02.26.13
Refining the art of shoeshine
Opening graph, from Slate’s national security journalist, Fred Kaplan, on cyberwar:
The New York Times’ front-page report this week that the Chinese army is hacking into America’s most sensitive computer networks from a 12-story building outside Shanghai might finally convince skeptics that the threat of “cyber warfare??? isn’t the fevered fantasy of Richard Clarke, the producers of “Die Hard 4,??? or the generals at the ever-growing U.S. Cyber Command. Alas, it’s real.
But what is the threat? Few of those in the know believe that some fine day, out of the blue, China will zap the programs that run our power grids, gas lines, waterworks or banking systems, sending our economy — and much else — into a tailspin. Even if the Chinese could pull off such a feat with one keystroke, it’s hard to imagine what they’d accomplish, especially since their fortunes are wrapped up with our own.
Alas, cyberwar shoeshine is real. No, strike that. Not something I’d write. Too easy.
How does someone who never showed much interest in cybersecurity in the last fifteen years go on this way?
It’s a question that applies generally since the topic is at the stage where people who never traditionally cared about it, or even knew much about basic cybersecurity, the nature of the threats, and networked computing, now believe they’re ready to be theorists on it.
Kaplan cites a book by Richard Clarke, 2010’s “Cyber War,” in which he “likened the current era to the decade after the first atomic bombs, when American, then Soviet, scientists built these weapons of enormous destructiveness — but before politicians or strategists devised ways of thinking about them rationally: how to control them, deter their use or limit their damage if a war couldn’t be deterred.”
This was one of the reasons Clarke’s book was brushed off.
“Likening” cyberwar weapons, like viruses, with things like Operation Crossroads or Castle Bravo was not to be taken seriously. (Click the links. Better to follow Drunk Richard Clarke on Twitter.)
For Kaplan’s column, the virus mentioned is Shamoon, implied Iranian retaliation against us and our proxies for Stuxnet.
Shamoon crashed and corrupted information on Saudi oil company computers, information — if they weren’t totally incompetent, that was backed up multiple times somewhere else.
Kaplan mentions Barack Obama’s recent executive order, one that lobbied for increased information sharing back and forth between the cyber-intelligence agencies and corporate America.
The history with regards to information sharing is fifteen years old.
It started with the Clinton administration where it was vigorously pursued by Clarke and assistant secretary of defense John Hamre. They argued for an exception to be added to the Freedom of Information Act, one to encourage corporate America to be forthright about its computer security intrusions, secure in the knowledge its secrets were safe from competitors and journalists armed with FOIA.
They got what they wanted. And it didn’t make a substantial difference. Subsequently, every year — between then and now — someone has always argued for ever more information sharing. Corporate America is not transparent. A frictionless system of information passage with it cannot be created.
Paradoxically, the US government has contributed to the creation of a global Internet security environment where information is not to be shared because there is value in that. Critical vulnerabilities have great worth in cyber-weapons development. This has created a gray market in which the vulnerabilities, information of zero social value, are sold at good profit.
As with discussions about cyberwar and the creation of cyber-weapons, the American government, by its actions, has cut the ground from under its feet on being in position to take the high ground, right from the start.
“Unnamed Pentagon figures continue to get big ink for their thesis that Chinese military cyber assault is a threat of trouser-moistening magnitude,” reported Lewis Page skeptically at the Reg today.
“Last week’s media bandwagon, initiated after Financial Times hacks in Washington obligingly got things rolling, is now thundering along unstoppably as foaming tech-dunce scribes pile aboard.
“On Friday it was [The Times of London’s] turn to play ventriloquist’s dummy.
” ‘Chinese military hackers have prepared a detailed plan to disable America’s aircraft battle carrier fleet with a devastating cyber attack, according to a Pentagon report obtained by The Times,’ ” says the Thunderer.”
If you read through to the end, public proclamations on cyberwar, often as what China could do to America — steal wealth, blow things up, turn things off — goes all the way back to 1999.
A lot of very bad stuff has happened in this country since then. Most of it rained down on the average citizen.
But cyberwar as perpetrated by the Chinese, something that would be worse than Sandy, that could turn off the power on the East Coast?
WTF is wrong with these people?
As with most of the professional pundit and journalist class, the talkers on cyberwar have been wrong about virtually everything. But there’s never been a penalty for being wrong because the members of the group all think alike and protect themselves.
It’s not that cyberwarriors from nations, including China, aren’t into American networks. They are and always have been.
How can you protect any network from undoing given that it takes only clueless employees, contract workers or officials to click on attachments carrying malware in e-mail messages made to look legitimate?
However, what does it all mean? Why do they do it? Is it because they’re really so deluded they believe they’ve put together a master plan to turn off the United States?
Believe me, if it could be done, hackers — who have never been known as shrinking violets — would have pushed that switch years ago.
Or is it because of a combination of factors? Because the networks are vulnerable, they can do it, and they so they do. Or because there’s a mindless, but human belief, that if you vacuum up enough information you gain an insurmountable edge over potential foes?
Is it even possible to process all the material gathered in such ways, to take much more than quickly vanishing advantage from even pieces of it?
No one knows. There’s no way to measure such things.
Mike Ozanne said,
March 7, 2013 at 1:36 am
“Is it even possible to process all the material gathered in such ways, to take much more than quickly vanishing advantage from even pieces of it?”
The tools exist to both mine large amounts of data for specific items, and to model data so that it can be more easily manipulated by a human operator to discover information from the data.
However:
If it’s encrypted, you’d have to factor in the crack time and cost against the potential value
You have to have hacked out the relevant data in the first place. i.e picked the hayrick which actually contains the needle
If its not “hard data” i.e its notes , journals e-mails etc rather than transaction records, troop locations, power usage etc then “interpretation” becomes an issue. In particular the human habit of accepting data that supports our bias, while rejecting that which does not. If we are going to do what we want anyway and bend the intel to fit the decision, why bother in the first place…..
George Smith said,
March 7, 2013 at 2:15 pm
That’s the nut of it. It’s an accumulation of data suctioning simply for the bolstering of rationalizations. That’s 90 percent of the shoeshine machinery.