06.09.13
Posted in Cyberterrorism, Shoeshine at 2:57 pm by George Smith
From the wire:
The source of the intelligence leaks that revealed the National Security Agency’s massive domestic surveillance program last week was identified on Sunday by the Guardian as Edward Snowden, a soft-spoken 29-year-old former technical assistant for the CIA and current employee of NSA defense contractor Booz Allen Hamilton …
“I don’t want to live in a society that does these sort of things,” Snowden said. “I do not want to live in a world where everything I do and say is recorded. That is not something I am willing to support or live under … I can’t in good conscience allow the U.S. government to destroy privacy, Internet freedom and basic liberties for people around the world with this massive surveillance machine they’re secretly building.”
Snowden said he decided to leave his family, girlfriend and a comfortable, $200,000-a-year salary behind, and flew to Hong Kong on May 20. He said he chose China because “they have a spirited commitment to free speech and the right of political dissent.”
The paradox of the leaker seeking refuge in China and spilling the beans at the very moment the Obama administration was mounting an unsubtle press campaign over the matter of Chinese cyber-espionage is noticeable.
As an employee of Booz Allen Hamilton, Snowden would have certainly been in the middle of things.
The head of that firm’s cybersecurity contracting arm, Michael McConnell, is and was one of the leading salesmen of cyberwar hype. The firm has a very large interest in expansion of its cybersecurity and cyberwar contracting business to the Department of Defense.
The lengthy and original profile of Snowden, at the Guardian.
Top cyberwar rent-seeker, Michael McConnell and Booz Allen Hamilton.
Michael McConnell and Booz Allen — from the archives.
Permalink
05.07.13
Posted in Culture of Lickspittle, Cyberterrorism, Shoeshine at 9:13 am by George Smith
Formally, the Obama administration has chosen to allow the Pentagon to take the lead in describing the threat of Chinese cyberwarriors:
The Obama administration on Monday explicitly accused China’s military of mounting attacks on American government computer systems and defense contractors, saying one motive could be to map “military capabilities that could be exploited during a crisis.???
While some recent estimates have more than 90 percent of cyberespionage in the United States originating in China, the accusations relayed in the Pentagon’s annual report to Congress on Chinese military capabilities were remarkable in their directness. Until now the administration avoided directly accusing both the Chinese government and the People’s Liberation Army of using cyberweapons against the United States in a deliberate, government-developed strategy to steal intellectual property and gain strategic advantage.
“In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military,??? the nearly 100-page report said.
The report, released Monday, described China’s primary goal as stealing industrial technology, but said many intrusions also seemed aimed at obtaining insights into American policy makers’ thinking. It warned that the same information-gathering could easily be used for “building a picture of U.S. network defense networks, logistics, and related military capabilities that could be exploited during a crisis.???
The Pentagon report is here.
Whether or not these Pentagon statements on Chinese cyberespionage are “remarkable in their directness,” as New York Times reporter David Sanger writes, is open to interpretation.
Chinese cyberwar/cyberespionage capabilities comprise somewhat less than two pages in the entire thing. More space is devoted to China’s conventional warfare capabilities and hardware, its ballistic missiles programs, it’s preliminary moves into aircraft carrier aviation through the refurbishment and equipping of the old Varyag — now renamed the Liaoning, its naval modernization and other subjects.
In fact, the Pentagon can say little about Chinese cyberespionage other than it exists and much material, from the US private sector devoted to supporting the US military, is being copied.
What benefit this has been the Pentagon does not know and cannot or will not say. No one knows. It’s impossible to put a finger on the value of it to China, or precisely what losses this country directly suffers. It is an argument that has no meaning for the majority of Americans, something only the top most cares about.
And that’s because they can only be made to care about things they suspect may make them slightly less wealthy.
In terms of what’s actually happening, for example, China has not made any obvious great leap in generating a carrier battlegroup-centered navy.
On the other hand, we certainly do know that the US private sector, our multi-national corporations, are intimately involved in business relations with China.
Indeed, it is safe to say that the strapped American middle class would have next to nothing if all its household consumer electronics and dry goods of Chinese origin were taken away.
If, for example, Chinese cyberwarriors are stealing Apple’s secrets, what does it matter? Is Apple stopping its majority manufacturing through China?
America’s electric guitar and rock amplifier companies make the majority of their mainstream goods in China. If Chinese cyberwarriors have stolen plans from Fender Musical Instruments or many other American companies, so?
The entire American industry of pop music instrumentation manufacturing, excepting custom shop artisan work, was sent to China to increase profit margins and decrease labor costs.
American business ceded its property to the Chinese industrial base for immediate profit in pursuit of the very cheapest unprotected manpower. This was long before Chinese espionage became an issue the national security megaplex decided to exploit for the purpose of parasitic rent-seeking.
Who are you going to find on the street who cares if Chinese cyberwarriors from a building in Shanghai are into American businesses? They’ve already lost their jobs or much of their earning power. And their access to the Internet is a smartphone made in China.
Take a day off from the memes. Corporate America isn’t hiring, haven’t you heard? It’s not because of mass Chinese cyber-spying.
One last figure, furnished to again put Chinese cyberespionage/cyberwar efforts in perspective, as they relate to the American experience …
You can really tell how Chinese cyberespionage/cyberwar is taking away our futures, right?
National cyberdisaster described in less than 120 words: We’ll lose power, then we’ll drown:
U.S. intelligence agencies traced a recent cyber intrusion into a sensitive infrastructure database to the Chinese government or military cyber warriors, according to U.S. officials.
The compromise of the U.S. Army Corps of Engineers’ National Inventory of Dams (NID) is raising new concerns that China is preparing to conduct a future cyber attack against the national electrical power grid, including the growing percentage of electricity produced by hydroelectric dams …
The database contains sensitive information on vulnerabilities of every major dam in the United States. There are around 8,100 major dams across waterways in the United States.
The cyberwar menace repeat staff, at Scientific American:
Since this incident there has been a growing realisation that various elements of a critical national infrastructure are similarly vulnerable. They use similar, if not identical, embedded computer systems as were used at Natanz. The initial thought was one of defending the realm against foreign aggressors. After all, it was an obvious way to cripple a country without firing a physical shot. Why launch missiles if you can switch out the lights and turn off the water. It’s cheaper too. So much so that this form of attack has become a great leveller, allowing small nations to potentially punch well above their weight.
The same guy, in the Irish Times:
The North Koreans have been blamed for interrupting websites run in South Korea by banks, newspapers and TV companies in “a show and tell??? warning about what they are capable of during a conflict, warns Sally Leivesley of Newrisk. The South Koreans have taken the warning seriously, upgrading security at their nuclear plants – including disabling every USB port in every computer at the plants lest they be used to breach defences.
States initially used internet hacking for espionage, or intellectual property thefts, but warns Prof Woodward, they are using it for “aggressive??? attacks: “This is the cool war, as some people have put it, not the cold war. Why invest in bombs and bullets when, potentially, in a shooting match you can turn out the lights, turn off the water. Some countries are really punching above their weight. They don’t need a huge nuclear weapons programme.???
Some yob nobody knows at the Huffington Post:
Cyber terrorism. Terrorist groups and states will make use of cyber-war tactics, though government will focus on information-gathering than outright destruction. Stealing trade secrets, accessing classified information, infiltrating government systems, disseminating misinformation — traditional intelligence agency ploys — will make up the bulk of cyber-attacks between states.
Virtual statecraft. States will be wistful for the simpler days of foreign and domestic policy. Power in the physical world is no assurance of power in the digital world. This disparity presents opportunities for small states looking to punch above their weight …
Cyberwar allows small nations to punch above weight — brainless new received wisdom.
Usage: North Korea was really punching above its weight when it quietly took its missile off the launch platform this week turned off all the electricity in Los Angeles County with a secret cyberattack.
From the New York Times, a few weeks ago, on the White House collecting the wealthiest and most infamous CEOs from the companies that have profited immensely in the last three years, to talk about cyberwar:
The difficulty of deterring such [Iranian cyber attacks] was also the focus of a White House meeting this month with Mr. Obama and business leaders, including the chief executives Jamie Dimon of JPMorgan Chase; Brian T. Moynihan of Bank of America; Rex W. Tillerson of Exxon Mobil; Randall L. Stephenson of AT&T and others.
Mr. Obama’s goal was to erode the business community’s intense opposition to federal legislation that would give the government oversight of how companies protect “critical infrastructure,??? like banking systems and energy and cellphone networks. That opposition killed a bill last year, prompting Mr. Obama to sign an executive order promoting increased information-sharing with businesses.
“But I think we heard a new tone at this latest meeting,??? an Obama aide said later. “Six months of unrelenting attacks have changed some views.???
Unrelenting attacks, in this case, meaning making banking websites occasionally run more slowly.
Permalink
05.03.13
Posted in Culture of Lickspittle, Shoeshine at 11:52 am by George Smith
It gets worse, much worse.
Officially eclipses white dudes using iPhones as ersatz harmonicas.
I’m happy to say I haven’t been around anyone like this for more than fifteen minutes in the last five years.
Remember the Human Cyborg?
He pulled the insufferable white male tech dork routine in a Paris Mickey D’s and they tossed him in the street, breaking his trinket. And they didn’t care.
Google Glass only less cosmetically annoying by increments.
When will first photo blog of butthurt white guys with their Google Glasses broken show on the net? Wear ’em in the wrong place in southern California or Pasadena.
Yeah, sure, the local police will want to track down your stolen device by its GPS beacon, or review its video to ID who roughed you up for being tech-enhanced nosy.
You’ll never see them at Baja Ranch in Pasadena.
I’ve argued, in different words, that Google is often in the business of catering to the demographic in American society that corresponds to the white male gadget freak/programmer shoeshine army for the 1 percent. And, boy, is this another piece of proof.
Permalink
04.22.13
Posted in Bioterrorism, Ricin Kooks, Shoeshine at 8:27 am by George Smith
From a New Jersey business publication, more industry of fear p.r. on Soligenix, a company that has existed on bioterror defense spending for more than a decade, trying to exploit opportunity created by the crazy man:
Soligenix is actively working to develop vaccines for bioterrorism agents such as ricin, but funding the research remains a challenge, according to company president and CEO, Christopher J. Schaber.
“Every biodefense program needs to be sponsored by the government,??? said Schaber. “We don’t spend our own money on biodefense. The company could not take off with biodefense unless we secure a large procurement contract from the government, which are typically in the hundreds of millions of dollars …
Soligenix’s share price rose 20 percent this week after the ricin-laced letters to government officials were publicized.
Soligenix would make money if the government stockpiles the vaccine, but the research has to be funded and it has to get FDA approval before the company can procure a government contract.
“We’ve taken this very far with the support of the NIH (National Institutes of Health), but we really need to get a larger contract with more funding to allow us to move forward,??? Schaber said. “The government many times doesn’t move that quickly on these things, especially because a lot of people haven’t died.
In over ten years Soligenix has brought nothing to the US market.
Worth 100 mil to the biodefense rent-seeker?
Fun fact: Number of people made even mildly ill in government offices from handling ricin-tainted letters in the last twelve years: Zero.
Soligenix —
from the archives.
Permalink
04.20.13
Posted in Bioterrorism, Ricin Kooks, Shoeshine at 12:51 pm by George Smith
Updated, just in: A kook, but not the ricin kook:
OXFORD, Miss. — Marshals Service: Suspect in ricin letters case has been released from jail in Miss.
Rent-seeking behavior is the abandonment of providing a good product or service to customers (or one of even slightly minor social benefit) for the sole pursuit of wealth through private sector/government collusion.
It is practiced by corporations as well as individuals. And it is rife in the national security megaplex.
An article on the science journal Nature’s website on the 18th is the very illustration of it.
Entitled, “US ricin attacks are more scary than harmful,” the added slug line informed “But researchers hope that the incidents will renew development of stalled vaccines.”
Paul Kevin Curtis, the ricin-tainted letter mailer, appears to be profoundly mentally ill. There was never any chance that his letters would reach their targets. Bruce Ivins, the anthraxer who worked within the heart of the US’s bioterror defense establishment saw to that.
And there was no way the crude castor powder with ricin in it ever posed a threat to the general public.
It was country’s very bad luck to have the mental illness of Paul Kevin Curtis fly right into the middle of the week of the Boston terror bombing hysteria.
From Nature:
The US Army Medical Research Institute of Infectious Diseases in Fort Detrick, Maryland, has developed a vaccine called RVEc, which protected mice that were exposed to inhaled ricin.2 The vaccine has also been tested in human volunteers, who subsequently developed antibodies to the toxin. But further human testing is needed, and it is not clear whether the Department of Defense will continue to fund the vaccine’s development.
The other leading vaccine candidate, RiVax, is made by a company called Soligenix, based in Princeton, New Jersey. The vaccine was initially developed by Ellen Vitetta, an immunologist at the University of Texas Southwestern Medical Center in Dallas, and batches made by her group have been tested in animals. Those batches have also been found to be safe in healthy human volunteers, in whom they stimulated the production of antibodies.
But Soligenix has not yet tested the safety and effectiveness of its own batches of RiVax. The company’s development efforts have slowed as a result of budget constraints at its funding agency, the NIAID, says Vitetta.
“It basically is not going anywhere,??? she says. “It’s disappointing and upsetting.??? After an event such as the latest ricin mailings, “everyone wants to know where the vaccines are. Somebody has to think this work is important enough to fund us and let us finish it.???
Soligenix’s work on the vaccine is currently funded by a US$9.4-million NIAID grant, but further testing in animals to prove the treatment’s effectiveness would cost between $20 million and $40 million, says Chris Schaber, the company’s president.
It is cynical behavior to use the work of an individual like Paul Kevin Curtis as an argument for the refinancing of bioterror defense business.
The conditions concerning ricin poison are not going to change. It will never be a weapon of mass destruction and therefore has little to no utility unless one can think of a rationalization to require all ongress, or the president, to be immunized with it.
Ricin-tainted letters are rare and one cannot generally predict who they will go to. Should the entire US postal service by immunized?
Rhetorical question, obviously.
Soligenix is a company that has been mentioned here from time to time. It is a bioterror defense nostrum firm that exists only because of Bruce Ivins and the war on terror. For over a decade it has been kept afloat by taxpayer money and never brought anything to the American people in return.
More recently its stock collapsed, the company eventually turning to an accounting maneuver to re-inflate it.
Practically speaking one might look at the anthrax mailer from Fort Detrick (USAMRIID) as the ultimate bioterror defense rent-seeker.
The FBI surmised that one of Ivins’ motivations in mailing anthrax was to create an incident that would save and stimulate his anthrax vaccine work. In this he certainly was successful. Fort Detrick, for example, where Bruce Ivins was employed was a hot place to work. Bruce Ivins, a very capable scientist, was no Paul Kevin Curtis.
So after the anthrax mailings the national bioterror defense industry boomed. It continued to expand through the entire presidency of George W. Bush. Indeed, those were its salad years.
However, today, spending on bioterror defense asks reasonable people to consider it in terms of morality and good citizenship.
For five years the country has been limping along with an economy that does not serve the majority of its citizens very well. Food stamp subsidies are at an all time high. Millions and millions of people are long-term unemployed or underemployed. The nation faces very serious problems it is not really attempting to solve.
However, crude powder containing ricin in the mail is not a serious national problem affecting the lives of hundreds of millions.
The vast majority of Americans have seen very little real benefit from the large sums in bioterror defense spending. This is probably not going to change.
In view of this, the use of Paul Kevin Curtis, an obviously nuts person, as a rationalization to spend money on a vaccine that no one will likely ever need takes on a taint of immorality. It is simply an attempted collusion between government and a small bit of the corporate national security business to get more of the taxpayer loot.
It is rent-seeking through use of the industry of fear.
You think this man is a reason to fund a ricin vaccine? Seriously?
Still time to get in on the last day of our second fundraiser, ever.
Permalink
03.30.13
Posted in Cyberterrorism, Shoeshine at 12:32 pm by George Smith
“In my opinion, it’s the greatest transfer of wealth in history,” said general Keith Alexander, he of the National Security Agency, on cyberattacks launched at our great country. — SITREP
See the greatest transfer of wealth in history? Blue is what Americans earn. Red is profits in non-financial corporate America.
Krugman:
I should give a shout-out to Larry Mishel’s note showing that the share of corporate-sector income going to profits has soared to levels not seen in more than 40 years …
There doesn’t seem to be much trickle-down going on.
Permalink
03.29.13
Posted in Cyberterrorism, Shoeshine at 4:34 pm by George Smith
Fresh from the cyberattack that just about took down the Internet earlier in the week, Nicole Perlroth of the New York Times, along with David Sanger, who uncovered the administration’s deployment of the Stuxnet virus into Iranian networks, serve up still more fearmongering on Iranian and North Korean cyberwar capabilities.
From the Times:
The difficulty of deterring such [Iranian] attacks was also the focus of a White House meeting this month with Mr. Obama and business leaders, including the chief executives Jamie Dimon of JPMorgan Chase; Brian T. Moynihan of Bank of America; Rex W. Tillerson of Exxon Mobil; Randall L. Stephenson of AT&T and others.
Mr. Obama’s goal was to erode the business community’s intense opposition to federal legislation that would give the government oversight of how companies protect “critical infrastructure,??? like banking systems and energy and cellphone networks. That opposition killed a bill last year, prompting Mr. Obama to sign an executive order promoting increased information-sharing with businesses.
“But I think we heard a new tone at this latest meeting,??? an Obama aide said later. “Six months of unrelenting attacks have changed some views.???
Keep in mind that Obama administration and the US Cult of Cyberwar have been fingering Iran in attacks that make US banking websites run slow for months. (Secondarily, for a virus that crashed hard drives belonging to Saudi oil company, Aramco.)
The recent history, free of propaganda, is that the Obama administration, defense contractors and leaders of the cyberwar lobby in the intelligence agencies took out a vigorous public relations campaign to get cyber-information sharing legislation passed last year.
In that campaign they established the narrative that continuing attacks on the United States, by China, Iran and others, have — in one famous quote issued by the head of the National Security Agency — constituted the greatest loss of wealth in history.
That very public dose of fear-mongering failed in its aim — which was to get the information sharing cyber-legislation passed.
The Obama administration then spent some time preparing an executive order recommending information sharing on cyberthreats.
It has no force of law.
This has been followed by a rising second and identical spin effort to identify cyberattacks on the United States as a catastrophic threat, one capable of more harm to the nation than natural disasters, and more costly than 9/11, and possibly the subsequent wars.
All this has played out methodically over the last couple of months. And all of it has been touched on at DD blog.
It’s a continuing effort to get bad legislation passed, law that would immunize corporate America from any legal retaliation that might result from malfeasance revealed in information sharing. Secondarily, it is to beat the drum regularly for more spending in cyber-defense. None of this is of any social value. The US of A will not now or soon fall to cyber-attackers. It is a ludicrous scenario to entertain.
Citing from a day or so ago:
[The] US is in a lousy position to make arguments, or even recommendations, on proper conduct in cyberspace. This is because it is an untrustworthy international partner, one which will not be held to standards of conduct it publicly demands from others. (The majority in American power find this of no consequence under the rationale that as the preeminent and transcendent world power, the United States can always act any way it wants and that hypocrisy or an establishment of untrustworthiness does not apply.)
Ours is a country that routinely uses feeble actors in cyberspace — like Iran — as bogeymen in public statements on the dangers of cyberwar without including in the narrative the fact that we provoked them …
This means anything to 99 percent of Americans. Nor should it. Pasadena, or the town where you live, will not cease to function in your lifetime because of cyberwar.
Mega US bank websites that run slow because they’re being hit by denial-of-service attacks are of no consequence in the astronomically bigger picture of the American economy.
The US government and the national security megaplex, which includes large private computer security players and arms manufacturers with expanding, grasping wings devoted to the same business, relentlessly peddle the script that cyber-attacks on the US financial system could bring the country to its knees.
Americans have experienced the opposite. The average family now earns seven percent less than it did at the start of the Great Recession, an economic downturn brought on by this country’s financial system.
And today, pointed to be Krugman, an essay by economist Brad DeLong that the United States is now on its way to matching the monetary consequences of the Great Depression.
This is not because of cyberwar, near cyberwar, Chinese cyber-espionage, or Iranian attacks on banking websites and corporate America.
The President cannot get the minimum wage raised. He cannot do anything to reverse the austerity policies the Republican Party, from its minority position, has imposed on the country. He cannot or will not enact any measures as chief executive that might begin to make economic life in the country better for the majority of its citizens.
So what is he doing? Partially busying himself meeting with Wall Street’s master bankers and ginning up news on the daggers of cyberwar, attributed to China, Iran and North Korea, aimed at America’s heart.
It is maddening and pathetic.
One of the named sources for the Times’ piece is James Lewis of the Center for Strategic and International Studies, one of the major “think tanks,” the function of which is to furnish national enemies lists, affirmations that named enemies are up to no good, and what, in the way of war, ought to be done about them at once.
Lewis has always been a member of the Cult of Cyberwar — and you can check the public record easily in DD blog’s inimitable archives.
The shoeshine of cyberwar — from the archives.
Good heavens! Can’t you see where Iran has attacked banking websites and threatened the very financial systems of our great country!?
Permalink
Posted in Culture of Lickspittle, Cyberterrorism, Shoeshine at 1:26 pm by George Smith
The Duchy of Grand Fenwick, aka the Republic of CyberBunker, was said to have attacked SpamHaus and the Internet this week. And most people missed it except for the New York Times and Ars Technica.
I’ve repeated it countless times. Ten years ago the mainstream press just unilaterally quit doing its job on security matters. Serious journalism and critical thinking, as opposed to propagandizing and stenography, simply blew away and was never replaced.
It’s a theme I’ve carped on for years, going all the way back to anti-virus king John McAfee’s manipulations on the Michelangelo virus in 1992.
From the Guardian, on the great cyberwar everyone missed, which I only saw because of Frank at Pine View Farm:
This is the danger of the “dark age of journalism”, as it has been called. The training of the old Reuters reporter is replaced by one of political and corporate collusion. The separation between newsrooms and public relations agencies growing ever thinner as reporters rush to fill space at all costs, regardless of truth.
Even after she’d written the piece in the New York Times, tech reporter Nicole Perlroth tweeted how she was still getting targeted by corporate PRs to cover the “story”: “Hi Nicole, News is just breaking on the biggest cyber-attack in history. Are you planning on covering?”
The collapse of journalism combined with complex, fast-changing technology offers a wealth of opportunity for propagandists. In the soil of ignorance, fear can easily be sown. So it is with cyberwarfare.
The writer, Heather Brooke, probably didn’t have the space to get deep into the rise of web shoeshine news publishing, the fact that sensation, exaggeration and corporate tech fictions and trivialities are about all they exist for.
From the Daily Mail, on the Republic of CyberBunker in the Netherlands, my favorite grafs of the day, particularly with the photo of the guy and his purple flag:
In charge at CyberBunker is Sven Olaf Kamphuis, who styles himself the ‘Minister of Telecommunications and Foreign Affairs’ of the ‘Republic CyberBunker’ …
Within its 15ft reinforced concrete walls are 175,000 cubic feet of office space, airlocks, a 750KW diesel generator, fuel reserves and a 2,500-gallon freshwater tank.
Its inhabitants can allegedly survive for ten years without assistance from the outside world.
CyberBunker’s website claims: ‘Dutch authorities and the police have made several attempts to enter the bunker by force. None of these attempts were successful.’
Permalink
03.27.13
Posted in Cyberterrorism, Shoeshine at 2:09 pm by George Smith
Excerpted from yesterday, on the bind the US government — by its actions and statements — has put itself in with regard to cyberwar:
[The] US is in a lousy position to make arguments, or even recommendations, on proper conduct in cyberspace. This is because it is an untrustworthy international partner, one which will not be held to standards of conduct it publicly demands from others. (The majority in American power find this of no consequence under the rationale that as the preeminent and transcendent world power, the United States can always act any way it wants and that hypocrisy or an establishment of untrustworthiness does not apply.)
Ours is a country that routinely uses feeble actors in cyberspace — like Iran — as bogeymen in public statements on the dangers of cyberwar without including in the narrative the fact that we provoked them …
From an article in the Reg, on the “NATO manual on cyberwar,” one that argues that acts of force in cyberspace are [likely] illegal (primary author “Michael Schmitt, professor of international law at the US Naval War College in Rhode Island):”
Schmitt said the legal experts who drew up the manual agreed that Stuxnet was an act of force but were divided on whether the malware constituted an armed attack. And even if it was an armed attack it might still be justified as self defense in the form of striking back at the aggressor in the face of imminent attack, as a paragraph on page 58 of the manual explains:
“In light of the damage they caused to Iranian centrifuges, some members of the international group of experts were of the view that the attack had reached the armed attack threshold (unless justifiable on the basis of anticipatory self defence) [our emphasis].”
In other words, Stuxnet was not illegal because it was by the United States (and/for Israel), the preeminent world military and economic power, against Iran — because they’re bad, small, don’t like us and have a nuclear program.
Such legalisms in any manual thus rendered meaningless because the precedent is to claim the US is the special nation among all, always able to determine itself to be striking from a position of self-defense.
Taken to one logical conclusion, it renders all US participation in the establishment of international codes of conduct as easily abrogated as changing underwear, using the order and procedure established as the result of 9/11.
Permalink
03.26.13
Posted in Cyberterrorism, Shoeshine at 3:54 pm by George Smith
If there’s a Congressional hearing on cyberwar always view it as a scripted exercise, one in which the “experts” are carefully chosen to throw a scare into laymen.
Such was the case with House meetings on the matter last week.
An Albany Tribune piece on one meeting collects the fear-mongering:
Computer attacks on South Korea underscore the growing threat of cyber warfare that starts with the flip of a switch, computer security experts told federal lawmakers Wednesday.
North Korea is a “wild card??? when it comes to computer attacks because the country has the desire to launch attacks and a growing capability, said Frank J. Cilluffo, co-director of the Cyber Center for National and Economic Security at George Washington University.
Although North Korea is certainly a suspect behind attacks that shut down some South Korean banks and TV stations, President Obama and South Korean officials have not officially indicated that North Korea, China or any other nation is responsible.
Hacking by China and Russia is “brazen, wholesale and significant,??? and Iran poses a growing threat, Cilluffo said.
“Both our national security and our nation’s economic security are at risk,??? Cilluffo told the Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies. “It’s literally as easy as flipping a switch to attack.???
Note the use of the “flip the switch” meme twice, the idea that the US can be turned off, or at least parts of it, like a light bulb, from afar.
Iran’s cyberwar capabilities keep Texas Republican Michael McCaul “up at night,” the story adds. Iran, claims the politician, is “testing us,” seeing just how far it can go before we respond.
It’s outright lying by omission, a feature common to cyberwar discussions.
Iran has been the target of a US cyber-sabotage and espionage operations aimed at its nuclear program, one in which malware specifically written for the purpose has been put into its networks.
As I’ve written previously, the US is in a lousy position to make arguments, or even recommendations, on proper conduct in cyberspace. This is because it is an untrustworthy international partner, one which will not be held to standards of conduct it publicly demands from others. (The majority in American power find this of no consequence under the rationale that as the preeminent and transcendent world power, the United States can always act any way it wants and that hypocrisy or an establishment of untrustworthiness does not apply.)
Ours is a country that routinely uses feeble actors in cyberspace — like Iran — as bogeymen in public statements on the dangers of cyberwar without including in the narrative the fact that we provoked them.
Summarizing, I put it this way (it’s necessary to repeat stuff as part of any public information service):
However, in cyberspace the US government, in developing and unleashing malware on its enemies in the Middle East, has made a world environment where vulnerabilities are commodities and capabilities, information not to be shared because of applications in cyber-weaponry …
Paradoxically, the US government has contributed to the creation of a global Internet security environment where information is not to be shared because there is value in [hoarding and secrecy]. Critical vulnerabilities have great worth in cyber-weapons development. This has created a gray market in which the vulnerabilities, information of zero social value, are sold at good profit.
As with [any] discussions [going forward on] cyberwar and the creation of cyber-weapons, the American government, by its actions, has cut the ground from under its feet on being in position to take the high [position], right from the start. . .
Congressional hearings call panels usually top-heavy with “experts” who are merely there to mine and spread fear.
Frank Cilluffo, for example, goes way back to the time when the propagandizing fell under the phrase “electronic Pearl Harbor.”
Here’s Cilluffo, from the old Crypt Newsletter’s timeline on the official propaganda on “electronic Pearl Harbor,” dating from the Nineties:
December 15, 1999: “Future War in Cyberspace” was the title of a special broadcast on the Voice of America US government radio station. Disclosure: Crypt News made an appearance in it.
“At least twice this year, [the Pentagon’s] Dr. John Hamre has said the United States was in the middle of a cyber war — and the pace of attacks on US Military computers has increased since then,” read the announcer
John Hamre said: “We are in a day to day, virtual cold war. In that sense that we have people trying to disrupt the Department of Defense’s computers on a daily basis. So far, we are staying ahead of the problem. But just barely.”
Frank Cilluffo, of the Center for Strategic and International Studies think tank said the danger of cyberterror “is real and constant.”
“The myth persists that the United States hasn’t been invaded since 1812. I’d like to inform you otherwise. And that is the fact that invasion through cyberspace is now a daily occurrence,” Cilluffo said for Voice of America.
” . . . George Smith is skeptical that offensive military operations will work very well in cyberspace.”
“For years, Mr. Smith has been writing a newsletter on computer break-ins . . . He says Pentagon officials are overstating the danger from computer hackers and intruders.”
“Nevertheless, [Smith] expects the United States and many other nations to try to create ‘cyber-attack’ forces: ‘I think it is likely that people will try, I think it is unlikely they will have any impact.'”
“Mr. Smith says armies in Bosnia and the Gulf War faced computer problems, including viruses. He says they coped with them in much the same way they coped with flat tires on vehicles, or worn out parts on aircraft.
“[Smith] said] the idea that small groups of people, armed only with keyboards, could seriously hurt a powerful military force belongs in Hollywood — not the battlefield.”
Take time to review the entire archive. It’s the only one like it on the Internet, the only record of US (and western) cant on the then emerging subjects of cyberterrorism and cyberwar. You’ll see how the arguments have remained fantastic, self-serving and delivered for maximum scare.
There was one dissident in a House hearing entitled Cyber Attacks: An Unprecedented Threat to U.S. National Security, convened by the House subcommittee Europe, Eurasia and Emerging Threats, Martin Libicki of the RAND Corporation.
Reporter Andrew Conte of the Albany newspaper mentions him not at all although, mysteriously, he is included in the photograph accompanying the piece cited above.
This is standard behavior in US press stories on alleged, emerging or immediate threats. Critics, even the mildest, are edited completely out of the discussion in favor of direst claims. This is the way it has been for the past decade. Occasionally someone who goes against the assembled received wisdom of calamity is brought in. But the overall trend has been to stamp out anything like that.
In the House hearing, Libicki essentially testified that government ought to be careful with the fear-mongering talk of cyberwar.
From RT:
Earlier this week Martin Libicki, a senior management scientist at the RAND Corporation, warned the House Homeland Security Committee to be wary of the line between realistic projections regarding cybersecurity and fear-mongering.
“The more emphasis on the pain from a cyberattack, the greater the temptation to others to induce such pain — either to put fear into this country or goad it into a reaction that rebounds to their benefit,??? he said. “Conversely, fostering the impression that a great country can bear the pain of cyberattacks, keep calm and carry on reduces such temptation.???
Libicki argued, very briefly (he was the last to testify), for the House hearing on the “unprecedented threat” — that if a “cyber-9/11” were to occur, because it is a cyberattack the US doesn’t have to rush off and do something rash. The inference, here, being baldly obvious. It was a worthwhile issue to take up, he said.
In doing so he cited the cost of the actual 9/11 attacks, in excess of 250 billion dollars, and a further trillion in the Iraq war.
In a cyberattack is is possible to “take the time to think things through,” Libicki told the committee. “Even though a computer is taken out, another may be close at hand…”
We should not back ourselves into a corner where we always have to respond, he continued.
“In some cases the narrative must allow the attacker to back down gracefully.”
“What are the norms of conduct?” he asked.
Substantively, in creating a public impression that cyberattacks have the most extreme consequences, an expectation has been created in which the country may be compelled to respond out of proportion to the actual impact. (The House page is here. However, the reader will find that the links to the text copies of the testimony are, conveniently, 404s. The video record is more difficult sledding.)
The fear-mongers of cyberwar have now latched onto the stratagem of using monetary figures to describe the losses to Chinese espionage. Currently, their story is that such espionage has cost the United States more than the 9/11 attacks.
This left the committee in a quandary. California Republican member, Dana Rohrabacher, who took the opportunity to give a little speech [1] on the perfidy of Chinese “elites,” was discomfited by it at the end.
Rohrabacher seemed unable to completely endorse the idea that Chinese cyberwar against the United States was more damaging to the country than 9/11.
However, Greg Autry, Senior Economist for the Coalition for a Prosperous America, used the committee to launch a full frontal attack on China. (The organization has a footprint of virtually zero in the news media. And its organizational website “about” page sheds no particular light on who funds or is behind it.)
Excerpted (all errors in transcription, mine):
“[China sees] us as weak and foolish, to be controlled …
“[We] need to make sure the internet is not debased by hoodlums or nations who do not appreciate the rule of law. The Chinese government cannot think of enough things to do from the money they are earning
from the economic warfare they have been executing against the United States …
“[Their] cyberattacks against the United States are in the same financial class as the 9/11 attacks. They are costing clearly billions
and, I believe, hundreds of billions of dollars … This results in loss of life of Americans as well …
I believe that if the [Chinese military cyberwar building, PLA Unit 61398] was a segment of the Iranian Republican Guard located in Tehran, that building would be a smoldering pile of rubble before I could testify…”
Near the end of the hearing RAND’s Libicki had this to say about the financial figures.
Digested:
“I think we need a better understanding of the impact of Chinese economically-motivated espionage on the US economy. We hear a lot of numbers being thrown around. We don’t really know how they’re derived or how consistent they are with how economics works.
We are fairly confidant that terabytes of data go from the United States to China …”
“I would suggest it’s an important issue. If it’s a trillion dollar issue, we treat it one way. If it’s a billion dollar issue, we treat it another.”
Excerpts of Dana Rohrabacher’s brief speech, given to the Chinese people from the floor of the House subcommittee meeting on Cyber Attacks: An Unprecedented Threat to U.S. National Security:
“If the Chinese people are listening and to the Chinese intelligence personnel:
“What differs from what governments did in the past [with espionage]
and what is being done now … is that they are using the intelligence apparatus to enrich themselves … They are using the cyber-intelligence to enrich themselves, they have a personal motivation …
“The people of China are being cheated in that the apparatus has been set up to protect them is being used to enrich the elite and at the
same time put China into a hostile relationship with the United States … On top of that, the elite in China are using this, not to protect China,
not to make it more prosperous, but to repress their own people …
“The elite in China, their vanity and desire for more wealth and power has led China down a wrong path. I would urge those people in China …
the people of good will, to push the elite who are putting us on a path of conflict, out.”
Permalink
« Previous Page — « Previous entries « Previous Page · Next Page » Next entries » — Next Page »