In wars of the future, advertisers will find their Internet Websites just as vulnerable to attack as their brick and mortar facilities. In fact, e-commerce Websites are probably more likely to be attacked, since, unlike real buildings, Internet Websites are always within range of the enemy.
For a number of reasons, defending American e-commerce against foreign sponsored Internet attack is going to be a very difficult job. The nature of the Internet not only makes remote attack possible, it also makes mass attack possible, even probable.
This is unfortunate because the United States is about as prepared for an Internet attack as it was prepared for Pearl Harbor. Sure, a lot of businesses have firewalls and other basic security measures, but against a state sponsored Internet attack those measures provide about as much protection as a Yale door lock would against a nuclear weapon.
Ultimately, the ability of a country to defend itself against e-commerce attack is dependent on the health and strength of the country's software industry. Alarmingly, the US software industry has become overly dependent on imported foreign labor to keep costs down, and this is causing several long-term problems.
First, by importing high tech labor, the US is training thousands of foreign engineers in how to put engineering theory into practice to make world-class products. These foreign engineers are going home and beginning to make products that are as good as American products, but much cheaper.
Secondly, the US software industry is driving many American software engineers out of the industry by keeping the hours longer and the wages lower than other industries. On average, a civil engineer has a career twice as long as the average software engineer. When you consider that they both cost the same to produce in terms of education and on-the-job training, the US is getting one of the world's lowest returns on investment for the software engineers it creates.
Thirdly, by becoming dependent on foreign produced software, the United States is making itself vulnerable to attack in ways that were never possible before.
Consider this scenario. China markets a knockoff of Microsoft Office. After three years it achieves a 70% share of the US market. Then, in a showdown over Taiwan, China activates code secretly included in the product which then attacks and destroys the operating system and most files on the computer. Suddenly, 70% of the personal computers used for business in America must be reformatted, and have the operating system and all applications reinstalled. This brings business to a halt in America for days.
Such an attack would cost the US hundreds of millions, possibly billions, and it wouldn't be particularly expensive to execute. One engineer working for a few weeks could come up with a basic attack code module, and a few engineers could come up with something really sophisticated given a few months. (In fact Microsoft has already included a somewhat comparable feature in its XP operating system, which disables itself if you make more than three hardware changes to any computer it's installed on.)
At present, there are no known processes and procedures for screening software imported into the US for potentially damaging capability. Even if laws were passed requiring such screening, they would be extremely difficult to enforce. Complex programs like Word or Photoshop have hundreds of thousands of lines of code, making the task of checking a single program a major undertaking.
The best way for a country to be safe from embedded attack code is to only use software products that are produced domestically. Most code is examined pretty thoroughly in the development process, so even if a foreign national were to plant destructive code, it would probably be discovered and removed. Of course, for countries without a robust software industry, this simply isn't possible, but for America it's a very viable option. The US still has the most advanced and robust software industry in the world. It's rapidly becoming just one of many countries with such an industry, but the fact remains, America has all it needs to be self-reliant when it comes to software. Whether it chooses to be is another matter.
In tight economic times it's hard to see American businesses turning down legitimate low cost knock-offs of critical software products like Word, Excel, Photoshop and PageMaker. Given the lower engineering costs in India and China, prices could be kept to about 20% of comparable American developed products.
It's only a matter of time before India becomes a major exporter of business software, and China will eventually become one as well. America will then be competing with two countries whose domestic market is over a billion people, each.
Some of the American software giants are already setting up engineering facilities in India. This move is temporarily addressing the labor cost issue, but long term, the US is still training and using foreign labor, and this time the payroll is being spent in India and not America.
Very few industries have received so much from Congress as the software industry. They've been given rights, and shielded from accountability, in a way no industry ever has been before. From the Digital Millennium Copyright Act, which as one judge put it, effectively locks consumers out of their own property, to laws which exempt technology professionals from overtime pay and subject them to 80+ hour work weeks, the American software industry has been given about every advantage a business could be given in a free market economy.
It's not too much to expect, in return, that those who run the American software industry would run it in a way that was somehow good for America, both in the short term and the long term. Instead, American software engineers are being driven out of the industry, software jobs are being shipped overseas, and the flagship American software giant, Microsoft, is the laughing stock of the world for its security breaches.
We have to ask, is this any way to run an industry? More importantly, is this any way to win a war?
NOTE: The 2004 Statistical Abstract of the United States has been released, and is available as an Acrobat file for free download through the Advertising & Marketing Review Website home page (www.ad-mkt-review.com). We've also added over 200 new pages of foreign trade data. Check it out!
Glen Emerson Morris was a
consultant for Ariba, WebMD, Inktomi, Apple, and Adobe.