You don’t really think a few lines of computer code are going to crash the world down around are ears, do you? I’m disappointed, I’m disappointed in you, Sherlock …
I knew you’d fall for it. That’s your weakness. You always want things
to be clever. — Jim Moriarty, The Reichenbach Fall
Took a while to get to it but the New Yorker ran such a thoroughly insipid piece on the matter of cyberwar, it deserves mention for its slapdash collection of pasted-together assertions and idiotic anecdotes.
The distinction between a war with guns and a war with bits is blurring.
(But did the New Yorker writer ask for the opinions on the matter from those bombed or shot?)
Throughout the conflict in Syria, rebels have used YouTube to foment outrage and to tell their stories. A sentence can tell you that blood flows in the streets, but a handheld camera can show it.
The government in Damascus meanwhile has sent out malware and published its own videos …
The so-called Syrian Electronic Army spun the U.S. stock market into a panic by hacking into the Twitter account of the Associated Press …
More recently, hackers broke into the Twitter feed of The Onion [and posted something inane] …
The Internet has helped to open up [Iran] in recent years, as Evan Osnos has written. But the government remains far more lion than wildebeest.
(As Evan Osnos has written. Of course!)
On shutting off the Internet: It’s terrible for business, creates chaos, and enrages the world.
(Did shutting off the Internet in Syria enrage you or appear to enrage many of your friends? Do you think it enraged the President?)
Last year, the security firm Renesys published a study on just how hard it would be to shut off the Internet in countries around the world. Sixty-one were at “severe risk …”
Cyberwar explained, allegedly. Or, rather, cyberwar discussion as a squirt of intellectual air-freshener for the posh.
“Nicholas Thompson is a grandson of Paul Nitze, one of the subjects of his most recent book, which gave him unprecedented access while researching his book. In March 2013, Thompson received a 21st Century Leader award from the National Committee on American Foreign Policy. He is also an acoustic guitarist and has released three albums of original instrumental music.” — Wikipedia
“This biographical article is written like a résumé … Please help improve it,” reads the site.
“It took a well-coordinated and very busy industrious criminal gang — a directed mob,” said George Smith, senior fellow with Washington, D.C.-based think tank GlobalSecurity.org.
“If you have such a similar mob you can put together, you can think about trying to duplicate this type of thing,” Smith said. “But you’ll have to have some startup capital, since it’s not quite something you can just walk out the door and assemble off the cuff.”
“The picture of two of the New York errand boys flaunting their stack of bundled cash in the car won’t strike anyone as being from the high end of innovation and thinking,” Smith pointed out.
Hiring local petty criminals to do the dirty work also increases the risk of exposure, said Sean Sullivan, a security adviser with the F-Secure security firm in Helsinki, Finland.
“The need to have lots of money mules to withdraw all the cash seems to be the big complication in getting away with the crime. That leaves a trail for law enforcement” …
Or, as a commenter on Slashdot wryly observed, “This is not how bank fraud should be done. The right and proper way is to become too big to fail, too big to jail, rig the LIBOR rates, create systematic rigging, award oneself huge salaries and bonuses, threaten worldwide economic collapse, hold governments to ransom and get huge bailout money.”
Global banking, apparently particularly in the Middle East, can’t secure itself. And it is probably quite prone to criminal recruitment of insiders.
The larger issue looming is how does one secure a financial system the average person, or worker, has no faith in?
In the US, bankers and giant banks are now among the most hated. How do you save or batten down a system when attacks on the system are met with public indifference?
The Obama administration on Monday explicitly accused China’s military of mounting attacks on American government computer systems and defense contractors, saying one motive could be to map “military capabilities that could be exploited during a crisis.”
While some recent estimates have more than 90 percent of cyberespionage in the United States originating in China, the accusations relayed in the Pentagon’s annual report to Congress on Chinese military capabilities were remarkable in their directness. Until now the administration avoided directly accusing both the Chinese government and the People’s Liberation Army of using cyberweapons against the United States in a deliberate, government-developed strategy to steal intellectual property and gain strategic advantage.
“In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military,” the nearly 100-page report said.
The report, released Monday, described China’s primary goal as stealing industrial technology, but said many intrusions also seemed aimed at obtaining insights into American policy makers’ thinking. It warned that the same information-gathering could easily be used for “building a picture of U.S. network defense networks, logistics, and related military capabilities that could be exploited during a crisis.”
Whether or not these Pentagon statements on Chinese cyberespionage are “remarkable in their directness,” as New York Times reporter David Sanger writes, is open to interpretation.
Chinese cyberwar/cyberespionage capabilities comprise somewhat less than two pages in the entire thing. More space is devoted to China’s conventional warfare capabilities and hardware, its ballistic missiles programs, it’s preliminary moves into aircraft carrier aviation through the refurbishment and equipping of the old Varyag — now renamed the Liaoning, its naval modernization and other subjects.
In fact, the Pentagon can say little about Chinese cyberespionage other than it exists and much material, from the US private sector devoted to supporting the US military, is being copied.
What benefit this has been the Pentagon does not know and cannot or will not say. No one knows. It’s impossible to put a finger on the value of it to China, or precisely what losses this country directly suffers. It is an argument that has no meaning for the majority of Americans, something only the top most cares about.
And that’s because they can only be made to care about things they suspect may make them slightly less wealthy.
In terms of what’s actually happening, for example, China has not made any obvious great leap in generating a carrier battlegroup-centered navy.
On the other hand, we certainly do know that the US private sector, our multi-national corporations, are intimately involved in business relations with China.
Indeed, it is safe to say that the strapped American middle class would have next to nothing if all its household consumer electronics and dry goods of Chinese origin were taken away.
If, for example, Chinese cyberwarriors are stealing Apple’s secrets, what does it matter? Is Apple stopping its majority manufacturing through China?
America’s electric guitar and rock amplifier companies make the majority of their mainstream goods in China. If Chinese cyberwarriors have stolen plans from Fender Musical Instruments or many other American companies, so?
The entire American industry of pop music instrumentation manufacturing, excepting custom shop artisan work, was sent to China to increase profit margins and decrease labor costs.
American business ceded its property to the Chinese industrial base for immediate profit in pursuit of the very cheapest unprotected manpower. This was long before Chinese espionage became an issue the national security megaplex decided to exploit for the purpose of parasitic rent-seeking.
Who are you going to find on the street who cares if Chinese cyberwarriors from a building in Shanghai are into American businesses? They’ve already lost their jobs or much of their earning power. And their access to the Internet is a smartphone made in China.
Take a day off from the memes. Corporate America isn’t hiring, haven’t you heard? It’s not because of mass Chinese cyber-spying.
One last figure, furnished to again put Chinese cyberespionage/cyberwar efforts in perspective, as they relate to the American experience …
You can really tell how Chinese cyberespionage/cyberwar is taking away our futures, right?
National cyberdisaster described in less than 120 words: We’ll lose power, then we’ll drown:
U.S. intelligence agencies traced a recent cyber intrusion into a sensitive infrastructure database to the Chinese government or military cyber warriors, according to U.S. officials.
The compromise of the U.S. Army Corps of Engineers’ National Inventory of Dams (NID) is raising new concerns that China is preparing to conduct a future cyber attack against the national electrical power grid, including the growing percentage of electricity produced by hydroelectric dams …
The database contains sensitive information on vulnerabilities of every major dam in the United States. There are around 8,100 major dams across waterways in the United States.
Since this incident there has been a growing realisation that various elements of a critical national infrastructure are similarly vulnerable. They use similar, if not identical, embedded computer systems as were used at Natanz. The initial thought was one of defending the realm against foreign aggressors. After all, it was an obvious way to cripple a country without firing a physical shot. Why launch missiles if you can switch out the lights and turn off the water. It’s cheaper too. So much so that this form of attack has become a great leveller, allowing small nations to potentially punch well above their weight.
The North Koreans have been blamed for interrupting websites run in South Korea by banks, newspapers and TV companies in “a show and tell” warning about what they are capable of during a conflict, warns Sally Leivesley of Newrisk. The South Koreans have taken the warning seriously, upgrading security at their nuclear plants – including disabling every USB port in every computer at the plants lest they be used to breach defences.
States initially used internet hacking for espionage, or intellectual property thefts, but warns Prof Woodward, they are using it for “aggressive” attacks: “This is the cool war, as some people have put it, not the cold war. Why invest in bombs and bullets when, potentially, in a shooting match you can turn out the lights, turn off the water. Some countries are really punching above their weight. They don’t need a huge nuclear weapons programme.”
Cyber terrorism. Terrorist groups and states will make use of cyber-war tactics, though government will focus on information-gathering than outright destruction. Stealing trade secrets, accessing classified information, infiltrating government systems, disseminating misinformation — traditional intelligence agency ploys — will make up the bulk of cyber-attacks between states.
Virtual statecraft. States will be wistful for the simpler days of foreign and domestic policy. Power in the physical world is no assurance of power in the digital world. This disparity presents opportunities for small states looking to punch above their weight …
Cyberwar allows small nations to punch above weight — brainless new received wisdom.
Usage: North Korea was really punching above its weight when it quietly took its missile off the launch platform this week turned off all the electricity in Los Angeles County with a secret cyberattack.
The difficulty of deterring such [Iranian cyber attacks] was also the focus of a White House meeting this month with Mr. Obama and business leaders, including the chief executives Jamie Dimon of JPMorgan Chase; Brian T. Moynihan of Bank of America; Rex W. Tillerson of Exxon Mobil; Randall L. Stephenson of AT&T and others.
Mr. Obama’s goal was to erode the business community’s intense opposition to federal legislation that would give the government oversight of how companies protect “critical infrastructure,” like banking systems and energy and cellphone networks. That opposition killed a bill last year, prompting Mr. Obama to sign an executive order promoting increased information-sharing with businesses.
“But I think we heard a new tone at this latest meeting,” an Obama aide said later. “Six months of unrelenting attacks have changed some views.”
Unrelenting attacks, in this case, meaning making banking websites occasionally run more slowly.
See the headline. It is truly about budgets: The president’s, ours — as a nation, and mine.
Implied in the wire service headline and text is one of the big lies of our time: The idea that cyberwar, waged by nations or groups, can switch off the United States.
It has grown and metastasized like an untreated cancer, spreading corrosive, deadening myths, frank lies and gross exaggerations. The financial system could be crippled, the power turned off, the water corrupted. Indeed, cyberwar has been packaged as an event, or series of them with destructive power in excess of natural disasters.
What it comes down to is money. There are no statistics on what cyberespionage or cyberwar costs (or could cost) the nation, just claims and wild estimates based on nothing.
By contrast, charts and graphs of hard statistics are published weekly on the horrifying state of the economy for the middle and lower class. They show that among western civilized nations, yawning inequality that dwarfs the rest has grown. They show that foodstamp usage has ballooned to an all time high because the American economy does not produce jobs that pay a living wage. They show that corporate profits have soared but that the great majority of people have seen nothing except shrinkage or, even, total collapse in their worth and fortunes.
Yet today we are saddled with an administration that has actively worked to create the impression that defense against cyberattack is one of the country’s most pressing problems.
And last year, in an attempt to get cybersecurity legislation through congress, it empowered people like the National Security Agency’s Keith Alexander to state that cyberattacks and espionage against the United States were constituting the “greatest transfer of wealth in history.”
It was and is a lie stupefying in its audacity.
All for the sake of toxic legislation and the expansion of money for cybersecurity services from in the national security megaplex.
As the sequestration slowly starts to grind at the sick, the poor, the elderly and the other parts of the middle class, the cyberwar-is-coming campaign is all about realignment of taxpayer dollars for the preservation and expansion of security jobs and services, a transfer of wealth from the bottom and the middle of American society, to the top.
And this is immoral. It is just that simple. Because we’ll never benefit from it. Only the recipients of the contracts do.
I have never argued that the daily securing of the world network is not a significant problem. It is global in size. The job has grown with the times but it continues to be a matter of risk management and amelioration by everyone involved, not an excuse to spread fear and misinformation in the cause of making the cybersecurity arms of America’s defense industries more wealthy.
As a writer, journalist, author and expert on the issues, I’ve been on the beat since 1994. That’s almost twenty years and I’ve grown old doing it.
During the time, serious journalism and writing on the subject — which was always scarce, just withered away and died to be replaced by stenography of whatever is the current official or private sector word on the matter. It went away for the same reason serious journalism has collapsed on just about everything. The net destroyed the model by which journalism supported itself and replaced it with nothing, only the illusion that the same thing could be carried out by websites like grains of sand on the beach, and free labor.
These days I’m interviewed about once ever two weeks, almost like clockwork, for minor comment or background on transiently newsy matters on cybersecurity or some cyberattack.
And in the past ten years of this there have been no big questions addressed, or encompassing stories issued.
What is all this about? What’s the history? Why does this go on?
No one asks and very few, less than the fingers to be counted on one hand, even attempt to talk or write on it. To my knowledge, no one has ever dug into the moral component which is not that hard to understand and briefly describe.
It’s the story of modern America in the last twenty years, corporate capture of government for the sake of extracting as much public money as possible for the coffers at the top.
Another way to refer to it is “rent-seeking” for the corporate and government national security complex.
Rent-seeking behavior is the abandonment of providing a good product or service to customers (or one of even slightly minor social benefit) for the sole pursuit of wealth through private sector/government collusion.
The headline at the top of page is national corporate computer security rent-seeking.
And that is exactly what is happening inside the topic of cyberwar and the alleged peril of digital attack on the national infrastructure.
And this is sold on the back of the corporate and national computer security sales pitch that this is the only way to protect the United States from the potentially disastrous consequences of cyberwar.
I’ll make a prediction. In 1994, I said “electronic Pearl Harbor” wasn’t likely. It was a good one.
In the next five, or even ten years, Pasadena — or all of southern California — will lose electrical service from an earthquake before any cyberwar. And an earthquake in Los Angeles and the surrounding counties will give the federal government a much bigger emergency problem to deal with.
Anyway, to sum up, the idea of cyberwar and cyberespionage cutting down the United States is nonsensical. It’s been inflated into one of the major bullshits of the country of the USA.
I’d like to continue my work and I plan on it. But I need your help. The last year’s been a hard one and that’s my humble plea.
The regime’s next move could be to break into US computer networks to steal information and spread viruses, Jang Se-yul, who defected to the South in 2008, told the Observer. North Korea’s hackers are suspected of being behind recent cyberattacks that paralysed computer networks at several South Korean banks and broadcasters.
“It would demonstrate that North Korea is a strong cyberpower,” Jang said. “Their prime target is the US, and they’ve been preparing for something like this for years, including when I was there in the 1990s. I can’t say how successful they would be, but it’s a possibility.”
The barrage of threats have failed to unnerve people in Seoul …
The House Intelligence Committee is warning that “time is running out” before the next major cyberattack: The Russians, Iranians, Chinese and others are likely already on your computer.
“You have criminal organizations trying to get into your personal computer and steal your personal stuff. And by the way, the Chinese are probably on your computer, the Russians are probably on your personal computer, the Iranians are already there,” House Intelligence Committee chairman Mike Rogers (R.-MI). told Fox News.
The Revolutionary Guard on my computer?! Is it too late to remind everyone that I always thought the Ayatollah Ruhollah Khomeini was the greatest man, ever?
The Pentagon early Monday restored the U.S. Forces-Korea website, following a nearly weeklong outage.
Officials declined to say who or what prompted what they described as “a hardware failure” that crashed www.usfk.mil early last Tuesday morning …
Information security experts questioned why the site remained down for nearly seven days. George Smith, senior fellow with the think tank GlobalSecurity.org, said the length of the disruption could reflect a lack of resources or little consideration for the site, in general. He noted U.S. Forces-Korea’s Facebook page displays a photograph of a waterfall on an island where troops will be vacationing. Also, the command’s Twitter feed is outdated. “They don’t appear to care much about social media messaging. Maybe they don’t care about their website, either, really,” Smith said.
On the other hand, the Pentagon could have been taking time to investigate what went wrong, he said. “The last possibility is [a North Korean] cyberattack, which would be unsurprising, all things considered, but still childish,” Smith said.