For about a year I’ve been saying the US has touched off cyberwar on the Internet. When it deployed Stuxnet into the Iranian nuclear program and continued to write and deploy malware for that purpose it ignited a clandestine battle.
Stuxnet could not be restricted or contained, as has always been the case with computer viruses. And that secret war has spread and resulted in retaliations.
It set up a growing black market for the hoarding and misuse of security vulnerability information by national cyberwar programs. And it triggered a digital arms and acquisition race among nations with the resources to dig deeply into the mechanics of cyberwar.
The US demonstrated it had an active and busy offensive cyberwar program and that it was expanding its size and capabilities. This has gradually come out in thinly veiled government and military position papers, security contractor news and hiring trends and in speeches delivered by US military men.
In effect, the US has made cyberwar a growing national security business, one that is global, one that a lot of big arms manufacturing and defense service corporations want in on. And there’s no putting the stops to it now. It will continue to roll, gaining momentum as more and more money is spent. More simply, there’s a lot of moolah to be had in screwing with people and other countries through digital arms. Organized crime has proven very little can be truly made secure and now professionally staffed and trained corporate military and intelligence agencies have great incentive to increase their action and leverage.
America has efficiently put itself in a terrible position to complain about the bad doings of others. We have always reserved the right to overdo stuff and this has backfired. Again. It’s a national trait.
Cynically, this may have been impossible to avoid. Having looked in on matters of national security for two decades, the corporate arms and government/military interests, purely on a profit-seeking basis, grew way too large and powerful for it to be otherwise. Lacking any oversight or serious attempt to rein things in, and there were none, the umbilically connected national security powers, mega-businesses and policy-makers were always going to go ahead with lobbying for and building a structure that was for cyberwar.
However, by ingenuously continuing to deliver the script that other bad actors, China, Iran, North Korea, etc., were behind much of the alleged badness on world networks, we set the stage for ruining our reputation.
These countries were at it, probing American business, infrastructure and military sites, putting in place mechanisms and practicing techniques that would allow them to strike in America at later notice. The mainstream media was complicit in delivering this baleful warning without daring to look in the mirror or inspect the other side of the coin.
And up until the Snowden affair, all you could read was the government and national security industry line, that digital Pearl Harbor was coming to the United States, courtesy of many bad guys aimed at … the financial system, the power, the water and on and on.
There was literally no end to it.
This was easily recognized at GlobalSecurity.Org and the other one or two respectable mainstream outlets I normally correspond with.
NSA director Keith Alexander, in the same speech last year where he claimed Chinese cyber-spying was bringing out the “greatest transfer of wealth in history,” added he was trying to ready the nation so that he would not have to go to Congress and explain things the day after a catastrophe.
Well, today General Alexander was in front of Congress, again after last week, for explaining things. But it wasn’t because this country had been subjected to “electronic Pearl Harbor.”
It needs repeating: The reveals by Edward Snowden have derailed Alexander’s (and the government’s) complicated script on digital doom and the accompanying mythology, delivering fundaments and information easier to grasp. The news is not as nebulous, the narrative more compelling.
As the owner of the most powerful military in world history, the US has been consequently also engaged in building the largest cyberwar machine.
From Schneier, at CNN (no link):
Today, the United States is conducting offensive cyberwar actions around the world.
More than passively eavesdropping, we’re penetrating and damaging foreign networks for both espionage and to ready them for attack. We’re creating custom-designed Internet weapons, pre-targeted and ready to be “fired” against some piece of another country’s electronic infrastructure on a moment’s notice.
This is much worse than what we’re accusing China of doing to us. We’re pursuing policies that are both expensive and destabilizing and aren’t making the Internet any safer.
This is what we have. And Xerocrypt blog encapsulates it in a way anyone can understand. It’s the abrogation of interest in checks and balances, or the taking of any responsibility in maintaining them.
Given the number of employees at the NSA with far more integrity, ethics and intelligence than our politicians, and there’s at least 100,000 people in the United States with Top Secret clearance, it was simply unrealistic to expect this level of surveillance against the American people could be kept a secret indefinitely, just as it’s unrealistic to expect them to safeguard the US without some means of intercepting communications. From what I’ve seen trawling the blogs, the INFOSEC community appears to be in general agreement with the actions of Edward Snowden. A surveillance state, like the one we’ve been drifting towards for the last decade, ultimately does more to undermine a nation’s security and facilitate organised crime. Last week’s events provided just one example of why.
Much of this was our own fault, in not taking an interest in all the privacy-invading laws that were being passed over the years, in handing over so much of our personal information to the major Internet giants when common sense told us it was being turned over to God knows who, in brushing away legitimate worries with the tired and long disproven ‘nothing to hide, nothing to fear’ statement.
Something I wrote for Federal Computer Week awhile back, on the leaking mindset, those like Edward Snowden, not like those on the government contract who spread chumpbait.
Back in the early 1990s, I edited an electronic newsletter that dealt with the culture of amateur virus writers — hackers who wrote mobile malware. Julian Assange was a subscriber. This is only to illustrate Assange’s bona fides as someone from the original world computer underground, a place where one of the driving philosophies was to reveal the secrets of institutional power.
Once confined to what was considered a computer geek fringe, that ideology is now entrenched. It’s no longer an outsider mindset, and it hasn’t been for a long time. Now it’s inside, with its originators entering middle age. And younger adherents of the philosophy are coming along all the time.
They’re everywhere — employed by government, the military and corporate America. And because we have come to the point that the United States is considered by some to be a bad global actor — whether you share that point of view or not — the government is faced with a problem it cannot solve. Its exposure is thought by many to be deserved.
In this new reality, as in nature, a vacuum is abhorred. The mainstream media no longer fulfills the role of speaking truth to power. It opened the door for Assange and WikiLeaks …
“But the good news [for the federal government and its contractors] is that, although you can’t eliminate the Bradley Mannings, they won’t be common,” I wrote.
And they are not. In fact, I’ve been surprised — even dismayed — at how so many of Edward Snowden’s colleagues remain silent in view of what they must see as things Americans ought to know about.
In 2013 America, money — a good job — does buy a lot of silence. Ours is not a culture of bold iconoclasts ready to make life-changing sacrifices. This makes Edward Snowden legitimately remarkable.
The Edward Snowden affair has done many things. One of the most signal is its (at least momentary) destruction of the US government/national security megaplex’s campaign of cyberwar shoeshine.
In the weeks preceeding the emergence of Edward Snowden’s information on cyber-spying in the US government had conducted a carefully staged p.r. operation to paint China as the primary sinner in cyberspace — a country that was not playing fair, one mercilessly targeting our networks and “intellectual property” in the cyber equivalent of a clandestine war.
This was said, most notoriously by NSA director Keith Alexander, to constitute “the greatest transfer of wealth in history.” The economic future of the United States was imperiled by Chinese espionage.
The Snowden affair has silenced Alexander on this matter. If only for the time being. And the crisis has forced him to explain, very poorly, what US cyber-spying and cyberwar operations are really up to.
That’s easy to summarize. It was so before Edward Snowden spilled the beans to the Guardian.
The US has been quietly building the biggest cyberwar machine in history.
This should not be a surprise. It’s been fairly obvious to people on the outside who follow the matter, even looking at the black box.
The US outspends every other nation, in every facet, of military development and deployment.
Why should cyber-operations be any different?
The hypocrisy on the subject, practiced by the majority of the US mainstream media is overwhelming.
A couple months back, while running the fund-raising pitch for DD blog, I noted the mainstream media had simply gone absent. It stopped serious reporting on many national security issues and almost completely took up the government line that many enemies were preparing to cut the country down through remote manipulation.
The United States was being surveyed and probed, its networks penetrated in advance of a time when the financial system would be attacked, nationwide power blackouts caused, the water poisoned, almost all facets of modern life disrupted.
And the media accepted all of it, passing on what’s called the “chumpbait” unhindered, no skepticism allowed. Critical response, I remarked — half jokingly, had been banished to, at best, 140-character tweets on Twitter.
The week leading up Snowden’s expose delivered a perfect example of US cyberwar chumpbait.
The Washington Post had been leaked a “confidential” portion of a Pentagon report on China. The “confidential” part was said to reveal massive Chinese infiltration of US networks and the making off with unspecified details on expensive and very important US weapons systems.
If you’ve been following along it’s no secret the US government and the national security industry have been waging an increasingly concerted campaign to increase cyber-defense spending. The linchpin of the strategy is the relentless argument that Chinese hackers, under the guidance of its government and military, are into all American corporate business, military networks and the nation’s infrastructure. Because of this catastrophe looms.
Another ploy in this orchestrated theatrical production arrived today in the guise of the Defense Science Board report, Resilient Military Systems and the Advanced Cyber Threat …
However, it is not the same report the Washington Post’s Ellen Nakashima publicized in a big story on alleged deep Chinese cyberespionage directed against the US military and its arms manufacturers.
“Designs for many of the nation’s most sensitive advanced weapons systems have been compromised by Chinese hackers, according to a report prepared for the Pentagon and to officials from government and the defense industry,??? writes Nakashima for the Post.
The public version of the DSB report contains only three instances of the word “China??? and only one of “Chinese.??? “Espionage??? appears only four times in report’s 146 .pdf pages.
What does this mean?
It means one of the Defense Science Board’s members or minions — which can be any number of a pool of representatives from arms manufacturers like Boeing and Northrop Grumman, to consultants to these same businesses or small national security “think tanks??? or lawyers in legal firms providing consultation on cybersecurity issues under contract to the Department of Defense — leaked the real report, the “confidential??? part, to the Washington Post.
These are never selfless acts to get word out about an emerging national threat. That’s not how things work.
What it is is another report, among an increasing number, aimed at growing the national security industry’s cyberwar and cyber-defense programs, in which many of the Defense Science Board’s members are employed.
The secret report, the one the Washington Post tells us about, is to redirect attention toward a new threat. It is part of a national argument that generally lumps all cyber-crime , cyber-spying and claimed cyberwar into one big threat aimed at the United States, over everyone else.
Leaks aimed at fostering government and industry agendas on national security are always applauded. They’re perfectly acceptable shoeshine for national security aims.
On the other hand, Edward Snowden-style leaking, material that shows what the national security complex is really doing, stuff that immediately starts up an acrimonious global stink is abhorrent, even treasonous.
China made its first substantive comments on Monday to reports of U.S. surveillance of the Internet, demanding that Washington explain its monitoring programs to the international community.
Several nations, including U.S. allies, have reacted angrily to revelations by an ex-CIA employee over a week ago that U.S. authorities had tapped the servers of internet companies for personal data.
“We believe the United States should pay attention to the international community’s concerns and demands and give the international community the necessary explanation,” Chinese Foreign Ministry spokeswoman Hua Chunying said at a daily briefing.
The Chinese government has previously not commented directly on the case, simply repeating the government’s standard line that China is one of the world’s biggest victims of hacking attacks.
A senior source with ties to the Communist Party leadership said Beijing was reluctant to jeopardize recently improved ties with Washington …
Snowden told the South China Morning Post, Hong Kong’s main English language newspaper, last week that Americans had spied extensively on targets in China and Hong Kong.
He said these included the Chinese University of Hong Kong, the site of an exchange which handles nearly all the city’s domestic web traffic. Other alleged targets included government officials, businesses and students.
At the briefing, Hua rejected a suggestion that Snowden was a spy for China. [This claim has been delivered by Dick Cheney, among others.]
“This is sheer nonsense,” she said, without elaborating.
Just ended at the Guardian, an on-line interview with Edward Snowden. Snowden gave answers showing completeness and sophistication.
The last question he answered was germane to an alleged “free press” operating in a country that isn’t really a true democracy anymore:
So far are things going the way you thought they would regarding a public debate? – tikkamasala
[Snowden]:
Initially I was very encouraged. Unfortunately, the mainstream media now seems far more interested in what I said when I was 17 or what my girlfriend looks like rather than, say, the largest program of suspicionless surveillance in human history.
No, it’s not a video game or a bad zombie movie; it’s a simulated cyber attack to prepare banks, brokerages and exchanges for what has become an ever-bigger risk to their earnings and operations.
Organized by the trade group SIFMA, Quantum Dawn 2 will take place on June 28 – a summer Friday that, with any luck, will be a relatively quiet day in the real markets.The drill involves not just big Wall Street firms like Citigroup and Bank of America, but the Department of Homeland Security, the Treasury Department, the Federal Reserve, the Securities and Exchange Commission, according to SIFMA officials.
The drill, run by an ex-Marine who went to work for Goldman Sachs, aims to simulate attacks on the “equity markets.”
Failure of which, everyone knows, would bring the US to a screeching halt.
Naturally, it’s also a way to raise money on a service of no social good to anyone except the people collecting the price of the tickets.
“About 40 firms will participate in the operation, having paid fees of $1,000, $5,000 or $10,000 depending on the size of their revenue … Each firm must send three executives: one from business continuity, one from information security, another from operations whose job is to keep trading, settlement and clearance running during market crises,” informs Reuters.
“A firm called Cyber Strategies, which works with the Department of Homeland Security on cyber threats, will receive the fees for overseeing the exercise.”
Here you have it, folks. The ultimate in cyberwar shoeshine, the servant class of the one percent, in collaboration with the Department of Homeland Security, for an inside circle jerk that asks you to swallow the idea that the most important thing now is protecting “equity markets” on Wall Street. From the hordes of cyber-enemies who have figured out all that’s needed to kneecap America is to cause “unusual slowness, in trading, or [have] viruses trying to invade the systems.”
“The [market players] will also have to call one another to figure out what’s going on.”
On the other side of the coin, the majority of Americans would still like protection from Wall Street.
“I don’t like you. Fat. Wealthy. Think you understand pain.” — Rorschach, Watchmen.
“The U.S. always reserves the right to overdo things. That’s the legacy of the last 10 years,” [George Smith] said. “And to the world at large, it’s viewed as a nation that sees every potential problem as a nail to be hit with the hammer of the military and/or security contractors.”
So could Smith think of any possible cyberattack that would warrant military response? Blacking out the entire Eastern Seaboard? Opening the floodgates on the Hoover Dam?
“I’m not really in the business of making predictions, particularly here. Too many variables, and the intelligence on such matters is always fuzzy,” Smith replied. “I’m going with a conservative ‘no.'”
There’s no putting the US’s cyberwar toothpaste back in the tube.
Keep calm and breathe from a paper bag, national security shoeshiners, this will be over by August and you’ll be able to go back to dictation to the newspapers on all the awful things China and Iran are up to.
Between Ricin Mom and the Snowden affair, an embarrassment of riches. Too amusing to pass up.
After serving as conduits for the US government’s push tarring Chinese cyber-spying as a serious threat to the nation, as well as being unsporting, our free press is hip to let us all know what “state run” Chinese media has to say.
From the Los Angeles Times, where the reporters don’t know shit from shinola on the topics of cybersecurity, cyberwar and cyber-espionage (no backlink, tar-baby scripting and infinite load):
After days of silence, state media have let loose with a barrage of criticism concerning Snowden’s allegations of a massive electronic surveillance program by the United States. The English-language China Daily ran a large cartoon of a shadowed Statue of Liberty, holding a tape recorder and microphone instead of a tablet and torch …
In Hong Kong, the pro-Communist Party Takungpao newspaper added: “If the U.S. is the true defender of democracy, human rights and freedom like it always described itself … President Obama should sincerely apologize to the people from other countries whose privacy was violated.’’
Of course, the criticism is irresistible, the opportunity too rich to pass up. For months now, the U.S. government has demanded that the Chinese government rein in an extensive military-sponsored hacking operation. During last weekend’s summit between Obama and Chinese President Xi Jinping, cybersecurity was the main item on the U.S. agenda.
Snowden, the 29-year-old former U.S. government contractor who says he leaked National Security Agency secrets and is now in hiding in Hong Kong, alleged in an interview published early Thursday in the South China Morning Post that there had been more than 61,000 NSA hacking operations internationally, hundreds of them directed against China and Hong Kong.
“Chinese dissidents say they fear that the scandal will weaken the United States’ ability to take the high ground in pushing for more freedoms from Beijing,” adds the reporter.
“It is unfair to compare what the U.S. does to China … The U.S. program is trying to prevent certain terrorist activities, while China is listening in to monitor what dissidents are saying and writing. People get thrown into jail here just for an email,’’ one dissident told the reporter.
And people get thrown in jail for lots of things in the US. That ain’t much of a counter-argument anymore.
But we have freedom to shop and say whatever we like on Facebook and Twitter.
Bet on it, this will be just a faint memory by August. Especially after we’re told about all the terrorists we were saved from, Monday.
Edward Snowden said he was releasing the information to demonstrate “the hypocrisy of the US government when it claims that it does not target civilian infrastructure, unlike its adversaries”.
Jen Psaki, a spokeswoman for the State Department in Washington, said it was not aware of the hacking claims and could not comment directly, but she rejected the idea that such an incident would represent double standards given recent US criticism of Chinese cyber attacks.
You would hate to be the officials having to respond to queries on US double-standards re the rules of proper cyberwar and cyber-spying. But it comes with the job now and they are all well compensated.
The US acts as if it is the exceptional nation in cyberspace. It reserves the right to criticize and lecture others on what constitutes proper conduct but reserves the right to do what it pleases because of its allegedly exceptional nature.
The US, you see, only wages cyberwar, or cyber-espionage, campaigns in defense of freedom and to keep Americans safe. No other nations do similar things. They only cyber-spy on us and probe the net infrastructure to cause damage and steal our wealth.
The country has been in a terrible position to talk terms in cyberspace ever since it started up a hot clandestine war on the Iranian nuclear program and subsequent related malware spilled over into other nations.
