostile environment, and attention/resources are already being directed to system security—there’s a greater likelihood of a complex assault being spotted. Furthermore, redundancy, backups, and ready alternatives can mitigate the harm of a cyber infrastructure attack, and it’s hard to say from simple observation, which systems will be or won’t be supported in this way. This doesn’t make a sophisticated attack impossible by any means, but it makes such an attack much more difficult, and the results less certain. A hostile actor will want greater certainty of outcome and less of a potential to be caught. A cyber-only attack is possible, but less efficient (and likely less effective) than simpler attacks.
Pamela Wright, the chief innovation officer for the US National Archives, responded, Yes. “It is certainly conceivable that there will be a major cyber attack by 2025. In many ways, we are still in the Wild West days of the Internet, with patchy regulations, and huge variances in modernization for basic infrastructure such as power, water and transportation. Private companies spend a great deal of attention ensuring that they can thwart determined opponents. In this age of shrinking government and across the board government budget cuts, I am already concerned about the vulnerability of the public infrastructure.”
Leigh Estabrook, dean and professor emerita at the University of Illinois, wrote, Yes. “If the United States continues a foreign policy of domination and threats, some of which have been cyber attacks on other countries, what do small countries with little chance to fight militarily do? I don’t know if a major cyber attack will occur; but it would seem a good possible response of David to Goliath, even in the modern retelling of that tale.”
Bob Ubell, the vice dean for online learning at New York University, replied, Yes. “Relentless increases in cyber attacks for consumer information, intellectual property, and government secrets, among other data, is unlikely to abate. Chances are that the spiral will continue to increase exponentially as happened over the last decade.”
Jamie LaRue, a writer, speaker, and consultant on technology and public-sector issues, said, Yes. “No system is secure. More and more of our business and government life are based on the presumed validity of data. The likelihood of financial scams (such as two cents out of every third transaction), unexpected and unexplained charges of all kinds, failures of control systems affecting water, electrical systems, and banking, are all so high as to be certain.”
David Orban, the CEO of Dotsub, wrote, Yes. “Nation-states are under attack from much bigger forces than cyber hacking or from cyber war initiated by other nations. These can and will be waged, and the infrastructure to defend against them will be an important component to be developed and deployed. However, the more radical transformation of all the major components of what is today the raison d’etre of the nation-state is going to have a much more radical impact, transforming the social organization, and the social contract itself, to be based from a centralized hierarchical structure to a distributed, peer-to-peer one. Solar power in energy production, 3D printing in manufacturing, plant labs and meat cultivation for food production, self-directed open learning, personalized health, distributed digital currencies.”
Robert E. McGrath, an Internet pioneer and software engineer who participated in developing the World Wide Web and advanced interfaces, replied, Yes. “Cyber attacks are already pervasive, and it is trivial even for children to acquire the means to inflict serious damage. The United States has already attacked other countries, and other deliberate attacks are suspected. Losses are already in the tens of billions. ‘National sovereignty’ is pretty meaningless on the Internet anyway, so I can’t say anything about it. It is only a matter of time before there is a serious incident, i.e., one that journalists recognize as an event.”
Duane Steward, a self-employed consultant and solution architect for Medical Knowledge Engineering & Affiliates, commented, Yes. “Wary human nature will persist, as will mischief, as well as creativity in both production and problem-solving.”
Gina Neff, an associate professor at the University of Washington, wrote, Yes. “More systems will be online created by more vendors. These connected entry points into the ‘Internet of things’ will create more vulnerabilities for cyber attacks.”
Fredric Litto, a professor emeritus at the University of Sao Paulo in Brazil, wrote, Yes. “It is very likely; but just as likely is that we will pick ourselves up, rebuild, and continue on our course, just as happened after the Lisbon earthquake, the atomic bombs in Hiroshima and Nagasaki, and the World Trade Center Twin Towers. That type of resilience is something to be proud of.”
Ray Schroeder, associate vice chancellor for online learning at the University of Illinois-Springfield, wrote, Yes. “I fear a cyber attack that will bring down key parts of the national infrastructure and severely damage the economy. I do not expect the Internet itself to suffer irreparable harm. But through the Internet, such infrastructures as the power grid; water and sewage services; hard-wired telephone and cell phone networks may be impaired. These, in turn, would put enormous pressures on the economy and alternative service models. Daily, there are thousands of attacks that are thwarted. But, it is only a matter of time before a large-scale attack succeeds. The key will be to establish effective models for recovery and support.”
S. Craig Watkins, a professor and author based at the University of Texas-Austin, said, Yes. “This is something that could happen, but is something that government agencies and corporations are vigorously addressing in their efforts to protect the nation, people, resources, and institutions from such injury. Efforts to inflict such harm are already in progress, hopefully the intelligence communities are designing ways to identify and address such efforts. Also, while we have thought about these attacks from foreign agents, it’s also prudent to consider that it could be internal or domestic threats.”
Michael Slavitch, principal architect at Diablo Technologies, commented, Yes. “Power stations, especially nuclear ones, are ripe targets waiting for a sophisticated actor.”
Estee Beck, a doctoral candidate at Bowling Green State University wrote, Yes. “In Nicholas Carr’s recent article in The Atlantic [All Can Be Lost: The Risk of Putting Knowledge in the Hands of Machines, http://www.theatlantic.com/magazine/archive/2013/11/the-great-forgetting/309516/], he discusses the occurrences of software malfunctions in computer software systems in aircraft carriers that resulted in loss of life. Even as the American public has learned more about the NSA’s efforts to set up defense systems in cyber systems, some of the very defenses they set up also result in vulnerabilities that can be exploited. While I do not necessarily foresee a widespread dystopian future where an entire cyber network crashes, there are already signs of harm occurring, the Dow Jones flash crash, for example. It is plausible to consider that cyber attacks can results in widespread harm considering past events.”
Thomas Lenzo, a technology consultant, responded, Yes. “So far, major cyber attacks have been made on defense contractors, major financial institutions, and other large targets. Those targets have responded and hardened themselves against future attacks. However, the majority of businesses are small- to medium-size, and they, as well as most home technology users, do not have the defenses needed to thwart a major attack. We will see cyber attacks that cause many of those businesses to go out of business. Recently, a small town lost eight years of its records to a malware attack. The cost of the damage has not been calculated. In the future, there will be more of these types of cyber attacks. As for loss of life, we will see that when a major health care system or a SCADA [Supervisory Control And Data Acquisition] system is the victim of a cyber attack.”
Vittorio Veltroni, CEO for Hyppo Corporation, a digital and customer-knowledge consultancy, wrote, Yes. “As repetitive, rule-based tasks shift towards machinery, so does the running of complex networks (energy, water, transport, financial transactions). Those will become targets for disruption by external and internal threats alike.”
Jesse Stay, founder of Stay N’ Alive Productions, replied, Yes. “It won’t be what you think though. Citizens will have more control over their own security rather than the nation controlling cyber security. As such, the citizens who are more security conscious will be more protected than those that are not. Currencies such as Bitcoin will also be more prevalent, and the need for citizens to know more about their own security will become even more important. Citizens will get smarter, and will be more empowered to protect themselves.”
Rui Correia, the founding director of Netday Namibia, a non-profit supporting information and communications technologies for education and development, said, Yes. “Isn’t this already happening? With presently limited public exposure. We’ll be hearing about more and more examples of cyber attack and defense as more whistle-blowers share information with us.”
Mary Joyce, an Internet researcher and digital activism consultant, replied, Yes. “There is no reason to believe that hackers won’t continue to out-innovate infrastructure defenders. So long as data infrastructure is constrained in its function and design and hackers are unconstrained in the methods they can use to infiltrate it, those who own and defend infrastructure will be at a disadvantage.”
Meg Houston Maker, writer, editorial strategist, and private consultant, responded, Yes. “I’d like to believe that cyber attacks would be more likely to cause property and national security breaches than loss of life, and that they’re more likely to occur in less developed nations, or regions experiencing conflict or warfare. However, it seems clear that messing with the national grid during times of extreme weather events or hacking the public transportation system could pose a vital threat.”
Karen Landis, the user experience team lead for Belk.com, a department store, said, Yes. “People will get used to identity theft and cyber attacks in the way we got used to muggings and bombings. They won’t surprise us and will just be something that is in the news every day. Words like ‘identity’ and ‘nation’ will have to be redefined. How are you part of a ‘nation’ when you are connected globally? If the currency system becomes global (e.g., Bitcoin), nations will not be as necessary.”
Dennis McCann, A computer-training director who was previously a senior technical consultant at Cisco and IBM, commented, Yes. “As the third and fourth worlds go digital, cyber wars will occur by or to first-world nations. There is no limit to the vulnerabilities of a digital world and this is even today the most significant technical challenge we face.”
Robert Furberg, a senior researcher in clinical informatics for RTI International, wrote, Yes. “The qualifier of ‘widespread harm’ really informs my response. Matters of national security and defense are among the least likely sectors for successful cyber attacks, given the level of funding, sensitivity, and attention received. In contrast, I would expect other, more vulnerable sectors to be affected, specifically those sectors that will have been seemingly ‘forced’ into a more technical mode of operations from a traditional or analog environment.”
Tim Kambitsch, an activist Internet user, wrote, Yes. “The Internet of Things is just emerging. In the future, control of physical assets, not just information, will be open to cyber attack… Hacking my home today is limited to my desktop and laptop computers. Hacking my home in 10 years will include my doors, thermostat, and fridge.”
Danny Gillane, an information science professional, wrote, Yes. “The longer the Internet exists, the more people will be exposed to it and to the technology needed to use it for good and for bad. Sooner or later someone—either for political reasons (terrorism, for example) or for criminal reasons—will take down part of the utilities infrastructure leading to economic loss or property loss on a large scale or will steal something or will take down a major economic player, such as Amazon, the Federal Reserve, the Internal Revenue Service.”
James Penrod, former CIO at Pepperdine University, the University of Maryland at Baltimore, California State University at Los Angeles, and the University of Memphis, commented, Yes. “There are enormous dangers to all nations and especially to the most highly developed nations, well beyond what most US citizens can imagine. However, the destructive power of such a war is so great that the leaders of developed nations will find ways to maintain an uneasy peace, as was the case in the Cold War. Should this not occur, the world might experience another dark age!”
Richard Rothenberg, Regents’ Professor at the School of Public Health at Georgia State University, said, Yes. “This is highly unpredictable. Just as good ideas are difficult to predict, so are the really harmful (and clever) things.”
John G. McNutt, a professor at the University of Delaware, replied, Yes. “War in 2025 will be low-intensity conflict and major conflict via technology.”
James Wisdom Jr., owner of Wisdom Consulting and General Contracting LLC, responded, Yes. “Being able to lock down a cyber attack is to have protocol in place to track and defend against such attacks. Also countries would sign treaties to stop cyber attacks or face currency in said country not being able to participate on a global scale.”
Adam Nelson, founder of Kili.io, a cloud infrastructure in Africa, responded, Yes. “The question is whether a major cyber attack will have caused widespread harm to a nation’s security and capacity to defend itself and its people. With 200 countries in the world and the fact that so much critical infrastructure is rooted in cyberspace and given the 11-year horizon—it seems inevitable that such an event will happen.”
David Golumbia, an assistant professor at Virginia Commonwealth University, said, Yes. “They already have, repeatedly, and this trend will only accelerate.”
Maureen Schriner, a university professor, responded, Yes. “The vulnerabilities to these attacks lies in the nature of the infrastructure, the lack of common governance over the Internet, and the lack of willingness by multinational corporations to change processes. Until a major cyber attack occurs, the people and institutions that control cyber infrastructure won’t have incentives to change.”
Amy Crook, an IT employee at a large firm, wrote, Yes. “Theft in the tens of billions of dollars is definitely possible. Smaller nations have a greater risk of being harmed, since larger nations have more resources to put toward defending themselves from cyber attacks. It will become more apparent that nations such as China are actively working toward goals of cyber attacks on other countries. I don’t know how it will threaten a nation’s sovereignty. It seems unlikely that allies of any one country will stand idly by if that country is attacked in such a way. I don’t know if I can imagine a scenario in which a country is robbed totally anonymously, in part because it would be in the best interest of all other nations to put resources into solving that puzzle in order to protect themselves.”
Sam Moreland, a mechanical engineer, wrote, Yes. “The potential for attacks is already evident, think of what the United States did to the Iranian centrifuges.”
Bob Harootyan, manager of research for a national nonprofit organization, wrote, Yes. “This question is difficult because it seeks an absolute answer rather than a probability statement. Also, there is a substantial difference in impact between ‘significant loss of life’ versus ‘property losses.’ Nations are increasingly vulnerable to cyber attacks, whether in the private sector (e.g., Target; major banks) or government. It is highly probable that ‘a nation’ somewhere (e.g. Iran) will experience major harm to its security, but not the United States.”
Mary A. Malinconico, a consultant, responded, Yes. “Yes, there needs to be increased education and training on how to protect our data systems from cyber attack, both on the individual level (protecting credit cards and banking information) and on a systematical level (education of individuals to protect from attack and build systems that can withstand attacks)!”
Will Stuivenga, an information science professional in the state of Washington, said, Yes. “It is almost inevitable that something of this nature will eventually occur. Human nature and history have shown that effective counter measures will not be implemented until an actual event demonstrates the necessity of doing so. And even then, some nations probably won’t have the wherewithal to take effective counter measures, even if they wished to do so.”
Susan Barnum, a respondent who did not share a professional background, wrote, Yes. “White hat hackers enjoy trying to find holes in the system. In the United States, we have a tradition of white hat hacking. Many businesses employ such hackers to keep their systems secure. Government entities need to step up and use their services more often.”
Tim Mallory, an information science professional, responded, Yes. “The value of the damage is in the eye of the attacker and the victim. What may be seen as ‘billions of dollars of value’ may be meaningless to most people.”
Norman Weekes, a volunteer for a nonprofit, responded, Yes. “Crime and attacks will gravitate to and come from parts of the world without investments in cyber defenses: Africa, South America, Eastern Europe etc. The level is under-hyped for the same reason financial institutions don’t talk about successful robberies; it’s bad for business. We have no idea how bad the situation really is.”
Glen Farrelly, a self-employed digital media researcher and consultant, wrote, Yes. “As long as the benefits for cyber attacks remain as attractive as they are now, cyber attacks will continue, which will become only increasingly destructive as more of our lives and societies rely on digital networks.”
Brittany Smith, a respondent who did not share a professional background, wrote, Yes. “Cyber attacks and cyber security will be the issues that define the upcoming decades. What is unfortunate is that many Americans are unfamiliar with cyber security and do not know how to protect their own information. Education and collaboration across sectors will be necessary to help us protect ourselves individually and collectively.”
Roy Rodrique, a system administrator at a college in Phoenix, Arizona, responded, Yes. “Weapons will no longer be considered to be of a chemical or biological base, but of knowledge to use a specific method to gain advantage for a cause per se. The cause itself is not to be contained as right or wrong. It is knowledge being accessed by anyone with the desire and ability to use it.”
Brenda Michelson, a self-employed business-technology consultant, responded, Yes. “In the case of cyber attacks, the hype of pending calamity is probably a positive, as it increases threat awareness and in turn (hopefully) prompts telecommunications, transportation, energy, water supply, and food-chain infrastructure operators and regulators to engage and invest in risk-mitigation activities, as well as theorize, scenario plan, and test for systemic, cascading implications. If a nation were to fall, or be seriously harmed by cyber attack, it would have to be a highly coordinated attack, simultaneously targeting the nation’s various infrastructure elements; or an attack that could identify and exploit a linchpin element, resulting in cascading failures. This type of destruction is more likely to be brought on by nature—hurricane, tsunami, earthquake, and such. Which, I suppose could be—or certainly hyped as—a 2025 cyber threat, weather hacking.”
Adam Rust, a research director for a US-based organization advocating for economic justice and opportunity, wrote, Yes. “It is already happening. Cyber attacks are a front in war. Look at what happened in Estonia, in Syria, in Georgia.”
Bryan Padgett, a research systems manager for a major US entertainment company, replied, Yes. “With the increased visibility on cyber security, more academia partnerships and companies are building operating systems and other products with security and redundancy in mind from the ground up, instead of trying to apply it after-the-fact on top of what was already created. There will no doubt be more exposure, especially as everyday items start to become connected, but enough protection will come from new areas of cyber security and cybercrime defense.”
Breanne Thomlison, founder and president of BTx2 Communications, a marketing and strategies firm, wrote, Yes. “I’m hoping the government and corporations have learned about their vulnerabilities to-date and are taking extreme measures to protect the public and the world from widespread harm. Attempts will happen, but legislation will be forced to implement rules and laws that protect widespread harm for the sake of the economy, and human well-being. The level of threat has not been hyped, because anything is possible, but we, the public, government, and corporations, are aware of it and understand that we need to take real-time, ongoing action against vulnerabilities such in Big Data, nuclear plants, and power and transit systems.”
Kathryn Campbell, a partner with Primitive Spark, Inc., an interactive marketing firm based in Los Angeles, wrote, Yes. “Sadly, I don’t doubt for a moment that we’ll see a major, disruptive cyber terrorist attack launched over the next decade. Whether it hits our financial centers or more directly threatens lives via an attack on air traffic controllers or dam operations, or something more creative that we haven’t even thought of yet, only time will tell.”
Cliff Cook, a planning information manager for the City of Cambridge, Massachusetts, responded, Yes. “I would not doubt a major cyber attack will occur, but my best guess for a target would not be the United States or a similar nation, but a less technologically sophisticated country. Worldwide, there is a trend toward greater reliance on technology, but the capacity to manage and defend that technology is more uneven.”
Zach Braiker, CEO at refine+focus, a strategy, consulting, and social marketing firm, commented, Yes. “It follows that as the tools and resources become more advanced for society, those with an interest in using them to inflict damage will have increased capability to do so, especially considering that more people are likely to be educated about coding and cyber security issues.”
Kevin Ryan, a corporate communications and marketing professional, responded, Yes. “Military and business will probably have their own special Internet with a great deal of protection. Enough cyber attacks have been occurring that the military will make security a priority. Well-funded corporate entities will follow suite with special networks. The common man will be vulnerable.”
Peter Jacoby, a college professor, responded, Yes. “Since the beginning of invention, most of our seemingly benign discoveries have ultimately turned on us, in some way, often with awful results. Fire can heat your house, and it can burn it down. It all depends on how we attend to the fire in the first place.”
Buroshiva Dasgupta, the Kolkata Professor of Communication at the International Management Institute, wrote, Yes. “The more-skilled thief has always created an even more-skilled police force. There will be threats, but remedies too.”
Matthew Henry, a CIO in higher education, replied, Yes. “Cyber attacks will be huge and will cause physical and human life loss. Vulnerabilities within utilities will be the greatest danger, followed by dangers to medical areas. Financial vulnerabilities will continue to the level of causing loss of assets to corporations, governments, and individuals.”
Andrew Pritchard, a lawyer, PhD candidate, and instructor in media-and-society issues, wrote, No. “Relations between nations are somewhat beyond the expertise of a media scholar, but it seems the Cold War idea of mutually assured destruction should limit the prospects for all-out cyber war just as it did for nuclear war. A crippling cyber attack on a scale that jeopardizes national security or economic survival requires, at least for now, expensive technical capabilities and an impressive concentration of expertise. Most of the actors with the ability to put such resources together are national governments and large corporations—the sorts of rational actors unlikely to expose themselves to a proportional counterstrike.”
Beth Bush, the senior vice president for a major healthcare professional association, said, No. “I believe that the United States has the computing power, the intelligence, and the ability to apply these to avert physical harm in the event of any cyber or other type of attack.”
Kit Keller, a researcher and consultant, responded, No. “While the terrorism threat to the United States is real, I am optimistically counting on cooler heads to prevail in terms of our international relations. Right now, Americans are hated in many parts of the globe. With a change in our policies this can be altered. If we’re not as hated, we’re less of a target.”
Brenda Freedman, a digital publicist, responded, Yes. “The sophistication and level of individuals having the ability and knowledge of complex computer and security systems is advancing at a rapid rate. There are many components, and most important is not only to have the best security in place, but also to have people who are able to predict different security breaches that could occur. There must be a constant vigilance on a number of levels to achieve and maintain these goals. Enterprise must step up before systems are compromised. There is no excuse today with the technology and people able to keep data safe.”
Doug Casey, director of IT for a large educational organization, wrote, Yes. “It’s just a matter of time, as we just saw with the Target breach. Think of this as one more manifestation of the ‘long tail,’ whereby our financial information is now shared with a broader set of payees, increasing the likelihood of a breach in our financial information.”
Clark Sept, co-founder and principal of Business Place Strategies, Inc., wrote, Yes. “Those nations that are vulnerable as targets today are largely mutually vested and invested in avoiding such a catastrophe. Notwithstanding rogue agents, cyber security is today and will continue to be a major area of investment in the coming years. As a matter of global fiscal policy, the major players (nations and their central banks) are continuing to be mutually intertwined financially and, as such, will quietly agree in back-room style to stay clear of such cyber warfare, and to put in place appropriate measures to ensure cyber hegemony cannot occur.”
Ian Lamont, founder of i30 Media, a publisher of technology guides, wrote, Yes. “A major attack on a country’s banking, communication, medical, or tax systems could lead to political instability or loss of life.”
Anita Salem, a design research consultant, responded, Yes. “Long before 2025 we’ll see cyber attacks on networked physical infrastructure. Also, weapons systems and information systems are at risk. This is one of the likely disruptors to all of the doom and gloom predictions I’ve made earlier. A large-scale attack may actually lead to less centralized control and more interdependent networks being developed. I expect as technology deepens the economic divide between nations and within the United States, we’ll see the rise of a powerful hacker culture that will expose and take advantage of cyber weaknesses.”
Heywood Sloane, a principal and consultant with expertise in financial and business technologies, wrote, Yes. “It has already happened! Expect more! Governments certainly do.”
Patricia Swann, an associate professor at Utica College in New York, said, Yes. “Major cyber attacks on nations have already occurred in Eastern European countries. This will be a major problem for smaller countries in particular. Cyberspace is the next battlefield.”
Nathan Rodriguez, a PhD student at the University of Kansas, wrote, Yes. “It is difficult to envision a scenario where a nation does not experience widespread harm as the result of a cyber attack during the next decade. Iran’s nuclear program was dealt a tremendous blow as a result of the Stuxnet virus. I do not think it would be inaccurate to claim the United States is in some ways already amidst a new Cold War with China in the digital realm that will continue to deepen—all under the cloak of plausible deniability.”
Dave Rusin, a digital serial entrepreneur and former digital global corporate executive, responded, Yes. “Cyber attacks are new form of war—economically driven. It is the new reality. Today, America’s cyber security is like Swiss cheese. Solutions should be driven by the free market sector as the creativity will be fast and furious. On any given day, most politicians—outside of some briefing of what they want to hear—are not making me feel ‘Happy, happy happy …’ Our politicians can’t listen to generals or intelligence agencies on how to efficiently deal with traditional events leading to war, cyber-what? Eventually billions will be spent by government on cyber whatever—just follow the money, we are at risk, because those contracts will have more to do with campaign contributions, who you know, and keeping a politician in office, than an aggressive proactive and defensive-objective, clean, cyber strategy.”
Bud Levin, a futurist and professor of psychology at Blue Ridge Community College in Virginia, wrote, Yes. “I cannot imagine a formal, structured, or government-led defense that will prevent determined, networked, and labile hackers. Offense, by whatever label, can be wrong most of the time yet still succeed. Defense only has to slip up once, and it will sooner or later. We have thought the virtue of the Net to be its ubiquity and de-centralization. However, we’ve centralized it in terms of standards and practices and methodologies and overseers, creating new vulnerabilities as we attempt to improve on old. The more standardized and centralized, the more vulnerable to assaultive change.”
Manuel Landa, CEO of Urban360, a Mexican start-up, replied, Yes. “Cyber attacks are already here, and becoming increasingly sophisticated and dangerous as we depend more and more on IP-based technologies for everything from nuclear plants to personal health. The future wars will take place in the cyberspace.”
David Bernstein, president at The Bernstein Agency, a marketing and research consultancy, wrote, Yes. “For every lock, there is someone out there trying to pick it or break in. This is human nature, and I have no doubt it will continue to happen. Yet, I believe that as the threats increase, companies and countries will continue to build more protection, redundancies, and methods to safeguard against criminals. In the past, it has been those inside organizations who pose the greatest risk to security. As a result, I expect greater scrutiny and oversight to those inside our most sensitive areas of national banking, military, and infrastructure.”
Carol Wolinsky, a self-employed marketing research consultant, wrote, Yes. “Chinese incursions into the databases of major newspapers, the recent attack on Target and other examples demonstrate the determination and capability of those who wish to disrupt the security and safety of the world’s citizens. Al Qaeda and other terrorist groups have similar motivations. The United States lacks the political will to focus on and pay for technology improvements that would slow down or eliminate these threats; the primacy of the United States on the world stage will be in the past and will never recover. Eastern Europe and Asia, where many of the security threats originate, will be ascending.”
Marc Brenman, a faculty member at Evergreen State College in Olympia, Washington, wrote, Yes. “This is already happening. ‘Sovereignty’ is already becoming an antiquated concept, as borders become permeable and globalization takes command. Anything attached to the Internet or the cloud is vulnerable to remote control and destruction. Just as individuals will have no privacy, corporations and nations will be penetrated. Theft will replace invention and intellectual property. The Chinese and the National Security Agency are already demonstrating this.”
Glenn Grossman, a solutions consultant for a software provider to banks, wrote, Yes. “It just feels like it will happen. We have more exposure here and the risks will grow. However the risks are for all sides. The technologies that will grow can also exploit those who intend to do harm.”
Janet Kornblum, a self-employed media trainer and journalist, responded, Yes. “It’s pretty much already happening. Governments (including of course our own) will not be able to resist cyber warfare. Of course it will happen.”
Maurice Vergeer, an assistant professor at Radboud University Nijmegen in the Netherlands, replied, Yes. “It probably will. Estonia was one of the first countries that suffered a major cyber attack some years ago. If an agency can create something like Stuxnet to sabotage Iranian nuclear facilities, it’s a question of time for another agency to come up with another piece of malware to sabotage essential infrastructure. The problem is that because of the Internet of things, this is even more likely because most computers and machines will be connected to the Internet. Even when security is tight, the human factor is probably the weakest link.”
Thomas Keller, the head of product management and domains at 1&1 Internet, wrote, Yes. “There will be incidents and we will reach a new level of cyber crime and cyber terrorism but governments will become a close follower in this cat-and-mouse game of exploring new technologies in harmful ways.”
Steve Jones, a distinguished professor of communications at the University of Illinois-Chicago, responded, Yes. “I don’t think this is likely, though it isn’t impossible. One of the things that causes some hope is that most critical systems are not interconnected (Internet notwithstanding) so an attack on one is unlikely to disrupt others. The one that may be most vulnerable, as we’ve seen in the recent simulated attack, is the electrical grid, and there is certainly potential for attack and serious disruption via that vector.”
Vanda Scartezini, a partner in Polo Consultores Associados, based in Brazil, replied, Yes. “I do believe one or two major attacks—attacking critical infrastructure such as general utilities like electricity or water, with huge consequences on day-to-day life—will happen until the real efforts on cyber security come to a common agreement among all nations. I believe it will happen in a small, developing country first and then a more relevant country will be the target and the impact will bring all parties to the table of negotiation followed by the action needed.”
Jan Schaffer, executive director of J-Lab, developing innovative digital journalism, wrote, Yes. “Edward Snowden was smart, but there is surely someone out there who is smarter. Cyber attacks will be (if they aren’t already) the Achilles heel of any nation targeted by an enemy.”
Marsali Hancock, the president and CEO of the Internet Keep Safe Coalition, wrote, Yes. “Cyber attack with the intent to harm a nation state is possible and, following the history of mankind, it is likely to happen. Historically, nations have been willing to use every possible means to kill their enemy so there is no reason to believe the digital environment is immune.”
Daniel Miller, a professor at University College in London, wrote, Yes. “It would be foolish to underestimate the capacity of the military to employ new technologies. And since these work at a distance they will be very attractive. There are obvious imbalances in different nations’ capacities to launch and defend themselves from such attacks, which is why it is likely to be successful. Only after which will we see the required international mobilization to prevent further escalation.”
Aziz Douai, a professor of new media at the University of Ontario Institute of Technology in Canada, responded, Yes. “While it is probable, I think a major cyber attack will not happen by 2025 because insurgent groups and ‘terrorist’ organizations will lack the capability to launch such an attack. The hype surrounding the threat of cyber attacks will continue for various reasons including the fact that it justifies the infringement on privacy, setting up a panopticon-like Internet infrastructure, and the allocation of excessive budget for cyber warfare and security.”
Alf Rehn, chair of management and organization at Åbo Akademi University, Finland, wrote, Yes. “As we’re all doing our darnedest to protect ourselves from the boogeyman of cyber attacks, smart criminals and terrorists are glancing at the various dumb infrastructures that we leave unguarded.”
Alison Alexander, a professor at the Grady College at the University of Georgia, wrote, Yes. “Quite possibly is my real answer. While I do agree that the level of threat is hyped, the potential is there. Downing the power grid, even messing with traffic control, or wresting control of important systems that are currently automated is frightening and certainly possible. Hackers can do these things. Other threats are just as worrisome: hacking into banks or Social Security databases could result in major monetary losses. Finding digital ways to manipulate world stock markets is all too possible. We can talk about existing vulnerabilities, but the ones that will cost the most are the ones we don’t know.”
Linda Rogers, the founder of Music Island in Second Life, wrote, Yes. “I fear that it is very likely to happen quickly considering the number of cyber worms governments have already infected each other’s computers with.”
Mícheál Ó Foghlú, CTO of FeedHenry, wrote, Yes. “Yes, and no. I can see largescale monetary impact, but not loss of life.”
Agustin Rossi, a PhD candidate at the European University Institute in Florence, Italy, wrote, Yes. “Such an event—a very harmful cyber attack—is a low-probability high-impact event, a Black Swan. Nations should prepare for them just as they prepare for wars or market crashes because the effect of a harmful cyber attack might be as terrible as a war.”
Evan Michelson, a researcher exploring the societal and policy implications of emerging technologies replied, Yes. “Attack is likely yes, but in addition to targeting national security and corporate targets, such cyber attacks could be aimed at small businesses. Imagine a denial of service attack planned for ‘Small Business Saturday’ that targets local payment systems. The level of threat is higher than we currently expect.”
Jerome McDonough, an associate professor at the University of Illinois, responded, Yes. “Given the damage done by Stuxnet and the significant use of cyber attacks in the Georgia/Russia conflict, I suspect we may already have passed the ‘widespread harm’ merit you’ve established.”
Natascha Karlova, a PhD candidate at the University of Washington Information School, wrote, Yes. “This question basically emphasizes that we haven’t solved the electro-magnetic pulse issue.”
Liam Pomfret, a doctoral student in digital issues at the University of Queensland, Australia, responded, Yes. “Given such events as the Sony PlayStation Network hack, and known vulnerabilities in the US power grid, there’s certainly a great deal of potential for an attack causing significant economic harm (though any loss of life would likely be caused only indirectly). Particularly given the Sony case, it’s obvious that many large organizations are lacking sufficiently sophisticated security. I don’t see many firms taking much more care in this area either, simply because of the cost to them to do so, and the relative lack of punishment they’ve received from either consumers or governments when such privacy breaches have occurred. Even should a firm be punished, rarely have the executives who allowed such a situation to occur suffered from any personal liability, making the punishments relatively toothless.”
Mark Johns, a professor of media studies at a US liberal arts college, said, Yes. “There is every reason to believe that such a thing will occur. However, it will likely not be one of the major powers, such as the United States, that suffers such an attack. More likely it will be inflicted by an advanced nation on one less able to defend itself.”
Pamela Rutledge, PhD, the director of the Media Psychology Research Center, responded, Yes. “Technical vulnerabilities create a demand for innovative solutions and markets abhor a vacuum. Significant technology shifts create pressures that cause structural changes in human behavior, triggering fundamental shifts in how and why things are done.”
Jon Lebkowsky, Web developer at Consumer’s Union, responded, Yes. “A cyber attack of the magnitude described here is as avoidable as the Y2K bug, but I wouldn’t say it’s overhyped. The hype will drive prevention.”
George Lessard, information curator and communications and media specialist at MediaMentor.ca, responded, Yes. “The use of drones (by which I mean the ‘clean’ use of remote technology which enables ‘war’ to take place with little blowback) shows a trend that will continue with major cyber attacks and become amplified and newspeak will turn into a positive thing.”
Nick Wreden, a professor of social business at University Technology Malaysia, based in Kuala Lumpur, wrote, Yes. “The Internet was designed as a distributed system. This means that attacks can be localized or even blocked if necessary. One reason Libya shut down its Internet connections to the outside world was fear of attacks on its military infrastructure.”
Larry Magid, technology journalist and Internet safety advocate, wrote, Yes. “It is my hope and belief that those responsible for physical infrastructure will find ways to isolate critically important systems from a vulnerable grid. I do think that banking and information services will remain vulnerable but not things like power plants and water systems. My big worry though is whether autonomous vehicles and drones might be increasingly vulnerable.”
Frank Feather, a business futurist, CEO, and trend-tracker based in Ontario, responded, Yes. “Cyber attacks are a rarity. They make news, but they are rare and usually minor, including data-based breaches and leaks. Governments and organizations will however need to be far more vigilant, as cyber attacks of various kinds can become more commonplace. While a major compromise is possible, likely of an inter-state geo-political nature, or from a terrorist organization, the loss of life that may result should be minimal, unless the attack disables vital support infrastructure such as energy and other resource supplies that society and the economy need to function.”
Jonathan Sterne, a professor in the department of art history and communication studies at McGill University, responded, Yes. “Hackers are smarter than corporate security, and since protecting user data is low on anyone’s priority list, the trend of major corporations being compromised will continue. Governments should care more but they tend to adopt inferior Web technologies because of how they allow companies to bid for projects, so I don’t have a lot of hope there.”
Gary Kreps, professor of communication and director of the Center for Health and Risk Communication at George Mason University, wrote, Yes. “Serious breaches in cyber-security in the future are inevitable. However, I am hopeful that these serious incidents will raise public concern for security and lead to new programs and policies for safeguarding information systems in the future.”
Niels Ole Finnemann, a professor and director of Netlab and DigHumLab in Denmark, wrote, Yes. “It may already have happened. It will happen. Many European companies have experienced cyber espionage, and it is generally assumed that it takes place as a regular practice. One should also expect this to be the case in all global interrelations.”
Nicole Stenger, Internet moviemaker, wrote, Yes. “To some extent Snowden has already demonstrated that cyber attacks are routine, and that they mean tens of billions of dollars in missed industrial opportunities for countries like Germany for instance. However, he has also revealed, and this is fundamental, that a new cyberlords cast has emerged above nations, that concentrates this new power, emancipated from the current legal apparatus. This new cast which disregards economic enterprise and trades citizens like commodities, makes of course the concept of sovereignty much more relative. As for countries that are outside that Supra State, yes, they will try, and yes, they will be thwarted.”
John Anderson, a professor at Brooklyn College, wrote, Yes. “Playing with cyber security at that level is in many respects the 21st century equivalent of nuclear warfare. We can certainly develop this sort of capability, but do we dare use it? What sorts of norms for warfare itself will that change? Any offensive use of cyberwarfare will continue to be done in an extremely tactical manner to achieve discrete objectives (i.e., Stuxnet) as opposed to a sort of mass-destruction activity. Another Cold War-era adage also applies here: in a race between warhead and armor, warhead always wins.”
Elena Kvochko, manager for IT industry at an international organization based in New York, noted, Yes. “The possibility of a widespread cyber attack on national critical infrastructure is a major concern for many governments. The scope and the consequences of such attacks may be different for different nations. However, a large potion of critical infrastructure facilities still rely on software and technology created decades ago and which has not be upgraded. The level of sophistication of adversaries generally progresses much faster, therefore, it is important to implement adequate measures to ensure a proper protection of critical assets and capabilities.”
Mike Cushman, an independent researcher, wrote, Yes. “We have seen the willingness of the United States to use all available technologies for war (e.g., drones) against countries with little technology to resist. I expect them to do the same with cyber arms.”
Sonigitu Asibong Ekpe, a consultant with the AgeCare Foundation, a non-profit organization, wrote, Yes. “The battle that could begin with precise missile targeting the nations, cyber attack on websites which provide daily services to citizens like traffic lights stop working, banks shut down, an incendiary tunnel could be detonated causing a playground to collapse, a scenario which could erupt into a multi-front war, which could impact on civilians networks on the frontline and in the home front. The enemy will aspire to act in the cyber realm, to infiltrate computer networks and to spread panic and false announcements.”
Chris Uwaje, president of the Institute of Software Practitioners of Nigeria, wrote, Yes. “The 21st century will take digital hostages and there will emerge some digital colonies in the very near future. Some nations will wake up from their deep slumber someday—in the middle of the night—to find out that they have been held hostage digitally. Cyberattack may cause a major national blackout and stampede and indeed may lead to a classical civil war—where drones will become a child’s play. But with a standardized global peace architecture, there will be some confident-trust pathway for sustainable hope.”
Scott McLeod, director of innovation for the Prairie Lakes Area Education Agency in Iowa, responded, Yes. “We’re fooling ourselves if we think that there won’t be several major cyber war and/or hacking incidents aimed at governments, not just corporations and other organizations. This is a constant battle right now. It’s only a matter of time before something really significant occurs, particularly as more of our physical infrastructure becomes connected to the Web via the Internet of Things and other similar movements.”
Lucas Gonze, a respondent who did not share other self-identifying details, said, Yes. “Information technology has already been weaponized. Nations are already in hot conflict. Cyber attacks have been waged. With the Stuxnet/Flame attacks on Nataanz, the Iranian capacity to build nuclear weapons was reduced. It is entirely possible that tens of billions have already been spent by the Iranians. So this question is not very theoretical. If the question is whether major powers such as the United States or China will suffer such losses, that is an ideological slant in the question.”
Daren C. Brabham, assistant professor at the Annenberg School for Communication and Journalism at the University of Southern California, wrote, Yes. “There will definitely have been a major cyber attack by 2025. It will probably be perpetrated by the US or China on another country. I believe attacks on a country’s stock market or on a country’s missile defense system is the most likely application of a cyber attack initially. We will see the development of new major divisions (if not a new branch entirely) of the military focused on military applications of cyber warfare, along with medals and officer ranks for these specialists.”
Russell Bailey, the director of the library at Providence College, wrote, Yes. “It will entail an ongoing competition between genius and expertise on the productive, functional, and social side versus the counter-productive, dysfunctional, anti-social side, as has been the case in much of human history. There will also likely be accidents, i.e., cases where intended productive, functional, social activities go wrong and become counter-productive, dysfunctional, anti-social in impact. This can be financial, military, genetic (food, medicine, etc.) or travel (especially space, interplanetary).”
Matias Perel, a respondent who chose not to share more self-identifying details, wrote, Yes. “Unfortunately, [the United States] is hated all over the world. There are people who want to harm us. Just like they did hurt us on 9/11 physically; they will do us harm again from a cybernetic attack standpoint. That attack will claim lives and physical damages.”
Janie Pickett, a teacher and information science professional, responded, Yes. “In a parallel to the way armed conflict (and our defenses against it) has changed in the past half-century (i.e. 9/11), so cyber conflict will increase in sophistication and penetration. I don’t believe we will see a culture-ending attack, but I do believe we’ll see culture-changing attacks, in much the way 9/11 changed our concepts of armed conflict.”
Jeanne Brittingham, an opinion research consultant, responded, Yes. “Perhaps national sovereignty will not be possible unless cooperatively based; we may end up the servants of our technology and not the masters.”
Dale Richart, a marketing and advertising client liaison, responded, Yes. “This probably will not happen by 2025, but perhaps not long after. I do believe I will live to see a devastating event brought about by a cyber attack that will result in a global resolution to abolish some acts of major cyber attack. I doubt we are generally aware of the current level of threat and we need to be exposed to better informative journalism.”
Lisa Dangutis, webmaster for The Sunshine Environment Link, wrote, No. “People have tried and failed in the past. The biggest threat to any countries security is data mining or logistical attacks. Which has happened in the past and succeeded. However, to-date data mining has not cost lives or property loss and logistical attacks are generally caught. Theft of money is a risk with any computer system, but I think for harm we need to include human loss or property loss. Crash of a financial system would be bad, but it would be nearly impossible to harm an entire country. There are to many back ups in place. I don’t believe by 2025 it could happen on a national level. However, I believe there could be serious attacks to liberty but not enough to cause large widespread harm like Super-storm Sandy.”
Linda Young, a freelance writer, responded, Yes. “This nation has done nothing to make sure that the Internet is secure. It has done nothing to ensure that hackers can’t shut down the nation’s water, wastewater, and electrical supply systems. It has done nothing to make sure that banking is secure from attacks. It has done nothing to make sure that medical records can’t be hacked and altered.”
Carla Schober, a respondent who did not share a professional background, replied, No. “I’m sure at this point that many will have tried such a coordinated attack. I’m honestly unsure if any of these attacks will be successful.”
Patty Ash, a retired research analyst and senior editor, said, Yes. “Such damage and theft have already occurred, and they will continue insidiously over time.”
Walter Minkel, an information science professional, said, No. “This fear has been overblown. While it’s certainly possible, I will go out on a limb and say that if it was going to happen, it would have happened by now, when there are some pretty bad holes in Net security.”
K.G. Schneider, a university librarian, wrote, Yes. “I’ll qualify my response by saying the conditions will be there for this to happen, if they aren’t there already. Military response looks for vulnerable targets, and technology has given us new vulnerability. When the electrical grid system on the East Coast broke a few years back, the fact that so many of us first thought it was an attack points to a growing recognition that once we become dependent on technology, it becomes a target.”
Todd Cotts, a business professional, wrote, No. “Cyber attacks will always be a threat, but it is unlikely that a future cyber attack causing widespread harm will occur, any more than today. Cyber warfare is real and will continue to be a growing threat. However, just as the United States has historically been the leader in military advances in the physical world, it will do so in the cyber world, and, as we all know, has been underway for decades now. The challenge will be in whether or not the government is capable of staying ahead of the cyber terrorists. As long as the government leans on a competitive marketplace of non-government companies specializing in technological advances in cyber security, the advances should keep the United States at par, at minimum, with advances by cyber terrorists. The reality is that the more we rely on cyber technologies for automation, communication, controls, security, etc., the more susceptible we are to crippling cyber attacks. Greater concern should be given to the other methods of warfare more likely to cause ‘widespread harm’: Nuclear being at the top of the list, followed by EMP [Electro-Magnetic Pulse].”
Virginia Bird, director of a library cooperative, replied, Yes. “Cyber attacks are the new front line. It’s only a matter of when, not if. I am not confident in government or public companies to protect data and/or infrastructure.”
Barbara Clark, a retiree and Internet user, responded, Yes. “A cyberattack could destroy an economy. In the United States we continue to spend money on antiquated ‘war machine’ technology! Until that mentality is drastically changed we will be vulnerable to such heinous attacks.”
Joe Hernandez, a self-employed and semi-retired equipping specialist, said, Yes. “This threat will continue and increase for a variety of reasons and cause a growth in the security resources to safeguard systems from attacks.”
To read full official survey analysis, please click here.
To read anonymous responses to the report, please click here.