Rule Number One: Always blame China, then Russia

Posted in Cyberterrorism, War On Terror at 4:53 pm by George Smith

Today, a collection of items again having to do with the tradition of blaming China and its mighty but hard-to-see cyberwarriors.

For example, when you want to build a cyber-attack force, blame the Chinese for starting a cyber-arms race, hacking into US utility companies, cyber-spying and installing backdoors and hidden boobytrap software switches in everything.

Since it’s a practice that has been carried out so well and for so long, the Chinese media has finally started to wise up to it.

So, this year, for the first time, DD has begun to field questions from Chinese journalists, who are returning the favors long administered by their counterparts in the western English-speaking newsmedia. That is, instead of wanting to talk about how China is menacing US cyber-interests, they want to know about the US menacing the rest of the world’s cyber-interests.

From a Q&A — in e-mail — this week:

Chinese journalist: Will US wage cyber warfare against its enemies?

DD: I doubt there will be any significant happenings of this nature. Too much potential for an exposure resulting in great embarrassment and bad publicity if caught doing such a thing. It wouldn’t look good if the US military was caught installing a worldwide zombie botnet now, would it?

Chinese journalist: US cyber security may provoke the new world arms race on the new military frontier, do you think so?

DD: The rhetoric on the subject may inspire something like this. However, it will be offset by the limited nature of what such things can accomplish in the real world.

Chinese journalist: What do you think of the cyberattacks worldwide?

DD: It’s another day, just like many, for IT staffs.

Chinese journalist: Will the American aggressive approach to cyber-security pose a threat to privacy and civil liberties?

DD: There is already some concern about this. As to privacy, there have been agencies and parties in the US which have been involved in pushing back on encroachments and violations of privacy in cyberspace for many years. They’ve had some mixed successes and some big failures, so it’s an ongoing battle.

Next up, a partial transcript from the Ian Masters show, a couple weeks ago. DD has edited it down to the most interesting points, and the common worked-to-death scripts re China and cyberwar.

Ian Masters, Pacifica radio host: There’s [now] an expectation hacker soldiers will be hired. The New York Times has a piece on Sunday on the frontpage, a rather skeptical piece, suggesting that this indeed may be another raid on the treasury by the military industrial complex.

DD (aka George Smith): Well, that’s been a constant. I mean, it’s not exclusive to the Obama administration. Cyberwarfare and cybersecurity have been used by the US government over the past fifteen years to, as you say, rattle the tin cup for a variety of reasons. I mean, it’s kind of like, what many people don’t realize is that the extremist views are in charge, OK? [Laughs] There really isn’t a voice of moderation. And there really never has been in the area.

IM: So, in other words, the sky’s always falling.

GS: That’s right.

IM: And the Russians are coming.

GS: Or the Chinese. The Chinese were coming ten years ago. And they’re coming again.

IM: And the terrorists are coming.

IM: In terms of cyberwarfare al Qaeda is not a player?

GS: No, they’re not a player.

IM: They do low-tech video releases. So who is the target of this new initiative by President Obama, is it Russia and China?

GS: Those are the common two. Ten years ago there were a large number of stories circulated insisting China, the dragon, was about to show its claws and fire, and it had developed a cyberwarfare capability, and in the most extreme cases could attack the United States’ oil refineries and cause explosions, war from remote, things like that. And with Barack Obama, on Friday, he includes in his speech a statement that cities in foreign countries have been blacked out by cyberattack, and that’s simply an urban legend. There’s nothing to back that up at all yet it finds its way into his cyber policy review report.

Now, why is that? [Laughs]

If you look at the footnotes of the report real carefully, this comes out of an old press release from a computer security company.

IM: So ginning up business?

GS: Well, specifically, this occured about a year ago. It was to gin up business for protection of remote control access systems. What better way to do it than to say the CIA had told [your expert business] that cities which cannot be named, in countries that cannot be named, had power companies attacked which cannot be named, causing blackouts in cities, the number of which cannot be named.

IM: Really?

GS: Yeah, well that’s it …

IM: Where is the beef then, as they once said in a political campaign? We’ve got a lot of sizzle — but there’s no steak here?

GS: Well, the real beef is that there isn’t any doubting that there are problems with cybersecurity. We’re now built on a system that’s fundamentally insecure … and when you choose to use the Internet … to build your networks upon [it], then you’re choosing to work with an insecure system and the daily problems that come with that are part of the overhead of doing business and conducting life like that. And that’s a complete separate set of issues which everyone must deal with on a daily basis.

Ah, have you had an experience with removing malware, viruses or spyware from your computer?

IM: Well now, at the risk of advertising for Apple, I have a Mac.

GS: [Laughs] Well, good for you!

IM: So everyone is attuned to these things and paying the price.

GS: And everyone has to deal with it daily and take measures or suffer the consequences … Bad actors on the Internet are not known for restraint, OK? If there was an ability to turn the United States off like a switch, it would have been done already, I think. They wouldn’t show the qualms of, perhaps, a foreign country whose leaders would say: “Maybe we shouldn’t do this.”

Someone would just say: “No, we’re going to do it because I want to be famous and show the world how powerful I am.” Which is one of common motivations, among many, in people who do these kinds of things on the Internet, who are constantly knocking on your firewall door …

CNN’s Pentagon correspondent, Jamie McIntyre, was puzzled: “This term cyber warfare sounds kind of, you know — amorphous, kind of hard to get your hands around it…” (See here for the next excerpt’s original publication.)

Fifteen minutes later, Gordon Chang, author of an unintentionally hilariously entitled book called The Coming Collapse of China vaguely informed the news network, “Well, they say that two [instances] of those were really the Chinese caused blackouts in the United States, one in 2003 and the other…”

For Chang, “they” were a couple of chatterers from the press, more specifically, an article in the National Journal, a publication nobody but Congressional staffers and producers and editors of news organizations in Washington, DC, reads.

“We’ve always knows that our civilian networks, which are not protected as well as the defense ones, can be taken down, but we never really had a demonstration that it could, indeed, actually happen until a couple of years ago,” continued Chang.

The news story demonstrated one common feature of all stories on cyberwar. You can say anything you wish and not suffer a beatdown. The most remarkable, even ludicrous, things can be claimed. Once on paper, it’s fair to discuss such things as if they had the reality of a piece of granite.

Since the Chinese had been causing blackouts, Chang reasoned the US government ought to show some backbone and give them a talking to …

To spend too much time arguing details [over this] is to be drawn into the deranged world of the American way of threat description … What would the United States do [then] in retaliation? Start carpet-bombing? Carpet-bombing, in this case, means having a force of cybermen and their own vast military botnet to launch DDOS attacks.

In “Carpet-bombing in Cyberspace,” an article from the Armed Forces Journal, Col. Charles W. Williamson III writes “America needs the ability to carpet bomb in cyberspace to create the deterrent we lack.”

There is a carpet-bombing gap in cyberspace, it is said. “We are in [a new arms race] and we are losing,” asserts Williamson. China has the greatest capability for cyber carpet-bombing because “analysts think China has the world’s largest denial-of-service capability.”

The US can offset this by investing in its own military botnet, sort of like not allowing the Russkis to take the lead in mineshaft digging in Dr. Strangelove.

In slightly different form, at SITREP.

Update: The daily dose of cyberwar exaggeration. Cyberwar will throw everyone back to the Seventies. Except you won’t get to be young again.

Comments are closed.