The $100 billion Washington will spend on cybersecurity in the next decade may be less about guarding America from a real threat, and more about enriching revolving-door lobbyists and satisfying pork-hungry politicians.
A new working paper by Mercatus Center authors Jerry Brito and Tate Watkins makes the case that "the rhetoric of 'cyber doom' employed by proponents of increased federal intervention ... lacks clear evidence of a serious threat that can be verified by the public."
But defense contractors -- both tech companies and weapons makers - are profiting handsomely from fears of cyber attack that could steal sensitive information or crash computer networks and power grids.
Brito and Watkins quote politicians' dire warnings that justify generous appropriations and added federal control over the Internet.
"The notion that our power grid, air traffic control system, and financial networks are rigged to blow at the press of a button would be terrifying if it were true," Brito and Watkins write. "But fear should not be a basis for public policymaking."
The public has been given no substantive basis for such fears. Any evidence of real threats is classified -- reminiscent of the weapons of mass destruction evidence that the Bush administration used to justify the Iraq War.
Lacking public evidence, ulterior motives and conflicts of interest are relevant.
Sen. John Rockefeller, D-W.Va introduced the Cybersecurity Act of 2010, which would direct billions to cybersecurity centers and research. Rockefeller's former chief of staff, Jim Gottlieb, is now a lobbyist at Capitol Counsel representing tech giant Cisco Systems on "legislation pertaining to cyber security," according to a recent lobbying filing.
In the last election cycle, Gottlieb gave at least $19,000 to Democratic candidates, according to Federal Elections Commission data.
Rep. Jim Langevin, D-R.I., co-chairs the House Cybersecurity Caucus. Cybersecurity contractors General Dynamics and Raytheon were Langevin's two top sources for campaign contributions last election. Deloitte and BAE were among the top five contribution sources for co-chairman Mike McCaul, R-Texas.
While much of the alarmism on cybersecurity stems from sensationalized reports in the mainstream media (the trade press, covering tech and security issues in more detail, are far less frenzied about a possible "Cyber War"), Brito & Watkins show one key driving force has been the Center for Strategic and International Studies.
A January 2009 report by a CSIS cybersecurity panel stated, "America's failure to protect cyberspace is one of the most urgent national security problems" facing the Obama administration and warned the cyber battle "is a battle we are losing."
Langevin and McCaul sit on the CSIS panel with other experts who have clear conflicts of interest. Retired Air Force Lt. Gen. Harry Raduege, co-chairs the CSIS panel while earning his paycheck as an information technology executive at Deloitte. Microsoft security executive Scott Charney is also a co-chairman.
Charney's and Radeuge's employers, like Langevin's and McCaul's top donors, stand to profit from a widespread fear about a cyber attack. Even if these politicians and businessmen act with only the best of motives, the clear conflict of interest ought to cast serious doubt on their warnings.
Boeing, Lockheed, BAE and other contractors have all hired up retired generals or former national security officials to run their cybersecurity operations.
But the most notable cybersecurity revolving-door character is retired Vice Adm. Michael McConnell. He served as director of the National Security Agency under George H. W. Bush and Bill Clinton, before cashing out to Booz Allen Hamilton to serve as director of defense programs. Then President George W. Bush tapped him as director of national intelligence in 2007. After Obama took office, McConnell rejoined Booz Allen to head the firm's cybersecurity business.
Booz Allen last week scored a $71.5 million cybersecurity contract with the Navy.
McConnell is still often treated as a disinterested expert. Brito and Watkins point to "a rare 1,400 word essay" in the Washington Post, in 2010 in which McConnell warned of a cyber attack and that "chaos would result."
In a 2010 article on cyber attacks, the New York Times quoted McConnell's testimony before the U.S. Senate: "If we were in a cyberwar today, the United States would lose." The Times identified him simply as "former director of national intelligence," not noting how he stood to profit from worries over "cyberwar."
Similarly, "60 Minutes" quoted McConnell warning of a cyber attack causing a massive blackout - never mentioning his financial stake.
Americans don't have any evidence to show that robust cybersecurity programs make us safer, but it's sure making some people richer.---- CORRECTION: This column originally misstated the amount of Booz Allen's new cybersecurity contract with the Navy. The value of the contract is $71.5 million, not $7.2 million.
Timothy P.Carney, The Examiner's senior political columnist, can be contacted at firstname.lastname@example.org. His column appears Monday and Thursday, and his stories and blog posts appear on ExaminerPolitics.com.