Blogs: Threat to National Security?
Can you Decipher the Truth and Trust Them?
Release Date: April 4, 2007
Release Number: Con-01-05
Fifteen years ago it wasn't even a word much less a phenomenon, but today it is the most exploding source of information in society, the web log or blog for short. It is virtually impossible to surf the internet and not be bombarded by blogs. Their origins are traced to the early 1990s but over the past five years they have become part of mainstream information. It is estimated that by the end of 2007, there will be more than 100 million pages of blogs on the internet.
So with all of that information, it begs the question, can we trust it and how reliable is it. Well respected journalists now produce their own blogs, blurring the lines between the mainstream media and blogs. But perhaps the bigger question developing is, are we on the verge of an informational security crisis and what does that mean in the post 9/11 world.
"The potential that the massive amounts of information that inundate the US government daily could lead to a failure to see the forest through the trees is certainly something we work to prevent," said Jesse Kyle Riesman, Deputy Division Chief, Diplomatic Security, Cyber Threat Analysis Division of the U.S. State Department. "That said, we've come a long way since September 11th. It's extremely difficult to determine the true source of blog information. For that reason we do not use blogs as a source. The State Department has invested in a talented team of cyber analysts that, through its credible work, has effectively marginalized some of the information authenticity issues that exist."
One of the fastest growing areas of internet information and blogs is the international community. In the post 9/11 world determining the credibility of information and often times its source is one of the greatest challenges cyber threat experts face. Riesman says that having cyber specialists can negate the massive amounts of information floating around.
"An important part of the solution to open-source information-overload is specialized expertise. Having personnel who specialize in particular regions, technologies, intelligence-gathering practices, etc. makes it easier to sift through the fire hose of data.
For example, our division's primary mission is to keep up with all aspects of Department computer security threats, regardless of source. Because of the large scope of that mission, various branches in our division specialize in different threat areas. There is, of course, an established practice of sharing information between those branches, but by ensuring there's little overlap in each analyst's primary area of expertise, we make it easier to avoid the kind of information overload that leads to security issues."
So do we face a security threat in this country because of the overgrowth of information? Riesman isn't so sure.
"There is not a concern that too much information will lead to security issues. However, in the open-source arena, information-overload is certainly a potential issue."
Open-source information is synonymous with blogs. How is it verified and do blogs have credibility. For decades, most news came from journalists and the media but that sole source of information is changing dramatically.
One journalism professor says the problem is determining what to believe in the age of the blogesphere since the traditional role of journalism has changed. "It used to be you had to have some credentials, there was a strong gate keeping mechanism," says Dale Herbeck, a professor in the Communications Department at Boston College. "Now anyone can publish their own work. The traditional definition of a journalist is under attack."
Herbeck says the good news about blogs is that it gave everyone their own soap box, but that can also be bad news if used in the wrong context. "We're going to have to educate a new generation of consumers, I'm sure it will happen, but in the short term it's hard to read students papers filled with sources that don't have credibility. I have students who think that Wikipedia and certain blogs are the authority on sources."
Scott Granneman writes for SecurityFocus and Linux Magazine, teaches journalism at Washington University in St. Louis, and has written several books on web-based security. He says blogs are not a replacement for mailing lists or visits to a trusted web site, but they can be an excellent source for information and perspectives you can't find anywhere else. "I tell students, trust your gut. When you meet someone for the first time, you see how their dressed, there's a gut feeling on what they have to say. In the case of the blog, people need to do the same thing."
Granneman says don't just base your thoughts and opinions on a single post, since most sort by category. He suggests finding a blog post about an issue, then find out what else has been written on that subject.
Granneman says the way you can tell a blogs' accuracy is the same way you validate information from any resource, by asking questions. Find out the source of the information, learn about the author, check other publications regarding the same issue, and finally, does it pass your personal gut check?
One of the best pieces of advice Granneman gives people who work in the private sector is to take a class on cyber security. "The computer manufacturers have exaggerated the ease that people can use these computers. Everyone in this day and age has to worry about cyber security, even if you don't have IT or computers in their job description." He says invite speakers into the company for lunch, or sign up for a class at a nearby university. And remember the old adage, you cant believe everything you read.
Last Modified: Thursday, 19-Jul-2007 11:07:43