I’d noticed WhoisMcAfee over the weekend and decided to ignore it. However, media fascination with the life of the avuncular perv ex-king of anti-virus, John McAfee will thrust it in everyone’s face.
Many have commented here about me being used by women, or controlled by women, or the reverse – I am taking advantage of gullible, naive women. Many have commented that these women were only with me because of my money – a fact that I have to agree with. I am wealthy and living in a country of extreme poverty. Parents here “promote??? attractive daughters to men with money constantly. It helps the families through “trickle down???.
Sam, and others, can verify if they choose, that I am not foolish enough to believe that many young women could love a 67 year man. Being loved does not interest me much. Loving does. I truly love, not with a desire to possess or control, but with compassion and empathy. I care immensely, about many people. What they may or may not feel for me is their own issue.
Up front, before Sam and I became intimate, I explained to Sam that I did not expect her to love me. I only expected honesty to the degree that she could muster it. She tells me many times a day that she loves me and I smile. I take is a sweet gesture, since it is spoken with sweetness. I do not believe that anyone can ever know another’s heart.
McAfee’s comment policy, which seems wise, all things considered:
We are posting nearly everything. Comments like “please kill yourself??? and “how long have you been shagging that whore??? are sent immediately to the trash. Questions that have been asked, and answered, dozens of times likewise go to the trash. All spam goes to the trash. Everything else is posted.
I think that’s enough. Proceed at risk of your own brain damage.
I suspect my Ernest Hemingway/Hunter Thompson allusion on Sunday was correct. Add a little Peter Matthiessen crazy, too, I think.
Matthiessen is most famous for Far Tortuga, a novel of a group of sailors turtle fishing in the Caribbean. Many years ago I interviewed him briefly. He was a bit tight, which seemed a not uncommon condition.
McAfee cannot write like any of these men. But the idea that he would, maybe, like to be taken as such and sell his story as a graphic novel of intrigue, life on the run, drugs and an abundance of impoverished but libertine young poon in the Third World, is crystal clear.
Look at the artist’s portrait. Am I wrong?
Read to the foot of the blog and you will note McAfee’s aggravation at Gizmodo which he accuses of stealing his on-line diary and publishing it.
“I emailed Joel [Gizmodo reporter] and asked whether moral imperative shouldn’t dictate that he send the money he received from Gizmodo to me,” McAfee writes plaintively. “After all, it was my effort, my photos, my time, my words. Shouldn’t I get the money? He did not respond.”
John McAfee had always been good with the press. In 1992 it was that facility that catapulted the McAfee name in anti-virus into daily newspapers on the back of the Michelangelo scare.
I wrote about it for the American Journalism Review (later incorporated into the Virus Creation Labs).
Weeks after M-Day, many antiviral software vendors and some reporters still insist the coverage prevented thousands of computer users from losing data. John Schneidawind of USA Today says “everyone’s PC would have crashed” had the media not paid much attention to Michelangelo. The San Jose Mercury News credited the publicity with saving the day. One widely quoted antiviral vendor, John McAfee of McAfee Associates, says the press deserves a medal …
One vendor who played a key role was McAfee, one of the nation’s leading antiviral software manufacturers and founder and chairman of the nonprofit Computer Virus Industry Association (CVIA). It was McAfee who told many reporters that as many as 5 million computers were at risk. He says he made the projection based on a study that found the virus had infected 15 percent of computers at 600 sites. Both Reuters and the Associated Press sent the figure around the world.
McAfee says he didn’t present it the way it was reported. “I told reporters all along that estimates ranged from 50,000 to 5 million,” he says. “I said, ‘50,000 to 5 million, take your pick,’ and they did.”
While many articles failed to disclose or merely mentioned in passing the fact that McAfee’s antiviral software company has sold more than 7 million copies of its Viruscan and expects revenues of more than $20 million this year, McAfee scoffs at the idea that he or other vendors hyped the threat to generate sales. “I never contacted a single reporter, I never sent out a press release, I never wrote any articles,” he says. “I was just sitting here doing my job and people started calling.” He maintains that the coverage of Michelangelo cost him money. “It was the worst thing conceivable for our business, short-term,” he says. “We offer share-ware [where users are trusted to pay], so we got tons of calls” from non-paying customers.
“Before the media starts to crucify the antivirus community,” he continues, “they should look in the mirror and see how much [of the coverage] came from their desire to make it a good story.” But he adds quickly, “Not that I’m a press-basher.”
Schneidawind’s and AP’s efforts after March 6 to track Michelangelo found only a few thousand afflicted computers worldwide, including 2,400 erroneously reported to be at the New Jersey Institute of Technology. The institute actually had only 400 computers infected with any virus; few had Michelangelo. A Philadephia Inquirer reporter got it wrong, says institute spokesman Paul Hassen, and it spread like wildfire. “That was the first time I’ve been that close to a feeding frenzy,” he says. Perhaps the most embarrassed news organization was CNN, which on March 6 staked out McAfee’s offices in Santa Clara, California, waiting for a doomsday that never came.
Soon after the clock struck midnight on March 6, many reporters seemed to suspect they’d been had. The Los Angeles Times, which had quoted McAfee’s 5 million figure on March 4, carried a Reuter story three days later that reported the “Black Death” had turned out to be more “a common cold.” AP downgraded its “mugger hiding in the closet” to a mere “electronic prank.”
AP Deputy Business Editor Rick Gladstone says the wire service quickly downplayed the story after its initial reports and included comments from the ICSA’s Rutstein, who said the threat from the virus had been exaggerated. “Our big oversight was to quote McAfee’s 5 million figure in the beginning of the coverage, but we backed off that,” Gladstone says, adding that his staff “felt somewhat vindicated” when relatively few computers were affected on March 6. “Some of us in the press were suckered,” he says.
Later, USA Today’s reporter admitted to me that John McAfee had always been helpful in talking with the press on computer virus issues. Because of that there was a feeling, the reporter said, that “we” owed him.
Who the editorial “we” meant was not precisely defined.
John McAfee was genuinely facile with the media. However, that was on the business of computer viruses. It is not at all clear that splashing a story of “love,” suspected murder, an as yet undetermined amount of prevarication, eccentricities and perversion in the Internet media will turn out favorably.
McAfee’s attitude has also undergone something of a metamorphosis.
The world press certainly has not helped. Autonomous and self-serving, the press does what it does best – sensationalize. And my character and the recent events of my life have been sensationalized to the max.
Times have changed. These things often turn out badly.
Anyway, McAfee’s anti-virus success was dictated, not on the technical merits of SCAN, but on the peg that shareware provided an in at corporate America. SCAN just had to be ubiquitous, easy to use for the standards of the time, and mostly reliable.
The home users who were anti-virus utility early adopters often worked in budding IT departments. When management inevitably realized they had people using SCAN, they figured they’d better start paying for it in site licensing and contracted support.
And McAfee’s competition in the American marketplace was not particularly strong.
Primarily, there was the Norton Anti-virus from Symantec and Central Point Anti-virus of Central Point Software. The latter came to be recognized as one of the worst anti-virus programs, ever. It wound up licensed to Microsoft which peddled a bowdler-ized version of it, now infamously known as the Microsoft Anti-virus, for old DOS and Windows PCs. Central Point eventually went out of business.
So by the late Nineties the two players with unbreakable positions in anti-virus in the US were McAfee and Symantec/Norton.
Of course, there were many other very good shareware anti-virus programs. Almost all went out of business or were bought and killed by competitors.
Over the last several years, Mr. McAfee began to put a large chunk of his [anti-virus] fortune into real estate, often in remote locations. He bought the house in New Mexico as a playground for himself and fellow aerotrekkers, people who fly unlicensed, open-cockpit planes. On a 157-acre spread, he built a general store, a 35-seat movie theater and a cafe, and he bought vintage cars for his visitors to use.
He continued to invest in financial markets, sometimes borrowing money to increase the potential returns. He typically chose his investments based on suggestions from his financial advisers. One of their recommendations was to put millions of dollars into bonds tied to Lehman Brothers.
For a while, Mr. McAfee’s good run, like that of many of the American wealthy, seemed to continue. In the wake of the dot-com crash, stocks started rising again, while house prices just continued to rise. Outside’s Go magazine and National Geographic Adventure ran articles on his New Mexico property, leading to him to believe that “this was the hottest property on the planet,??? he said.
But then things began to change.
In 2007, Mr. McAfee sold a 10,000-square-foot home in Colorado with a view of Pike’s Peak. He had spent $25 million to buy the property and build the house. He received $5.7 million for it. When Lehman collapsed last fall, its bonds became virtually worthless. Mr. McAfee’s stock investments cost him millions more.
One day, he realized, as he said, “Whoa, my cash is gone.???
His remaining net worth of about $4 million makes him vastly wealthier than most Americans, of course. But he has nonetheless found himself needing cash and desperately trying to reduce his monthly expenses.
From everywhere, allegedly John McAfee, on the drug called “bath salts”, sometime about a year ago on-line:
I think it’s the finest drug ever conceived, not just for the indescribable hypersexuality, but also for the smooth euphoria and mild comedown.
The story, in pictures, of a man in the vice of a raging sulphate addiction, apparently. Belize, where a number of white, wealthy American men go for native nubiles, do drugs, and die.
McAfee, being 67, is old and delusional enough to be influenced by both Ernest Hemingway and Hunter Thompson.
The rich aren’t like you and me. But the story of John McAfee certainly takes the cake.
If you wrote about computer viruses and the anti-virus software industry in the late Eighties and early Nineties, you dealt with John McAfee, the founder of McAfee Associates.
To the many people who crossed his path on a tropical island in Belize, it was apparent John McAfee’s life had taken some bizarre turns in the last few years.
The anti-virus software guru, who started McAfee Associates in 1989, has been in hiding since police said they wanted to question him about the weekend murder of his neighbor, fellow American Gregory Faull, with whom McAfee had quarreled.
Despite his disappearance, McAfee, 67, has remained in contact with the media, providing a stream of colorful bulletins over his predicament, state of mind and his claim that Belize’s authorities want to kill him.
Residents of the Caribbean island of Ambergris Caye and others who know him paint the picture of an eccentric, impulsive man who gave up a career as a successful entrepreneur in the United States for a life of semi-seclusion in the former pirate haven of Belize, surrounded by bodyguards and young women.
The anti-virus industry was started by individuals you might gently call “idiosyncratic,” like McAfee.
The publisher of Virus Creation Labs, my book on that world, also fled to Belize over a decade ago.
Gen. Michael Hayden, principal at security consultancy The Chertoff Group, was director of the National Security Agency, and then the CIA, during the years leading up to the event. “I have to be careful about this,” he says, “but in a time of peace, someone deployed a cyberweapon to destroy what another nation would describe as its critical infrastructure.” In taking this step, the perpetrator not only demonstrated that control systems are vulnerable, but also legitimized this kind of activity by a nation-state, he says.
The [Stuxnet] attack rattled the industry.
What’s amusing is Hayden’s tying himself into a knot trying to avoid saying that his unnameable example, Stuxnet, was written by US virus labs. And in so doing tacitly recognizing the country is in a poor position to argue the perfidy and danger of cyberattacks on our infrastructure by others — like, say, Iran.
In other words, Hayden is perfectly aware of the details and that we started the war.
“For example, if the DOD is planning a cyberattack abroad against a type of critical infrastructure that’s also used in the U.S., should information on the weakness being exploited be shared with U.S. companies so they can defend against counterattacks?” reads the article.
Haw. That’s one way of theorizing on the issue.
The piece, at CIO magazine, also illustrates of phenomenon of government defenders against cyberwar who immediately go into the private sector to lobby for more cyberdefense spending.
While it may not be the case that everyone is out to immediately engorge themselves on taxpayer-funded contracts for national cyberdefense, the general appearance is now of a standard and straightforward influence-peddling avarice.
Hayden, for example, is played as part of the ubiquitous Chertoff Group (Yes, that Chertoff.)
Also standard — the compilation of enemies lists, made up of foreign groups generally much smaller, weaker, and poorer.
The Somali pirates, Michael Hayden would have you believe, will be able to threaten the US from cyberspace, along with many, many others. It is a story with no resonance in the middle class, meant only to help keep the computer security industry at full employment:
“Over the next five years, low-level actors will get more sophisticated and the Internet [will expand] into areas of the Third World where the rule of law is weaker,” says Gen. Michael Hayden, principal at security consultancy The Chertoff Group. “The part of the world responsible for criminal groups such as the Somali pirates is going to get wired.”
The rule-of-law, eh? Which naturally and rightfully is abridged when we find it convenient and necessary to attack someone else.
There’s no more rule-of-law in our cyberwarriors than there is in a stewed prune.
From Jiefangjun Bao Online, the English website edition of the Central Military Commission of the People’s Liberation Army of China:
16,400 New Entries Added To Military Encyclopedia of China
The compilation of the second version of the Military Encyclopedia of China is drawing to an end with as many as 16,400 new entries added compared to the first version a decade ago, the reporters learnt from the Academy of Military Sciences (AMS) on November 1, 2012. The large number of hot words reflects the leap forward that the Chinese People’s Liberation Army (PLA) has made in its transformation construction.
“Adding such a lot of new entries in only ten years is rarely seen in dictionary compilation,” said Feng Dinghan, head of the Military Encyclopedia Institute of the AMS. “This demonstrates the great strength and fast pace of the transformation construction of the PLA,” he added.
The newly-added entries such as “Military Information Technology”, “Information Grid Technology”, “Satellite Network Technology”, “Accurate Guidance Technology” and “Cloud Computing” in the fascicule on military technology categories are eye-catching. These intensively-added new entries mark the breakthrough and leap forward achieved in various fields of Chinese military technology in the past decade,” said Sun Xiaowen, editor of the fascicule on military technology categories.
“If the new words in the 16,400 entries reflect the speed of the transformation construction of the PLA, while the hot words we are familiar with can be said to reflect the wide range and depth of the transformation.” Feng Dinghan cited several examples, “The frequent appearance of key words such as “joint”, “integration”, “information”, “network” and “combat power generation mode” in the second version of the Military Encyclopedia of China clearly records the footfalls of the PLA during its striding ahead with the transformation progress.
Clearly recording the footfalls during the striding ahead.
“Differences in degree of sophistication are probably not particularly important at this stage,” George Smith, a senior fellow with the Alexandria, Va.-based defense-policy research organization GlobalSecurity.org, told SecurityNewsDaily. “[Gauss] looks like it’s fitting into the historical pattern. Just because the malware writers are working for a country doesn’t make them different than their older brethren …
“Maybe it’s a criminal tool,” Smith said. “However, the national arguments about cyberwar have always talked about opposing nations hitting banking and financial systems. So it is not really a surprise they would be making things to do the same.”
Hey, they read the western papers in Iran. And they know, or at least feel very strongly, they’ve been attacked by the US.
It raised suspicions that the Aramco hacking was retaliation. The United States fired one of the first shots in the computer war and has long maintained the upper hand. The New York Times reported in June that the United States, together with Israel, was responsible for Stuxnet, the computer virus used to destroy centrifuges in an Iranian nuclear facility in 2010 …
American intelligence officials blame Iran for a similar, subsequent attack on RasGas, the Qatari natural gas giant, two weeks after the Aramco attack. They also believe Iran engineered computer attacks that intermittently took America’s largest banks offline in September, and last week disrupted the online banking Web sites of Capital One and BB&T …
The finger-pointing demonstrates the growing concern in the United States among government officials and private industry that other countries have the technology and skill to initiate attacks. “The Iranians were faster in developing an attack capability and bolder in using it than we had expected,??? said James A. Lewis, a former diplomat and cybersecurity expert at the Center for Strategic and International Studies. “Both sides are going through a dance to figure out how much they want to turn this into a fight.???
Pot. Kettle. Black. To reiterate, the US finds itself plagued by a number of fundamental hypocrisies.
First, for about fifteen years it has regularly warned, in the direst terms, of the consequences of potential cyberattacks on the various networks of computers in the homeland infrastructure.
But now it is well known that it was the United States that clandestinely surprise attacked the nuclear program infrastructure of Iran with malware in furtherance of national security aims. A preemptive not-so-secret secret war was launched and we fired the first shots. And, presumably, continue the bombardment.
Another hypocrisy is when one tasks a top official water-bearer like Leon Panetta to parrot the line that the US is at risk of potential Iranian counter-strokes, which could appear to quite a few to be tit-for-tat. We poked them with various sticks and now someone is trying to poke us, and toadies, back.
And I’ve been pointing it out since before the two designated national security celebrities consulted by the New York Times.
This is not surprising. Feigning alarm or dismay is the rankest mendacity. Or as Loki said in The Avengers: “This is a child’s prayer, pathetic.”
“[Iran] came to the game late. In cyberspace, it’s basically an arms race, so people are going to be spurred by what they perceive other people to be doing.???
I just got off the telephone with the BBC. And this was because, overnight, the news media had renewed its interest in the ongoing denial of service nuisance attacks against major banks in the US.
Ally Financial on Thursday became the latest U.S. financial institution to face cyber attacks that may stem from hackers in Iran …
Regional bank BB&T and credit card issuer Capital One confirmed disruptions earlier this week. A spokeswoman for Ally, the former auto lending arm of General Motors, said the bank was investigating the “unusual traffic” on its website.
Sources have previously told Reuters and NBC News that the attacks could be part of a year-long cyber campaign waged by Iranian hackers against major U.S. financial institutions and other corporate entities.
The number of cyber attacks on U.S. banks is rising …
Larry Castro, a managing director of The Chertoff Group (yes, that Chertoff), tells The Daily Ticker, that there’s been no breach of customer personal data or financial information as a result of these attacks, according to bank reports. Castro, who spent 44 years at the National Security Agency, says these “denial of service” attacks are “a significant nuisance” but not as serious as a loss of actual personal data.
Earlier this month Defense Secretary Leon Panetta warned about a possible “cyber-Pearl Harbor,” saying it could potentially wreak havoc on the nation’s financial system, power grid, transportation system and government.
It’s always worth repeating that, as a nation, the US has put itself in a situation where it’s in no position to complain about cyberattacks from Iran. And that is because we have been attacking Iran and other Middle Eastern nations with malware produced by a state-run virus-writing lab (or labs).
However, the current round of news has been a convenience — in terms of publicity — for both sides. Those launching the attacks get the gratification of seeing stories which tend to exaggerate their impact in the mainstream press. And US government officials, anonymous and publicly, get to use them in scare statements meant to grab attention.
As near as I can figure, it’s a threat because because people say it’s a threat and because they don’t like President Ineedashaveabad’s manners.
____________________
*Loopy theories about “cyberterrorism??? are not admitted as legitimate arguments. They are part of the “full employment for security consultants??? movement and aren’t taken seriously by persons who know how computers and networks actually work.
The persistent meme from the Cult of Cyberwar is that nothing of the infrastructure is safe. Especially the financial system.
Earlier in the year, the National Security Agency’s Keith Alexander tried to get people to believe that cyberattacks on the US have constituted “the greatest transfer of wealth in history.”
The amount of damage being inflicted on countries around the world by bad economic policy is astounding. As a result of unemployment or underemployment, millions of people are seeing their lives ruined. The current policies have led to trillions of dollars of lost output. From an economic standpoint this loss is every bit as devastating as if a building had been destroyed by tanks or bombs. And people have lost their lives, due to inadequate health care, food and shelter, or as a result of the depression associated with their grim economic fate.
If an enemy had inflicted this much damage on the United States, the countries of the European Union, or the countries elsewhere in the world that have been caught up in this downturn, millions of people would be lining up to enlist in the military, anxious to avenge this outrage. But, there is no external enemy to blame. The villains are the economists, still mostly men, in business suits …
the United States is also losing close to $1 trillion in output each year, with close to 23 million unemployed, underemployed or out of the workforce altogether because of poor job prospects.
The economists in policy positions are doing their best to convince the public that the economic catastrophe that they are living through is a natural disaster that is beyond human control. But that is what Vice President Biden would call “malarkey.??? This is a disaster that is 100 percent human caused and is being perpetuated by bad policy.
The original collapse was the result of central bankers who were at best asleep at the wheel, or at worst complicit in the financial sectors’ wheeling and dealing, ignoring the risks that massive housing bubbles obviously posed to the economy. However the response to the downturn has made a bad situation far worse than necessary.
Read the entire piece. It makes sense, encapsulating the story of economic collapse and continued suffering, all due to western financial systems and easily verified economic policies.
It is not some arrant and callow bullshit about cyberwar catastrophe emitted for the benefit of stenographers on the security beat in the mainstream media.
In 1998 I wrote “Electronic Pearl Harbor, Not Likely” for the National Academy of Science published magazine, Issues in Science and Technology.”
That was fourteen years ago. When I mention to reporters who call how long I’ve actually been looking at these issues they seem to have a hard time getting their brains around such a fact.
While all the technology mentioned in the piece has dated, as a general prediction, it’s still pretty great. I was right.
And that was an unpopular position then, as it is now. What’s perhaps more surprising is that genuine education and debate on these matters has become much worse.
You can’t write critical things like this at big venues, or even publicize them very much anymore.
Cyberwar, like many other topics in national security, has been converted into a third rail issue. There is only one way it is discussed or publicized: Catastrophe is looming, always coming, imminent.
Call it the radioactive fallout of the war on terror. Careful thinking on national security was washed away in favor of compiling enemies lists and creating a great professional corps of paranoids and salesmen to develop cant on how easy it would be for just about anyone, anywhere, to bring down the US or kill tens of thousands, at any time.
Yes, we are all going to die someday. That’s certainly true.
In 1998, me:
Another reason to be skeptical of the warnings about [cyberwar] is that those who are most alarmed are often the people who will benefit from government spending to combat the threat. A primary author of a January 1997 Defense Science Board report on information warfare, which recommended an immediate $580-million investment in private sector R&D for hardware and software to implement computer security, was Duane Andrews, executive vice president of SAIC, a computer security vendor and supplier of information warfare consulting services.
Assessments of the threats to the nation’s computer security should not be furnished by the same firms and vendors who supply hardware, software, and consulting services to counter the “threat” to the government and the military. Instead, a true independent group should be set up to provide such assessments and evaluate the claims of computer security software and hardware vendors selling to the government and corporate America. The group must not be staffed by those who have financial ties to computer security firms. The staff must be compensated adequately so that it is not cherry-picked by the computer security industry. It must not be a secret group and its assessments, evaluations, and war game results should not be classified.
Quaint. And where did that reasonable suggestion go?
Nowhere.
The exact opposite is what we have today: A national security infrastructure totally permeated with conflicts of interest in threat assessment and revolving doors in which people routinely go from positions of oversight to the national security private sector and vice versa.
Trivia: Bill Clinton was president in 1999. And Leon Panetta, who probably did not even know the word cyberwar at the time, was the White House Chief of Staff.
The Clinton administration’s “digital Pearl Harbor” man was Assistant Secretary of Defense John Hamre. Hamre is now CEO of the Center for Strategic and International Studies, one of those many think tanks now responsible for finding and analyzing all the many enemies we must build our fortresses against.
Now be good people and listen to Binders Full of Women Blues. That’s not faked, either.
U.S. Defense Secretary Leon Panetta has revealed some details of U.S. plans to deal with a massive cyber attack. Those plans include launching a possible cyber-offensive in what some analysts say is a message to Iran.
With thousands of enemy cyber-actors probing the Pentagon’s systems millions of times a day, the secretary of defense has spoken about the threat of a massive cyber attack before. But his warnings late Thursday in New York have been the strongest yet.
“This is a pre-9/11 moment. The attackers are plotting,??? said Panetta …
Gary Schmitt, a security analyst at the American Enterprise Institute in Washington, sees Panetta’s strong remarks as a message for Iran.
“This is Secretary Panetta essentially saying ‘this is enough.’ It somewhat reminds you that cyber warfare is the kind of warfare that impinges on being terrorism,??? said Schmitt. “So, Iran, the tens of thousands of computers that it shut down in the Gulf, it would be the same thing as if an Iranian agent were to throw a bomb into a room with a variety of servers.???
Critics of that message include George Smith, a cyber specialist at Globalsecurity.org, whose job for several years has been to analyze the U.S. government’s assessments of cyberthreats. He said Iran’s capabilities are not as developed as those of the United States, and he believes issuing warnings about cyber attacks may actually encourage Tehran to launch them.
“They came to the game late. In cyberspace, it’s basically an arms race, so people are going to be spurred by what they perceive other people to be doing.???
It’s worth defining the American Enterprise Institute as a standard right-wing think tank that would virtually automatically advocate for a war with Iran.
Voice of America had a nice chat with me and I remarked at one point that it took a lot of gall to warn about Iranian cyberattack after we’d been poking that nation with directed malware, the equivalent of digital pointed sticks, for awhile. We were throwing our bombs into their digitized control rooms, so to speak, first. And many computer security specialists, inside and outside the government, surely understand it.
And you should pass it around in social media, in spite of being afraid the name will soil you among peers, if you’re as sick of the deadening Cult of Cyberwar’s central hypocrisies as I am. It’s been well over ten years of this stuff, since before I became a Senior Fellow at GlobalSec, after 9/11.
And, believe me, it’s been all downhill since then. The topic of cyberwar has been virtually changed into another third rail issue, one in which the debate is not a debate or an attempt to inform at all, but only a regular stream of dire announcements and proclamations on what must inevitably occur: The country will be made a dysfunctional ruin in an afternoon of Internet mischief if agendas aren’t attended to immediately.
This morning I was on the phone for an interview with Voice of America on Leon Panetta’s digital 9/11 warning at a “National Security Dinner” for business executives in NYC.
The mainstream news blotter on my PC had followed the usual script, dutifully repeating all the warnings about an infrastructure vulnerable to — potential Iranian cyberattack!
Ten years ago it was mostly always China that was named. And China is still a very favorite country to mention in Cult of Cyberwar news.
But as I’ve pointed out before, it takes a lot of gall to paint Iran as plotting to launch cyberattacks — the Shamoon virus being the star of this show, since it infected Saudi Arabian Aramco installations — when you’re the party who started the cyberwar.
While the US government has not acknowledged it, it’s no longer a secret that it has been quietly hard at work attacking Iranian infrastructure, and the networks of other Middle Eastern nations deemed unfriendly, with malware.
And it would come as no surprise if it had touched off a cyber-arms race and a retaliating clandestine war.
So since we’ve been poking Iran with pointed sticks in cyberspace for awhile, we’re really not in any position to summon outrage over malware on Saudi Arabian oil terminal networks.
We had to go and shit the bed so now we must live with it.
Look — it’s simple. Have good back-ups. Root, hog or die.
It’s worth adding, that the implication that Americans will wake up one morning and find the country, or portions of it, a smoking dysfunctional ruin due to Iranian cyberattack is about as disingenuous as can be imagined.
However, this type of rhetorical/political maneuvering is not new and Panetta’s speech is one in a historical continuum of warnings about digital Pearl Harbor that go back well over fifteen years. In fact, many American cyberwarriors, and computer security workers, were in rubber pants when they were first cranked up. We furnish the enemy of convenience, according to the time and conditions. The rest of the stuff about what they can do, embellished with the seasoning of computer malware incidents chosen from current news, follows automatically.
Here in the U.S., attacks on large financial institutions during the last two months have delayed or disrupted services on customer Web sites. Secretary Panetta said the scale and speed of those attacks was “unprecedented??? …
While recent attacks concern defense officials, the worry is that there could be even more destructive scenarios. “We know that foreign cyber actors are probing America’s critical infrastructure networks,??? said Secretary Panetta. Those hackers are trying to access computer control systems that operate chemical, electricity and water plants as well as those that guide transportation systems, he said. “We know of specific instances where intruders have successfully gained access to these control systems,??? he said.
Secretary Panetta said the Department of Defense is finalizing the most comprehensive change to the rules of engagement in cyberspace in seven years. “The new rules will make clear that the Department has a responsibility not only to defend DoD’s networks, but also to be prepared to defend the nation and our national interests against an attack in or through cyberspace,??? he said.
What’s not explained here is that networked computers have been everywhere for a good long time. And that trouble-makers and malware invariably always get into them, sooner or later. Well over a decade ago, malware was found on a space shuttle computer, for instance.
And to catalog it all might fill the Library of Congress.
As for the attack-the-water meme, no a requirement of every story on the issue, DD blog has dealt with it decisively, many times. Most recently, here.
And, the “unprecedented” attacks on US giant banks, which made their web pages run slow or inconvenienced some doing on-line banking, a digital Pearl Harbor that somehow failed to bring the nation low, here.
Due to the continued abuse of public news on the issue by US national security men, the now constant use of fearful scenarios and predictions, the public is primed to react badly to even the most trivial incidents. People believe the country could be ruined through cyberspace because they have been told so many times by the Leon Panettas.
One understands fully why the Leon Panettas of our nation do this. They must. Since 9/11, everything must be described in terms of how it could be a potential American civilization-destroying catastrophe, or you are not doing proper due diligence. Many others would say there’s quite a bit of rote CYA-ism to it.
Trouble via the Internet daily will always be with us. It’s a risk that must be managed and, to a large extent, is — with great labor and struggle. But it has not been served by unleashing a state-sponsored malware attack on foes and then hypocritically complaining when someone has aimed a clumsy attack in kind back at you or an “ally.”
“All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date,??? said Leon Panetta, as conveyed by the Wall Street Journal.
But Iranian computers, or those in other countries caught in the splatter campaign by the Stuxnet program and its brethren somehow have gone missing in this calculation. Because they’re the bad guys and deserve it, right?
In the world of global network security, what you see depends on where you’re standing.
“The Shamoon virus attacked 30,000 Saudi ARAMCO workstations and replaced crucial system files with an image of a burning U.S. flag … That virus added false information that overwrote all of the real data on those machines,” reads the Journal.
