MODERN TECHNOLOGIES OF MASS EMPOWERMENT

Violence does not require fancy weapons. Seung-Hui Cho used

widely available firearms to kill thirty-two people and
wound twenty-five others at Virginia Tech in April 2007.
It took only machetes to massacre most of the eight
hundred thousand Tutsis and moderate Hutus during the
hundred days’ genocide in Rwanda in 1994. From Columbine
to the Congo, individuals have conducted all manner of
attacks, as lone wolves or in organized groups. According
to some estimates, there are about90 guns for every hundred
people in the United States, and more than 650 million
civilian firearms worldwide. Between eight and ten thousand
people were killed annually in gun-related homicides in the
United States between 2008 and 2012, and those account for
only two-thirds of all murder cases.
Whenpeople want to kill other people, they can.2
But while technology is no kind of prerequisitefor
violence, it does facilitate a range of violent behaviors.
The technologies that cause the greatest concern for
security these days are, perhaps unsurprisingly, the same ones
that offer the greatest promise to humanity. The concern
and the promise emanate from the same source: the
double-edged nature of technological advancement. As
defense policyanalyst Andrew Krepinevich observes, “All the
military revolutions of the last two centuries are in a
real sense spinoffs from the Industrial and Scientific Revolutions
that have been central, defining processes of modern Western
history.” There are, in effect, no walls separating the
violent and the mundane. The iron forge used to cast
church bells was instrumental in the development of the
cannon in the fourteenth century. The telegraph and
railroads were both driving forces in subsequent military
revolutions. In the other direction, duct tape, the microwave, the
Global Positioning System (GPS),and indeed computers were
all originally developed, at least in part, for military use,
only to find their way into everyday civilian life.3
Bydelivering dramatic new capabilities to humanity in
general—and to individual humansin particular—technological
development creates the certainty that some of those
individuals will use those capabilities to do evil. Whenour
ancestors lived in caves, most Australopithecinesfoundthe rock
usefulto crush berries, but a few used it to crush
skulls; somehoned the rock into a tool for hunting
woolly mammoths,but a few turned that tool on each
other. Most people now will use new biotechnologies to
prevent disease; a few will use them to cause it. As
businessman and former Microsoft technology chief Nathan
Myhrvold put it, “Technology contains no inherent moral
directive—it empowers people, whatever their intent, good or
4
evil.”
Because most people do not seek to harm others, the
net impact of technological development is, in all
probability, hugely positive for humanity. Socialization has
always been essential to survival. Consequently, the
Internet, media, telecommunications, travel, and commerce have
greatly enhanced human well-being by making the world
smaller and strengtheningglobalinterconnectedness and
interdependence. They have toppled the barriers that, heretofore, had
impeded globalsocial development. In his majestic book on
the history of violence, The BetterAngels of Our
Nature, Harvard psychologist Steven Pinker argues that
our present international society is the least violent
in recorded history, in part because technology, trade,and
globalization have made us more reasoned and, in turn, more
averse to violence. Fewer people in the modern
world want to do bad thingsto others. Pinker’s thesis,
powerful and persuasive as it is, only captures one side
of the coin, however. The very same technologies that help
account for our society’s relative peace now threaten to
enable people to cause each other infinitely greater harm
than ever before.5
In one sense, this is merely a feature of
globalization. Although Pinker credits globalization with
taming violence, legal scholar Philip Bobbitt and defense
writerJohn Robb, in their respective bookson globalization and
terrorism, both link global communications, networking,and travel to
a new era of terrorism and confrontation between the state
and nonstate actors. And both make clear that technology and
its proliferation are key features of this development.6
Similarly, in his paean to globalization, The World Is
Flat, New York Times columnist Thomas Friedman pauses only
a few times in his glee over what he terms the “flattening”
of the world—thatis, the geographical and social leveling
associated with the proliferation of trade and technology
around the globe and the accompanying distribution of
capability. During one such pause, he briefly considers the
security implicationsof the trend he otherwise celebrates:
“Contemplating the flat world also left me filled with dread,
professional and personal. My personal dread derived from
the obvious fact that it’s not only the software writers
and computer geeks who get empoweredto collaborate on work
in a flat world. It’s also al-Qaeda and other terrorist
networks. The playing field is not being leveled only in
ways that draw in and superempower a whole new group
of innovators. It’s being leveled in a way that drawsin
and superempowers a whole new groupof angry,
7
frustrated, and humiliated men and women.” But there’s more
going on here than simple globalization, and Friedman—in
his description of the superempowerment of the world’s
real or perceived underdogs—is actually conflating distinct
phenomena. Globalization is fundamentally about
connectivity and travel worldwide, the abilityto move people,
goods, and particularly information at a speed and cost
sufficiently low to make the world a smaller place.The true
superempowerment of individuals, however, involves an
additional element: cheap, widely available, and destructive
technologies of attack.
Modern technologies of mass empowerment are not
fundamentally weapons systems, but they do take to their
logical conclusions certain trends in weaponry: those
toward increased lethality at greater distance and toward
giving more individuals the power do ever greater harm.
Specifically, technologies of mass empowerment put more
power, potentially a lot more power, in the handsof
more people, potentially a lot more people. They thus push
toward an extreme in whichwe have to fear ever more
remote and ever more lethal attacks from an ever wider array
of ever less accountable people wielding what legal
scholar and theorist of technology and law Lawrence Lessig
has called “insanely destructive devices.”8

NETWORKED COMPUTERS
The most developed technology of mass empowerment is the
planet’s networked computer infrastructure. Access to the
Internet is ubiquitous in much of the world: according
to some statistics, 40 percent of households globally are
connected, reflecting explosive growth over a decade ago. An
immense and ever growing number of people are
capable of manipulating computers connected to the network.
As a result, the expertise to launch cyberattacks and
cyberexploitations is widely, though certainly not
evenly, distributed, and the subject of cybersecurity has
spawned an enormous literature. For our purposes, the most
relevant points are that cyberintrusions—whether aimed
at military systems, intendedto disrupt social and economic
activity, or used simply to steal information, data, or
money—take place constantly. They come from governments of
rival nations, from members of criminal gangs, from
politically motivated hacker groups, or simply from
disaffected individuals. Identifying perpetrators involves time,
money, and significant doubt. The anonymity and accessibility of
the Internet, together with the sheer volume of cyberattacks,
makes deterrence and attribution of intrusions particularly
9
difficult.
The objectives behind cyberintrusions can vary as
widely as the societal functions that now depend on
computerized networks. Most involve garden-variety attempts
at fraud and theft. Some, like Luis Mijangos’s crimes,
involve more intrusive assaults on people’s personal dignity—
something closerto online rape. In others, as in the
case of MonaJaud Awana, a Palestinian woman, who lured
an Israeliteenager via Internet chat to meet with her and
then killed him, cyberspace only serves to facilitate traditional
criminal or terrorist activity. Cyberintrusions also involve
espionage, as attackers regularly steal huge volumes of information
from companies and governments alike.10
Some intrusions seek not merely to exploit information
technology systems but to damage them or alter their functioning.
So-called denial-of-service attacks against a variety of
governmental and corporate targets have become common
in recent years.More sophisticated attacks that exploit
software vulnerabilities and human weakness have become
prevalent as well, threatening military systems, vital
infrastructure, and other crucial, network-dependent
installations.
Although hard to assess, the probability of a truly
catastrophic cyberattack, like a meltdown of the world’s
financial system or a broad-based attackon the
electric grid, is certainly not negligible. An attackof this
magnitude will likely remain the province of professional
intelligence services for some time to come. But a
number of high-profile incidents in recent years have
underscored the fact that such an attackcannot be ruled
out. In 2007, the Departmentof Homeland Security conducted
a test in whichit hacked into a model power plant
control system and destroyed a generator by changing
its operating cycle. The nations of Georgia and Estonia
foundtheir government computers and Internet connectivity
subject to systematic attackwhen they had political and
military confrontations with Russia. And, of course, the
possibility of cyberwarfare involving nuclear power plants
was vividly on display in the case of the so-called
Stuxnet worm, revealed in 2010 to have attacked the
Iranian uranium-enrichment program by speeding up specific
centrifuge models, and in other attacks of a similar
nature dubbed “Olympic Games,”both reportedly launched by
the United States and Israel.11
While the highest-profile cybersecurity incidents of
recent years have generally been state-to-state affairs, the
power to conduct low- to medium-grade attacks and
exploitations on a wide scale has clearly migrated to
actors far below the level of sovereign states. The
most famous example is the hacker groupknown as
Anonymous, whose diffuse and largely uncoordinated
membership has launched attacks on a range of
targets—from Sony, to companies that refused to host
WikiLeaks, to government websites, to the Church of
Scientology.But it is not the only example. Consider the
following, all of whichtook place in August 2013 alone:
A hacker collective calling itself the Syrian Electronic
Army launched successful attacks against Twitter, the New
York Times, and the WashingtonPost, taking one newspaper off
the Internet for the better part of a day and
redirecting traffic from the other to its own site. Someone
launched a denial-of-service attackon the entire Chinese
Internet, slowing or stopping trafficfor more than six hours
(it was unclear whether the attackwas the work of a
nation-state). The press revealed “deepcyberattacks” against three
banks over the previous three months, costing those institutions
millions of dollars as hackers gained control of their
wire-payments applications. A Pakistani hacker claimed credit
for a series of hacks that affected 650 Israeliwebsites
associated with the government, corporations, and individuals. A
groupof Afghan hackers, meanwhile, attacked Pakistani
websites. One can compile a similar list for any
12
month of any recent year.
Of course, nonstate intrusions lie along a continuum, from
entirely legitimate cyberactivism—which can often serve to erode
government power in salutary ways—to cyberharassment
and “hacktivism,” all the way to full-on attacks. What
all have in common is the use of widely distributed
networked computers and telecommunications to allow individuals
—for good or ill, on their own or in formal or
informal arrangements with one another—to engage in
conflict against governments or other large entities that
have traditionallywielded great power.

GENETIC ENGINEERING,SYNTHETIC BIOLOGY, AND BIOTECHNOLOGY

The life sciences present a somewhat less developed case
of this sort of technological leveling. The technology tools and
expertise associated with genetic engineering have penetrated
society less deeply than have networked computers and
computerprogramming skills. Still, the number of people
trained in genetics and synthetic biology is large and
growing quickly. Education itself is becoming more globalized,
with both domestic and foreign students benefitting from the
most advanced institutions and laboratories. Even more than the
ubiquity of networked computing, the growing availability of
genetic-engineering technologies threatens to put the
power to launch a weapon-of-mass-destruction (WMD)
attackin the handsof a great many people around the world
with relatively inexpensive equipment and basic training.
Biological weapons are unique among WMDs. Like
nuclear weapons, they have the capacityto do truly
catastrophic damage. And like chemical weapons they are
comparatively inexpensive and easy to produce. But only
biological weapons can produce destruction far beyond the
point of first impact by dispersing contagious pathogens that
spread through the human network. As Myhrvold has
bracingly put it,
Modern biotechnology will soon be capable, if it is
not already, of bringing about the demise of
the human race—or at least of killing a
sufficient number of people to end high-tech
civilization and set humanity back 1,000 years or more.
That terrorist groups could achieve this level of
technological sophistication may seem far-fetched, but
keep in mind that it takes only a handful of
individuals to accomplish these tasks. Neverhas lethal power
of this potency been accessible to so few, so easily.
Even more dramatically than nuclear proliferation,
modern biological science has frighteningly undermined
the correlation between the lethalityof a weapon
and its cost, a fundamentally stabilizing mechanism
13
throughout history.
The long incubation periods for many pathogens mean that an
infected individual, like the one we imagined at the
beginning of this chapter, can travel and infect others
before contamination becomes apparent, making it difficult
to limit the impact of an attack. Moreover, illnesses
caused by biological weapons are often hard to distinguish
from naturally occurring outbreaks. It took investigators a
year to realize that an outbreak of salmonella in
Oregon in 1984 was the result of an attackby followers
of Bagwan Shree Rajneesh. The converse risk also applies:
authorities may wrongly attribute a natural outbreak to an
act of terrorism. Although investigators eventually concluded
that the outbreak of West Nile encephalitisin New York in
1999 stemmed from natural causes, the response by
publichealth authorities had a lot in common with the
response to a bioterrorism event because the natural
outbreak presented similarly to one. The disease had never
before occurred in the Western Hemisphere, and an
Iraqi defector had claimed justmonths before the outbreak
that Saddam Hussein was weaponizing the West Nile virus.
The potential for mistakes can generate unwarranted
conflict and undermine a government’s credibility.14