Twitter and Terrorism

On Feb. 5, the short-message-service Internet firm Twitter announced that since the middle of 2015, it has suspended 125,000 accounts because they appeared to be promoting terrorism or similar extremist activities.  While Twitter has long maintained rules against such content in tweets, this is the first time they have made public a specific number of account suspensions connected with terrorism.  This move and the associated problem Twitter is trying to deal with bring up important questions about the ethics of communications technologies and the way private organizations have displaced national laws as arbiters of free speech.

Historically, communications systems rarely arise in discussions of engineering ethics.  For example, I doubt that in the 1950s the Society of Motion Picture Engineers debated the question of screenwriters who were blacklisted during the McCarthy communism-scare era.  The question of a medium's content was seen to be almost totally distinct from the technology and engineering it used. 

But gradually that has changed as technical, managerial, and censorship roles have morphed and merged in the strange new cyberspace world of spam, viruses, and tweets.  The problem Twitter faces, of groups such as ISIS using Internet services to promote and coordinate terrorist activities, is real.  Syed Rizwan Farook and his wife Tashfeen Malik apparently drew much of their inspiration for the attack in San Bernadino, California from Internet sites promoting jihad.   Their December 2015 attack killed fourteen and wounded twenty-two.  Even messages limited to 140 characters can be used to recruit and coordinate such things, although there is no evidence that Twitter was involved in that particular incident.

Nevertheless, Twitter, with only 3,900 employees, faces the daunting task of enforcing its Twitter Rules on all 300-some million active users every day.  Clearly, much of this task involves technology to sift through the millions of messages pouring through Twitter's servers.  It also involves the cooperation of groups concerned about terrorism, with which Twitter has teamed in an effort to find and suspend violators of Twitter's rule against promotion of terrorism.  But it also involves fundamental questions of free speech—questions that used to be debated mainly in the halls of legislatures and courts of law, not in the cubicles of software engineers.  Increasingly, it's the engineers—or people who work closely with them—making the on-the-ground decisions about who gets to tweet and who gets their beaks clamped shut.

The fact that Twitter has gone public with a specific number of account closures is a move apparently designed to send a message to those who would use the service for nefarious purposes.  It also serves to raise the status of the company in the eyes of those who are worried about misuse of the Internet for terrorist activities.  And it emphasizes the magnitude of the problem.  Suspending accounts can be compared to a medical test for a serious ailment.  If you get too many false positives, you'll be bothering healthy people with a diagnosis that later has to be reversed.  But if you get too many false negatives, you let people with a serious disease slip through without treatment, possibly leading to worse results later on.  So the challenge for Twitter is to find accounts that are being used to promote terrorism in some way and suspend only those, without cutting off people who are not trying to make trouble.

From a free-speech point of view, these suspensions could be viewed as censorship.  But even the courts recognize that free speech has limits—the classical example being the lack of a right to yell "Fire!" in a crowded theater.  So Twitter's actions are justifiable on that basis in cases where the possible harm to others in the form of terrorist activity appears to outweigh the value of preserving free speech for all Twitter account holders. 

This is not a critique of Twitter, by any means.  They appear to be taking responsibility for a hard job and doing it as well as they can.  Looming in the background, of course, is the possibility that if a family of someone killed in a terrorist attack discovers that Twitter accounts were involved in planning the attack, the firm might get sued.  While I'm not aware of any such suits, such possibilities always have to be considered when you are dealing with a large-scale operation involving millions of people. 

But I think the most notable thing about this situation is the way that the practical basis of free speech, in this case anyway, has spread from the legal system to international private firms where the parties are mostly anonymous users, largely invisible software engineers, and company policy makers, in cooperation with various outside agencies who are all selected by Twitter.  The legal system hasn't entirely lost its influence, in that companies such as Twitter are still responsive to sustained large-scale legal challenges.  But in the wild-West environment of the Internet, such challenges are unusual and often politically inspired.  Preventing terrorism is a pretty uncontroversial position politically, and so Twitter doesn't seem too worried that it will get sued by a coalition of terrorist groups for what it's doing to their accounts.  Terrorists have other ways of settling such disputes, and I hope they don't use them.

It's a shame that evildoers have bent the Internet to their will to the extent that firms like Twitter have to spend a lot of time and effort whacking moles, which in many cases pop up again right away, either on Twitter or on other more private Internet communications setups.  But doing nothing would be irresponsible.  The knowledge that such suspensions can happen is what makes most Twitter users behave, not so much the actual suspensions, just as the knowledge that one is liable to get a speeding ticket makes most people obey speed-limit signs whether or not there is an actual traffic cop in sight.  Kudos to Twitter for kicking suspected terrorists off the telephone wires, so to speak, and let's hope that their very public stance against such things forces terrorists into corners of the Internet where it is harder to recruit people to their cause.

By the way, I have begun to do a weekly tweet summarizing each blog post.  My Twitter handle is @karldstephan, in case you want to follow me there.

Sources:  The New York Times carried an article by Mike Isaac entitled "Twitter Steps Up Efforts to Thwart Terrorists’ Tweets" on Feb. 5, 2016 at http://www.nytimes.com/2016/02/06/technology/twitter-account-suspensions-terrorism.html.  I also referred to the Twitter announcement of the 125,000 suspensions at https://blog.twitter.com/2016/combating-violent-extremism, the Twitter Rules at https://support.twitter.com/articles/18311#, and the Wikipedia article on Twitter.

Will ISIS Hack the U. S. Power Grid?

In a meeting of electric-power providers last week, U. S. law enforcement officials revealed that Islamic State operatives have tried to hack into parts of the American power grid, so far without success.  But the mere fact that they're trying has some grim implications.

One of the officials, Caitlin Durkovich, is assistant secretary for infrastructure protection at the U. S. Department of Homeland Security.  She refused to provide specific details of the attacks, but an FBI official said so far that the attacks are characterized by "low capability." 

For some time now, it's been obvious that cyberwarfare may play an increasing role in future conflicts.  Perhaps the most significant successful attack up to now was mounted by a team of U. S. and Israeli experts in what came to be known as Stuxnet.  The attack was aimed at Iran's nuclear-material centrifuges and allegedly disabled many of them in 2010 before operators figured out what was going on. 

That attack was aimed at one specific facility, and the attackers had access to abundant information on the particular equipment involved.  Doing something similar to a significant part of the U. S. power grid would be a harder proposition for several reasons.

A Stuxnet-style attack on one generator, or even an entire plant, might temporarily  damage that plant and take it out of commission.  But the power grid is designed to deal with just such occurrences without major disruptions.  At any given time, a certain number of generators are offline for repairs or maintenance, and every so often a problem will cause one or more generators to trip out unexpectedly.  Unless the loss of capacity is very large or happens at a critical high-demand time (say on the hottest day of summer), the system absorbs the loss and reroutes power from other sources to make up the difference, often with no noticeable interruption to customers. 

So in order to produce a large-scale blackout that would do some good from a terrorism point of view, a different approach would be needed. 

The most vulnerable parts of the power grid from a hacking point of view are the network control systems themselves—the SCADA (supervisory control and data acquisition) devices and communications systems that tell system operators (both human and electronic) what the status of the grid is, and open and close the big high-voltage switches that route the energy.  A simultaneous order to a lot of circuit breakers to open up all across a large grid would throw the whole system into chaos, tripping other automatic breakers everywhere and necessitating a total shutdown and resynchronization, which could take hours or days—even longer if widespread mechanical damage occurred, which is possible. 

But doing that sort of attack would be very hard.  I am no power-grid expert, but I do know that long before the Internet came along, power utilities constructed their own special-purpose communication networks that carried the switch-command instructions, often by means of microwave relays or dedicated cables.  Originally, these specialized networks were entirely independent of the Internet because there was no such thing yet, and so were perfectly secure from Internet-based hacking.  Utilities tend not to throw anything away that still works, so my suspicion is that a good bit of network-control data still gets carried on these physically isolated communications links.  For a set of hackers halfway around the world to get into those specialized communications systems would require either amazing hacking abilities, or inside information, or most likely both. 

This is not to say that it's impossible.  But the job is orders of magnitude harder than disabling one uniform set of machines in one location.  As reports on the power-grid hacking attempts pointed out, the U. S. grid is a hodge-podge of widely different equipment, systems, protocols, hardware, and software.  A hack that might take out a power plant in Hackensack would probably be useless on a plant in Houston.  So to mount a coordinated attack that would create a politically significant amount of trouble would be a monumental undertaking—so hard that evil guys with limited resources may decide that some other type of troublemaking would be a better use of their time.

Does that mean we can just sit back and enjoy the fact that the Islamic State hackers don't know what they're doing?  Not necessarily.  Hackers come in all flavors, and as the Internet has played an increasing role in the day-to-day operation of electric utilities, those same firms have had to deal with the accompanying hazards of malevolent cyberattacks from who knows where.  So the fact that Islamic State hackers are going after the power grid is not exactly a surprise.

While the recent revelations have led to some calls for increased government oversight of cybersecurity for the power grid, the industry so far seems to have done a fairly good job at policing itself.  A report in USA Today back in March of 2015 said that the North American Electrical Reliability Corporation (NERC), which is the non-profit industry-sponsored security-standard enforcer, has slacked off on the number of penalties and fines it has assessed on its members in recent years.  But the president of NERC says this doesn't necessarily mean that his organization is getting lazy—it could just as well be that utilities are following the rules better.

Rules or no rules, the danger that foreign and domestic terrorist organizations could cause massive power blackouts in the U. S. is real.  And constant vigilance on the part of the utility operators is needed to prevent these attacks from getting anywhere.  Fortunately, the present structure of the grid makes it a particularly difficult target.  But that doesn't mean it couldn't ever happen.

Sources:  I referred to reports of the disclosures about cyberattacks on utility infrastructures carried by CNN on Oct. 15, 2015 at http://money.cnn.com/2015/10/15/technology/isis-energy-grid/, and by the Washington Examiner at http://www.washingtonexaminer.com/article/2552766.  USA Today carried an in-depth study of the issue by Steve Reilly on Mar. 24, 2015 at http://www.usatoday.com/story/news/2015/03/24/power-grid-physical-and-cyber-attacks-concern-security-experts/24892471/. I blogged on Stuxnet on July 24, 2011 and July 2, 2012.