While the rest of the country has gone to Hell over the last ten years, the Pentagon has been untouched. While unemployment and outsourcing of jobs to China surged, the US military budget ballooned. When the global economy crashed due to Wall Street malfeasance in 2008, the Department of Defense was spared all pain. When millions and millions of Americans were added to food stamp programs, the war machine didn’t even hiccup. Which makes today’s Pentagon assessment that China will pose a threat to economic security because it is copying our weapons the laugher of the week.
The Pentagon, in its annual assessment to Congress of China’s military, flagged sustained investment last year in advanced missile technologies and cyber warfare capabilities and warned that Chinese spying threatened America’s economic security.
“Chinese actors are the world’s most active and persistent perpetrators of economic espionage,” the report said.
“Chinese attempts to collect U.S. technological and economic information will continue at a high level and will represent a growing and persistent threat to U.S. economic security.”
Some graphs, conveniently taken from this week, on the real threats to economic security.
First, on outsourcing of employment, much of which went to China, from the Congressional Research Institute:
Second, unemployment plotted against escape from taxation of the US high upper class:
Essentially what has happened is that the US has abandoned all manufacturing with low profit margin to China. That means all household dry goods, consumer electronics and toys but not big ticket items like weapons, jet engines, automobiles, expensive health care equipment with no margin for error and aircraft.
The Pentagon and the arms manufacturing industry, or the self-licking ice cream cone, is only interested in the weapons part. Wouldn’t want anything to trump our Weapons Shops of Isher.
“The United States could be in for a surprise in 2013-15 if ‘China successfully exploits it extensive cyber-espionage efforts and unveils new weapons systems that are on par with U.S. systems,’ said Capital Alpha Partners LLC, a investment analysis group, in a research note on the Pentagon report,” reads the Reuters report.
Yes, that’s something that threatens the very existence of the vanishing middle class, no doubt about it.
All right boys! You’re really on top of things. If you keep doing what you’re doing, eventually there won’t be anything left to defend.
The court stenography pool in action. A screensnap’s worth 1k words.
Some national security leaders argue, in turn, that there have been times in U.S. history when the country has to make security investments whether they make business sense or not. The need to prepare for a massive cyberattack, they say, is such an occasion.
Larry Clinton’s response: Then the government should pick up the check.
“If the government was interested in paying the private sector to do all these things, probably we would go a long way toward doing it,” he says. “But the government so far, [with] the Lieberman-Collins bill, wants it all done for free. They want the businesses to simply plow that into their profit and loss statement, and the numbers are staggering. You simply can’t do it.”
First, it’s necessary to understand Larry Clinton is a spokesman for a trade group of big weapons manufacturers and Pentagon contracting businesses (Boeing, Lockheed Martin, Raytheon, Science Applications International Corporation) with cyber-defense arms called the Internet Security Alliance.
The Internet Security Alliance knows that if American corporate business which holds the telecommunications, energy, banking and transportation infrastructure is asked to pay for strengthening cyber-defenses they’ll simply decline to spend at the level US arms manufacturers would like to see. If they spend any more than usual, at all.
Therefore, the ISA is very interested in having the government pay for everything, as it more strongly guarantees revenue streams.
Think of it like the business model adopted by the banksters. Risk is shoved off. The government picks up the entire tab and the defense industry profits.
It’s very easy to be supercilious with the Internet Security Alliance.
ISA advocates a modernized social contract between industry and government …
Developing a 21 century policy platform for government to work productively with industry through a “Social Contract …
To understand what the ISA means, substitute the phrase “rent-seeking” for “Social Contract,” which the business group misuses horribly.
Generally, the “social contract” has been used to mean humans ought to live in a civil society, one in which government imposed order and protected the weak and the average from the predatory, who if allowed to prevail would, as Thomas Hobbes described famously, make life “solitary, poor, nasty, brutish, and short.”
The “social contract” doesn’t say anything about the government guaranteeing the business of corporate computer security and arms manufacturers because without them, our life might be “solitary, poor, nasty, brutish and short” because of cyberwar.
What the Internet Security Alliance wants, like much of what big corporate America advocates for, is “rent.”
The expenditure of resources in order to bring about an uncompensated transfer of goods or services from another person or persons to one’s self as the result of a “favorable??? decision on some public policy. The term seems to have been coined (or at least popularized in contemporary political economy) by the economist Gordon Tullock. Examples of rent-seeking behavior would include all of the various ways by which individuals or groups lobby government for taxing, spending and regulatory policies that confer financial benefits or other special advantages upon them at the expense of the taxpayers or of consumers or of other groups or individuals with which the beneficiaries may be in economic competition.
That the ISA would actually pay corporate mouthpieces to write such self-serving shite about a so-called non-existent “Social Contact” tells you everything you need to know about the group.
Richard Clarke, who advised President Bill Clinton and tried to advise both presidents Bush on counter-terrorism and cyber-security, points out that “Sophisticated cyber attackers could do things like derail trains across the country…They could cause power blackouts – not just by shutting off the power but by permanently damaging generators that would take months to replace. They could do things like cause [oil or gas] pipelines to explode. They could ground aircraft.???
“Without computer-controlled networks, there is no water coming out of your tap; there is no electricity lighting your room; there is no food being transported to your grocery store; there is no money coming out of your bank; there is no 911 system responding to emergencies; and there is no Army, Navy and Air Force defending the country . . . All of these functions, and many more, now can only happen if networks are secure and functional.
“A systematic [attack] could come from a terrorist group, a criminal cartel or a foreign nation . . . and we do know of foreign nations that are interested in our information infrastructure and are developing offensive capabilities that would allow them to take down sectors of our information infrastructure …
One possible scenario would feature a demand leveled by a foreign government or terrorist group. When the U.S. government refuses to comply, this adversary demonstrates its capabilities by reducing a region of the United States to chaos. ‘I think the capability to do that probably exists in the hands of several nations,’ Clarke states. ‘I think it could exist in the near future in the hands of criminal and terrorist organizations.'”
“Envision all of these things happening simultaneously – electricity going out in several major cities; telephones failing . . .” — Signal magazine, 1999
“I’m talking about people shutting down a city’s electricity . . . shutting down 911 systems, shutting down telephone networks and transportation systems. You black out a city, people die. Black out lots of cities, lots of people die.” — Clarke, the New York Times, 1999
A few taps on his tablet computer and Justin Roberts sends a pair of trains loaded with hazardous materials on a collision course.
Or forces a nuclear plant into meltdown. Or shuts down the power grid for the entire Eastern Seaboard.
OK, the University of Nebraska at Omaha senior is really just sending malicious signals to a series of computerized controllers along the wall of a university lab, turning their winking lights from green to red.
But it’s through such exercises that students at the Nebraska University Center for Information Assurance examine how terrorists, hostile countries or simply bored hackers could inflict massive damage by infiltrating the nation’s critical infrastructure systems.
“In here, it’s just lights, but when you think about how many things that could be connected to … rail systems, water treatment centers, traffic control stations …,” said grad student Casey Glatter. “(It’s) the idea of him sending a single message to a single one of these devices, but causing a catastrophic failure.”
The school is creating defenders to join the cyberwar’s front lines …
Such iconoclasts, they wear team green shirts. (Follow the link.)
And where will one of the cyberwarriors be on the front lines?
[Student] Tory Cullen … is joining Facebook.
Lots of critical national infrastructure to secure there.
One of them used to steal cable tv, the Omaha newspaper reports. It is held up as a measure of cleverness. Not to worry, now he pays for it, readers are assured.
A professor of the University of Nebraska in Omaha tells us the digital
apocalypse can be visited upon us from “a cave.” So it would seem good they don’t read the Omaha newspaper in the dirt piles of northern Pakistan or the sandy waste of Yemen, or we’d be fucked:
You might imagine a terrorist with a bomb that is set to take out the power grid, but Mahoney said all someone has to do is figure out the correct substations to hack into, and they could cause the system to go down like a line of dominoes.
“You hack into New York, and it trickles all the way west from there,” he said. “You don’t even have to leave your cave. … It’s cost-effective terrorism.”
Cost-effective salesmanship, more likely.
We passed the French as world champion braggarts a couple decades ago and never looked back, I hear.
LONDON (Dow Jones)–Iranian authorities are investigating alleged cyber-attacks against Iran’s oil ministry and possibly against the key export hub, though oil shipments haven’t been affected, Iranian oil officials said Monday.
The computer attack–reminiscent of a virus that allegedly targeted Tehran’s nuclear program in 2010–highlights potential new vulnerabilities for the Islamic Republic’s oil exports, which international sanctions have already impeded.
Personnel at the Kharg oil terminal haven’t been able to send or receive any e-mail since Sunday, said an oil official at the terminal, through which at least 80% of Iran’s exports are shipped abroad. An investigation has begun into the suspected cyber-attack, he said.
But the e-mail shutoff is having “no effect on the exports,” the oil official said. “There is a normal procedure at the terminal. We are using telephone, fax, SMS.”
Maybe they could send malware-loaded e-mail to the mullahs, too. Ah, they already are. Hot stuff.
So maybe they’ll retaliate and send their special malware e-mail to Wall Street investment banks, or — better — the President. That’ll work. I know he reads yours and mine. Really.
TheJoseph K Guide to Tech Terminology was an infrequent feature in Crypt Newsletter from the mid Nineties. It was a satirical collection of tech terms current to the time.
So if you weren’t around then, or remember it only faintly, a lot of it has aged out of relevance. It would mean nothing to anyone in their twenties, and a bit older, I suspect.
Anyway, I decided to rescue it from the Internet archive for my own purposes. Some notes added.
CRYPT NEWSLETTER’S “JOSEPH K” GUIDE: AN OCCASIONAL GLOSSARY TO TECH TERMINOLOGY
“This is not a psychotic episode, it is a cleansing moment
of clarity.”
–Howard Beale in “Network”
antilethal: Opposite the spirit of maximum lethality but still deadly.
Usage: The antilethal precision munition had incinerated only two hundred civilians when it landed on a bunker in downtown Baghdad so the generals could not understand why the international newsmedia became so irritated.
[Era First Gulf War. While the US military and groupie arms trade industry magazines employed it, it never stuck.]
————-
Associated Press: an international misinformation vendor. See Reuters.
Usage: An Associated Press wire news story told of Vice Miskovic, a Croat teenager who had downloaded the entire U.S. strategic arsenal into his home in Zadar through an Internet connection to Andersen Air Force Base on the island of Guam.
[Vice Miskovic was an actual Euro-hacker. Pretty much just a witless teenager, for a short period he became the object of great press exaggerations for, gosh, getting into some military networks. That never happened.]
————-
commerce: something indeterminate that’s always booming on the Internet, although no one you know has ever seen or benefited from it.
Usage: Representatives of a grotesquely hyped Internet start-up asserted that its commerce was tripling monthly in cyberspace even as the firm surreptitiously filed for protection from creditors under Chapter 11.
————-
computer virus: a small replicating computer program designed to spread autonomously; or, a marketing tool used by computer security experts and anti-virus software companies; or, something indeterminate responsible for making any computer or network behave weirdly.
Usage: Angered by the mystifying and increasingly nettlesome crashes of his new WIN95-equipped computer, Loy suspected a computer virus.
[Do you remember Windows 95? “Oh, the pain.” — Zachary Smith]
————-
consultant: U.S. Department of Defense or civil service free-lancer usually involved in a conflict of interest; or, a recently downsized employee of corporate America.
Usage: The consultant from Science Applications International Corporation enjoyed writing policy papers for the Pentagon’s Joint Chiefs that always cleverly ensured more DoD business for his firm.
Usage: Two years after being downsized by Acme Data Systems, Scroggins’ carefree life as an Internet consultant came to an end when he declared bankruptcy, was divorced by his wife and lost visitation rights to his children.
————-
content: an amorphous term encompassing material of utterly no value found on World Wide Web sites.
Usage: The mouthpiece for a conglomerate of entertainment magazines, whose readership encompassed a great number of gossip-hungry simpletons, vowed his company’s Web site would be content rich.
————-
cutting edge: hackneyed usage meant to convey a quality of hipness and intellectual excellence but, instead, standing for quite the opposite.
Usage: One editor at a stodgy newspaper declared his business and technology section cutting edge even though everyone knew it was only a forum for rewritten press releases issued by corporate America.
————-
cybercash: a fuzzy concept glossy magazines and Internet flacks claim will make everyone — except maybe you — wealthy in cyberspace. Not to be confused with cash money.
Usage: Wackerman dreamed of the cybercash riches he would reap from the sale of his electronic story of a shy but brilliant software engineer who saves the country from destruction at the hands of international terrorists and information warriors.
[Still true for most people.]
————-
The Daily Crapper: your local newspaper.
Usage: The Daily Crapper featured science and technology reporters who often turned in stories that claimed soon computers would be made of DNA and protein or that by the year 2006 the U.S. Army would defeat enemies through the clever use of telepathy and electric rays.
[Originally from around 1994, also still true. DNA computers and electric rays, coming any day now.]
————-
digerati: the celebrities of the ‘Net and/or computing industry; or, Robert Reich’s “symbolic analysts.” [But that’s another tale].
Usage: While the press releases and treatises of the digerati were of less value to the average American than a plate of singing maggots, the mainstream media always loved them.
————-
electronic bogeyman: a hacker, instrument of a hacker or anonymous source portrayed in the mainstream media as a menace to society. The electronic bogeyman must always be quoted making grandiose, unverifiable, or nutty claims (e.g., opening all the automatic garage doors in Anaheim, California at precisely 2:00 pm) about feats, usually malicious, that can be performed with a computer.
Usage: Reuters interviewed an electronic bogeyman from Taiwan who claimed his computer virus would corrupt data on Japanese computers if that country did not immediately surrender ownership of the Daioyu Islands in the East China Sea.
————-
electronic Pearl Harbor (or “EPH”): a bromide popularized by Alvin Toffler-types, ex-Cold War generals, assorted corporate windbags and hack journalists, to name a few. EPH is meant to signify a nebulous electronic doom looming over U.S. computer networks. In the real world, it’s a cue for the phrase “Watch your wallet!” since those wielding it are usually doing so in an attempt to convince taxpayers or consumers to fund ill-defined and/or top secret projects said to be aimed at protecting us from it.
Usage: Salesmen for the secretive Department of Defense contractor, Science Applications, were always good for quote saying that electronic Pearl Harbor had already happened, was happening even now, or would happen some day soon, depending on the needs of the reporters interviewing them.
[It’s not Science Applications anymore, a company most Americans have still never heard of unless they work for the military. Now it’s the Lockheeds and Northrop Grummans, much bigger fish in the ecosystem.]
————-
expert: instrument of journalists deployed to burnish whatever received wisdom is being passed on as news; or, instrument of journalists used to furnish stock criticisms for heretical or unpopular findings; or, someone frequently counted on by hack journalists to provide Delphic wisdom on a subject or subjects the expert knows little about.
Usage: The Hudson Institute expert was often asked for her comments on computer viruses and information warfare even though it had been shown she was computer illiterate.
[A real person. She died a few years ago.]
————-
fictive environment: a new description for psychological operations against an enemy; or, the creation of a world of information fraud surrounding consumers, marks or targets.
Usage: In the mid-Nineties, the business of a significant number of Americans armed with computers became the spinning of fictive environments, the aim of which was to defraud others of cash money.
————-
free speech: something everyone is required to defend, usually when practiced by the odious or students who’ve stepped in excrement.
Usage: As he studied the inside of a cramped Santa Ana jail cell, student Richard Machado concluded that the Orange County jury did not interpret the explanation that he only wanted to “start a dialogue” with Asian students when he mass e-mailed them a message that said “I will hunt down and kill your stupid asses” as a whimsical exercise in free speech.
[A Crypt Newsletter No-Prize if you can tell me what’s happened to this guy.]
————-
…for dummies: the trademark of a very successful line of books written for those who cannot read by those who cannot write.
Usage: The important editor wrote a querulous letter taking great umbrage at the satirical light in which his “…for dummies” books were portrayed.
————-
Golden Pizzle of Information: any authority figure accustomed to being publicized unquestioningly; or, computer experts fond of making dumbly obvious, fraudulent, indecipherable or insane statements which few dare to seriously question.
Usage: Assuming the leaden mantle of Golden Pizzle of Information, Vice Chairman Gary Fernandes of EDS Corp. told a rapt audience, “We have technical clutter. We speak in buzzwords and acronyms.”
[Replaced by Richard Clarke.]
————-
Good Times virus: A hoax believed to be true by many computer-using Americans.
Usage: Modzelewski was written up by for insubordination after laughing indiscreetly at a meeting in which the esteemed network consultant passed out memos on Good Times.
————-
hardware glitch: The cause of all human errors and oversights leading to down time and lost e-mail at national Internet Service Providers or Online Services.
Usage: America On-Line mouthpiece Tatiana Gau said a hardware glitch was responsible for the system-wide failure. Related: see computer virus.
————-
hacker: In this context, a young man very adept with computers and networks, possibly a pawn of Libya or North Korea.
Usage: Indeed it was good the hacker had been apprehended in his single apartment in Raleigh because the government feared he was only a step away from bringing down the entire system of international banking.
[Now since moved to China.]
————-
HERF weapon: Always suspected but never seen, the HERF – or High Energy Radio Frequency – gun is responsible for much nettlesome corporate computer failure nationwide, according to information warriors.
Usage: Dodson was relieved the computer security guru had been able to convince management that the corrupted data on the network was the work of an HERF weapon attack on the corporation, not the boobytrapped pornographic bit of software he had obtained from alt.sex.watersports.
[Seized the imagination of Newt Gingrich and spawned the Cult of Electromagnetic Pulse Crazy.]
————-
information wants to be free: tired hacker slogan formerly denoting that the flow of information is empowering and cannot be restricted; now a cliche usually spouted by a variety of dolts who employ it as a rationalization for ripping off others.
Usage: “Information wants to be free,” thought Vice Miskovic, a teenager from Zadar, Croatia, as he uploaded his Make Money Fast cash pyramid scheme to the Usenet.
[Make Money Fast was a Ponzi scheme and poor Vice, that was the best of his achievements in the real world.]
————-
information warfare: n. In this context, everything and nothing. What hackers, Libyan agents, rogue nations, international criminals, pariah states and pan-national groups of religious fundamentalists will conduct against America in the near future.
Usage: America On-Line was besieged by a series of vexing and seemingly pointless information warfare attacks conducted by teenage hackers armed with AOL Hell, a program that automated the sending of scrofulous electronic messages to other customers.
[Believe it or not, defense industry and DoD information warfare/cyberwar guys really did think Libyans were behind things back then. Ha-ha.]
————-
interactive: an adjective used to adorn computer and software products that are intrinsically worthless, unusable or both.
Usage: “Our interactive Web browser — the Microsoft Internet Explorer — is the only one of its kind that can unlock the magic of the Internet, revivify your moribund sex life, order your office activities, protect your children from pedophiles, and run a Ponzi scheme on the Usenet — all at the same time,” burbled Patty Stonedchik, head of Microsoft’s Multimedia Division.
[Patty Stonedchik was a real person, named changed only slightly. Maybe she’s still around.]
————-
international rule of law: that which is invoked when another country not in the West defies the military, political or business interests of the United States.
Usage: The Washington Post quoted sources at the Government Accounting Office who maintained that pariah states in the Third World, their exact identities classified, had broken the international rule of law by enlisting hackers to attack U.S. networks through the Internet.
————-
leftist: anyone in the U.S. who dares to be critical of authority figures.
Usage: From time to time, p.r. mouthpieces in the employ of giant defense contractors or bloated software firms would write and accuse Crypt Newsletter’s editor of being a leftist.
[Now it’s socialist.]
————-
libertarian: once a handy political label for those who believe in free markets and personal liberty; now a handy marketing tool for those who wish to lower taxes, disarm government employees and spend large amounts of money on anything published by Wired Ventures, Inc.
Usage: The mighty publisher of WIRED magazine galvanized a phalanx of Net libertarians into sending a million electronic mails to Congress in protest of Net censorship — where they were immediately deleted, unread, by college interns.
————-
mentufactury: A kind of pompous term for bullshitting, especially the variety associated with flacking for your information business, hardware, software or the Internet.
Usage: In the mid-Nineties, mentufactury became the primary export of American business resulting in a startling trade deficit disaster.
————-
meta-data: see pseudo-data.
————-
mutual assured annoyance (MAA): the state that exists when U.S. Department of Defense information warriors engage in secret combat with hackers or the information warriors of other nations.
Usage: Crystal often thought about the consequences that might befall him should his Air Force superiors ever discover that the best result his team of information warriors could hope for was mutual assured annoyance of the enemy.
————-
mouthpiece: A paid liar employed by corporations or institutions to emit “expert” commentary for the mainstream media or press releases. In press releases, often the mouthpiece will not even have actually said what he or she is quoted as saying, the quote being copy fabricated by a more eloquent marketroid hidden within the firm. See fictive environment and expert.
Usage: Marty Levecki, a mouthpiece for a giant defense contractor, told USA Today his firm’s consultants had discovered a dangerous computer hacker roaming freely through the Pentagon.
————-
Netizen: formerly, a term meaning citizen of the Net; now, an overused, unintentional pejorative describing a group of annoying computing technology-obsessed, mostly white, mostly male, blowhards.
Usage: Netizen Kane stamped his foot in glee as he used his skills in PC automation to send 1,000 e-mail copies of a windy, libertarian rant to Congressmen, the President and the press, where it was subsequently deleted, unread, by college interns.
————-
paradigm: pattern, an example, a model; or, a word used by people who believe their own press releases. See digerati.
Usage: The pronouncements of Bill Gates were the paradigm for the impenetrable phlogiston surrounding much of home and business computing.
————-
phlogiston: an imaginary element formerly believed to cause combustion; or, Crypt Newsletter’s euphemism for what comes out of the south end of a northbound bull; or, a primary American export commodity (see mentufactury).
Usage: Not even the powerful American newsmedia could rival the Usenet in the dissemination of phlogiston.
————-
pseudo-data: text, test results, charts, bar graphs, numbers and statistics produced by the convergence of mentufactury and technoquack. Sometimes known as advertising.
Usage: The driven and deeply neurotic marketing employees of the computer industry often tyrannized consumers with fraudulent and confusing broadcasts of pseudo-data disguised as information.
————-
remote viewing: use of psychic means to conjure up an accurate image of something not physically observable by the “remote viewer.”
Usage: The generals of U.S. Army intelligence were very impressed when the non-lethal weapons guru described Muammar Ghaddafi sitting in a dwelling somewhere near a sandy desert, all through the science of remote viewing.
[In 2009, they made a movie about ‘remote viewers’ called The Men Who Stare at Goats, starring George Clooney. It was a total failure.]
————-
Reuters: an international misinformation vendor.
Usage: A Reuters wire news story told of a computer virus factory discovered on the dark side of the Moon by business security consultants, Krakt & Zane.
————-
Road Ahead, The: a book for those who despise books, credited — ghost-written by some flunky, actually — to a man who also despises books. Related to and/or see “. . . for dummies.
Usage: Unable to unload the excessive printing of “The Road Ahead” in the continental United States, Bill Gates came up with the novel idea of arm-twisting Russian paupers wishful for his beneficence into purchasing copies for about 9 dollars, cash U.S.
————-
Science Applications International Corporation (SAIC): gigantic contractor for the Pentagon which most Americans have never heard of; or, a secret corporation that relies almost exclusively upon taxpayer dollars for profits.
Usage: “The ideal Science Applications International Corporation business project always involves classification so that outside audits, fraud investigations and meddlesome taxpayers can be side-stepped,” the SAIC vice-president patiently explained to the new hire.
————-
source: an anonymous lawyer, corporate salesman, Dept. of Defense consultant, employee of Science Applications International Corporation (SAIC), civil servant or Pentagon apparatchik employed by reporters and editors to pump up flaccid news with impressive quantities of phlogiston. See phlogiston.
Usage: By employing the clever techniques of information warfare, it will be possible to remove future dictators from power without firing a shot, said the Pentagon source to the credulous journalist.
————-
Sun Tzu: ancient Chinese military philosopher — but now a useful marketing tool. Also overused source of quote for information warriors who cannot think of anything original to say.
Usage: The executives of the publishing firm thought the manuscript “Sun Tzu’s Power Web Publishing” was a potential blockbuster and planned to follow it with an entire line of “Sun Tzu” computer manuals.
Usage: “Sun Tzu was the first and greatest information warrior,” said the windbag from the National Defense University during an afternoon tea at the Pentagon. See also windbag.
[Now the favorite of every US military academic whose works are only read by those paid to do so. Which means everyone in the peer group.]
————-
superscientists: The engineers, technicians and researchers who develop weapons for the US military under the cover of black projects. In glossy mainstream magazines they appear always omniscient and generally anonymously.
Usage: The non-lethal weapons guru at Los Alamos National Laboratory provided sage guidance for a crack team of superscientists engaged in Project Beans R-Good4Heart, an effort to build an ultra/infra-sonic cannon capable of inducing ineradicable, debilitating flatus in crowds of hostile foreigners and terrorists.
[Produced the pain ray. And made designs and computer models for nuclear-fission powered drones.]
————-
Symantec: formerly, a company that developed utility software but now a conglomerate of squamous lawyers interested only in emitting press releases and launching meretricious suits against rivals and alleged enemies; or, a company that features a picture of a man on its product boxes who no longer has anything to do with the firm.
Usage: Angered that his company was compelled to compete with other firms in the marketplace, the Symantec CEO summoned a platoon of lawyers and tasked them with the goal of finding a way to sue retailers and consumers for having the temerity to deal with his rivals.
More usage: The box for Symantec’s Norton Anti-virus software featured a likeness of Peter Norton, a man who no longer worked for the company and who had once insisted computer viruses were urban myths.
[Obscure but true story.]
————-
technoquack: an individual, e.g. a consultant or member of the Alvin Toffler Army, who specializes in mentufactury; or, the speechifying of a technoquack or someone who hasn’t quite become one yet.
Usage: The technoquack from the MIT Media Lab enjoyed annoying readers of his books with periodic declarations that Americans yearned for more advertising disguised as news, not less.
————-
Victor von Doom: a.k.a Dr. Doom, an arch villain in the Marvel Comics universe often portrayed handcrafting a variety of directed energy weapons — ray guns — with which to smite enemies; now used by Crypt Newsletter as a catch-all designation for computer security snake-oil salesmen and assorted crackpots spreading freaky tales of non-existent electronic death rays.
Usage: Victor von Doom, a faculty member at the University of Gobble-Wallah in Brisbane, Australia, warned frightened businessmen that a raygun capable of surreptitiously smashing networked corporate computers from a distance of half a mile could be easily fashioned from parts including a cattle prod, two potato knishes, one TV antenna and four car batteries.
[A Crypt Newsletter/DD Blog No-Prize if you know what a Gobble-Wallah is.]
————-
windbag: see expert, source.
————-
Ziff-Davis: a marketing instrument of the computing industry masquerading as a conglomerate of journalistic effort.
Usage: The Ziff-Davis managing editor assigned his favorite witless flunky to write a puff piece on one vendor’s horribly buggy software after the vendor tithed $32,000 to the Z-D advertising department.
————-
“I am here to whip people, and whip them I shall.”
–The Whipper in Franz Kafka’s “The Trial”
Yesterday, GlobalSecurity.Org was flagged as a site “that may harm your computer” by Google. I was off and on it during the day, porting the Yellow Fever post to the SITREP blog.
When Google flags your domain as harmful you take a hit.
So what was the deal? Hard to say with certainty.
Initial indications were a malware redirection attack put in through an iframe and ad server.
Iframes are used to run advertisements and attackers always use them to put invisible or nearly invisible windows on a page which get the browser to make a request to a malicious site.
When the page loads, [the iframe] element causes the browser to request … content from the ad server. Ordinarily, this content would just contain the relevant ads, but when the ad server has been compromised, it also contains a malicious JavaScript …
[The malicious] iframe points to an exploit site, which proceeds to [probe] client vulnerabilities and infect the user with malware.
Any websites that take ads from third parties are vulnerable and it’s a common occurrence. The damage is done and the remedy is to remove the compromised adserver scripts and code from the domain.
DD is intimately familiar with web-served malware.
So the Google flag was a surprise. During the afternoon, when the warning was issued, I noticed no malicious code served to my computer. I have a number of things in place which fairly immediately allow me to see suspicious activity generated by malware that is not yet detected by anti-virus software.
And there’s the rub. The anti-virus software site linked to above describes the malware and says it flags some such attacks. But because anti-virus software can only block those signatures it already carries, there is always a time in which new attacks get through.
This is what all the makers of malicious code exploit. It is a game of continual catch-up and clean-up.
The article, on Yahoo, is essentially a recommendation to get all the free anti-virus software you can, once you’re infected, and run it.
Eventually, you’ll have something that will remove the malware. And if you’re still stuck you’ll have to pay someone to finally get rid of it.
It illustrates, with some hard finality, that malware is beyond management by the average user. The risk and existing hazards have to be dealt with by layers above. Malware attacks are administered beyond the intervention and knowledge of, for argument’s sake, virtually all users.
In the cases of domains flagged by Google, the webmasters and administrators have to cope with it.
Yesterday, Google was the only place flagging GlobalSecurity.Org. However, as the biggest and most important entity, functionally it’s the only one that matters. If Google blacklists you, you suffer.
I was not served any malware while on the site. However, that doesn’t mean there was a problem.
I scanned the domain with Wepawet, a UC Santa Barbara web app that probes for malicious code and embedded exploits. The first result in very late afternoon returned an almost benign report. There were a couple elements, the report indicated, which could not be interpreted. Later in the evening these warnings were gone, too, apparently after Globalsecurity had removed an applet that Google’s diagnostics had flagged as malicious.
It was also possible that it was a false positive, a very annoying reality of the current worldwide model of computer security. It is an ineradicable feature of modern computing.
For a couple months Globalsecurity has been running a Javascript clock that displayed a countdown to Israel’s bombing of Iran. If you use the site, you would have seen it at the top of the page.
“Yesterday Google decided the script was malware,” John Pike told me in e-mail.
The malware flag is now removed from GlobalSecurity.Org.
Whatever had actually transpired — I have no samples of malicious code downloaded to my machine to look at — Google’s response time was pretty good.
It’s no secret the U.S. and China are waging a clandestine cyberwar. National Security Agency director Gen. Keith Alexander says it’s hitting home hard.
Testifying before the Senate Armed Services Committee yesterday, Gen. Alexander said that China is stealing a “great deal” of the U.S. military’s intellectual property, adding that the NSA sees “thefts from defense industrial base companies.” According to a story in Information Week, he declined to provide any information on those attacks.
Enemies, a new book on the history of the FBI by Pulitzer winning journalist Tim Weiner, is illuminating on many fronts, including this one, by dint of sweeping perspective.
While I will get to a more complete review in the coming days, Enemies chronicles the intelligence wars between the FBI, acting as an intelligence agency and counter-terrorism operation, first as a much smaller bureau against German operatives during World War I, later against the Nazis and the Japanese, to the Cold War against the Soviet Union, and in the Eighties and Nineties against the Chinese.
The intelligence wars are unsurprising. It is equally unsurprising that foreign powers have always engaged in extensive operations to obtain military and corporate secrets in the US. All through the history of the republic.
Somehow we survived them.
Broader minds with more comprehensive eyes toward history might then view the current convulsions of news, crystallizing about the utterances of experts and ex-government men who may not even be remembered when a future history like Enemies is written four decades hence, as nothing more than business as usual.
If there were a public debate today with the US middle class on the subject, what do you think would concern people more — the volcanic loss of jobs to China caused by major shifts in the US economy, or, secrets stolen from the “military industrial base”?
We have the answer. It’s jobs and the concomitant loss in economic prosperity. Period.
In another piece, this from the Wall Street Journal, Shawn Henry, the FBI’s “top cyber cop” states hackers are winning everywhere.
The Federal Bureau of Investigation’s top cyber cop offered a grim appraisal of the nation’s efforts to keep computer hackers from plundering corporate data networks: “We’re not winning,” he said.
Shawn Henry, who is preparing to leave the FBI after more than two decades with the bureau, said in an interview that the current public and private approach to fending off hackers is “unsustainable.” Computer criminals are simply too talented and defensive measures too weak to stop them, he said.
In Enemies, Weiner’s history recounts many instances throughout a span of around eighty to ninety years in which the FBI waxed and waned in its intelligence and counter-terrorism operations.
Under J. Edgar Hoover, the FBI was a powerful secret police and America’s premier intelligence agency. But Hoover faltered badly near the end of his career and life as scandals over illegal operations and civic unrest due to the Vietnam War spread across the land.
Over the course of the presidencies of Johnson, then Nixon, Ford, Carter and Reagan, the FBI was roiled, increasing in power or decreasing in capability, depending on many factors, among them the strength and wisdom of its leadership and the American political landscape, whether engaged in renewal or feeding a national paranoia that saw plots, terrorists and spies to be smashed everywhere.
In this it is no different than the news today. Enemies, some very small, some credible and large, and many made of whole cloth, always threatened the country.
Weiner’s Enemies chronicles many famous and relatively unknown men in the FBI, all of whom played some important role in national security, intelligence and counter-terror operations in the US.
There is not a single instance in the book of the now commonplace event in which government men leave for more lucrative positions in the national security private sector. Many of the figures in Enemies, like a Shawn Henry, were very serious in their thinking that the US was constantly at threat. And perhaps losing.
However, unlike our current models, they did not seem to share the trait of leaving for more money when there were still battles to be fought.
Before concluding, one claim by Richard Clarke, published in The Smithsonian yesterday, deserves a second look.
Clarke, who says there have been war games on precisely such a revived confrontation, now believes that we might be forced to give up playing such a role for fear that our carrier group defenses could be blinded and paralyzed by Chinese cyberintervention.
A better journalist than The Smithsonian’s might have blinked and asked Clarke how exactly does one stop or blind a carrier group through “cyberintervention.”
It is not snark to suggest that someone ask for an explanation of how such thing could be done.
So, again — anybody, how do you stop a carrier group with “cyberintervention”?
How do you use cyberwar or “cyberintervention” to stop reconnaissance aircraft and fighter bombers from eyeballing targets? How does “cyberintervention” prevent a barrage of Tomahawk missiles from hitting plotted stationary targets or those acquired by a variety of observing assets? How does “cyberintervention” stop the bombers and attack submarines?
These aren’t stupid questions.
What is stupid is believing there’s some reasonable logic at work in a statement suggesting one can just do away with the biggest military in the world through “cyberintervention.”
To put it in a better perspective, and to underline how any critical sense seems to have gone out the door in interviews of this nature, would you believe if an authority figure like Richard Clarke told you he could jump to the Moon?
Why not? Explain the difference between the two claims.
For Smithsonian magazine, Richard Clarke makes what the magazine’s reporter thinks an audacious statement.
Now keep in mind the 1 percent and their shoe-shiners have never looked at the China trade deficit from the aisles of Target or Wal-Mart.
For some reason Clarke believes American companies giving everything over to China is astonishing stuff, a development people are not concerned enough about. They need to be told.
So you’ve a snapshot of our culture of lickspittle in action. Tough old mutton everyone’s chewed through many times repackaged as new fresh veal cutlets.
The vision Clarke has is of a modern technological nightmare, casting the United States as Dr. Frankenstein, whose scientific genius has created millions of potential monsters all over the world. But Clarke is even more concerned about “official??? hackers such as those believed to be employed by China.
“I’m about to say something that people think is an exaggeration, but I think the evidence is pretty strong,??? he tells me. “Every major company in the United States has already been penetrated by China??? …
“My greatest fear,??? Clarke says, “is that, rather than having a cyber-Pearl Harbor event, we will instead have this death of a thousand cuts. Where we lose our competitiveness by having all of our research and development stolen by the Chinese. And we never really see the single event that makes us do something about it. That it’s always just below our pain threshold. That company after company in the United States spends millions, hundreds of millions, in some cases billions of dollars on R&D and that information goes free to China….After a while you can’t compete.???
It’s not below your pain threshold if you’re among the 99 percent.
Wait, there’s more, the US military could be embarrassed militarily.
“Say there was another confrontation, such as the one in 1996 when President Clinton rushed two carrier battle fleets to the Taiwan Strait to warn China against an invasion of Taiwan,” reads the magazine. “Clarke, who says there have been war games on precisely such a revived confrontation, now believes that we might be forced to give up playing such a role for fear that our carrier group defenses could be blinded and paralyzed by Chinese cyberintervention.”
“Clarke now wants to warn us, urgently, that we are being failed again, being left defenseless against a cyberattack that could bring down our nation’s entire electronic infrastructure, including the power grid, banking and telecommunications, and even our military command system,” reads the script.
Get the pies. Imagine Richard Clarke on the stage.
From the archives of the old Crypt Newsletter, a collection of excerpts from the nation’s newspapers on Eligible Receiver, in 1999, collecting pieces spanning about three years. Eligible Receiver was an exercise, ostensibly done to test what could be done to hack the country’s infrastructure. It was actually only a set of simulations and musings. And it’s real purpose was to have a something upon which to build an alarming narrative on vulnerability to take the country’s news organs.
From the Crypt Newsletter (JOSEPH K) Guide To Tech Terminology:
Eligible Receiver: A Pentagon ghost story repeated ad nauseam to journalists and the easily frightened in which ludicrous or totally unsubstantiated claims about menaces from cyberspace are passed off as astonishing deeds of techno-legerdemain performed by cybersoldiers working within a highly classified wargame.
Usage: Author James Adams claimed in Techweek magazine that Pentagon hackers employed in Eligible Receiver “did more than the massed might of Saddam Hussein’s armies, than the Nazis in the Second World War.”
Since its first appearance in 1997, Eligible Receiver, like the phrase “electronic Pearl Harbor,” has become a good watermark for identification of uncritical, unsophisticated journalism addressing the potential for cyberterrorism to lay low the nation.
Although never substantiated with solid proof by Pentagon leadership, Eligible Receiver has become an article of faith in the mainstream newsmedia and still appears quite regularly since its genesis almost three years ago as prima facie evidence of what hackers could do to plunge the empire into chaos.
Characteristics of invocations of Eligible Receiver can include any or all of the following: there were 20, or 25, or 35, or 50 hackers; the hackers were from or hired by: [the Pentagon, the NSA, the Joint Staff], the national power grid was taken down, the 911 service was taken down, troop movements were disrupted, the hackers were more powerful than Nazi armies in World War II, laptops were bought, laptops were stolen, software was bought off-the-shelf, software was obtained from the Net, unspecified secret computer systems were compromised and/or unspecified public computer systems were compromised.
Here then, a selection of examples of Eligible Receiver in the news:
————-
On October 9, 1999, the Los Angeles Times published a story on the Pentagon’s Moonlight Maze hysteria entitled: “In Theory, Reality, US Open to Cyber-Attack — An NSA test exposed vulnerability of critical computer systems to hackers; Outside assault proved it.”
In paragraph seventeen, buried near the end of the Los Angeles Times piece, Drogin writes: “Indeed, the evidence suggests a certain amount of hype and hysteria have overshadowed the reality of cyberspace.”
It was an inadvertently telling choice of words, for in just the story’s second paragraph — one of the piece’s impact points — Drogin fell prey to the same phenomenon.
Drogin invoked the Pentagon ghost story of Eligible Receiver — the secret DoD wargame conducted two years ago which proponents of “electronic Pearl Harbor” insist demonstrated the nation could be flattened by cyberattack.
Drogin wrote: “The [Eligible Receiver] hackers broke into networks that direct 911 emergency systems.”
It was a clear and rather extravagant error.
Appearing in June of 1998 to testify before Congress, Ellie Padgett, deputy chief of the National Security Agency’s office of defensive information warfare spoke of how Eligible Receiver addressed the alleged vulnerability of the 911 phone system.
In a simulated exercise, Padgett said, “we scripted (an) Internet message (that) would be sent out to everybody saying there was a problem with the 911 system, understanding that human nature would result in people calling the 911 system to see if there was a problem.”
The working idea in this part of Eligible Receiver revolved around the hypothesis that many people viewing the message on the Internet in a newsgroup might panic and phone their local 911 trunk, causing a jam-up on the line.
“It can probably be done, this sort of an attack, by a handful of folks working together . . .” Padgett said.
This is an extremely far cry from Drogin’s assertion that the 911 system was broken into by alleged Eligible Receiver hackers. In fact, it has nothing at all to do with breaking into a 911 computer system, whatever that might be.
However, it is consistent, thematically, with the flavor of the mythology propagated on Eligible Receiver …
In fact, during an interview with Crypt Newsletter in the summer of 1998 concerning Eligible Receiver, a Pentagon spokeswoman for the affair asserted “no actual switching systems” were broken into at any time during Eligible Receiver. She went on to say that Eligible Receiver had only simulated these attacks on NSA computer networks set up to emulate potential domestic national systems.
Nevertheless, Drogin also wrote in paragraph two of the Times piece: “In less than three months, the [Eligible Receiver hackers] secretly penetrated computers that control electrical grids in Los Angeles, Washington, and other major cities.”
The lead claims in the Los Angeles Times article are the framing points for a larger discussion on how Moonlight Maze has publicly proved what the Eligible Receiver exercise secretly demonstrated two years ago, which constitutes another rather extensive leap in linking the facts that are known about both.
Drogin quoted from counter-terrorist “czar” Richard Clarke:
“An enemy could systematically disrupt banking, transportation, utilities, finance, government functions and defense.”
The Clarke quotes are functionally identical to the same statements made for Signal magazine in August of this year when it was suggested that the Freedom of Information Act could be “modified” as part of a plan to help protect us from cyberattack. They add nothing to the actual body of knowledge on Moonlight Maze.
For the complete Clarke-uttered propaganda published in August see the “electronic Pearl Harbor” archive.
“It’s cheaper and easier than building a nuclear weapon,” said Clarke for the LA Times.
Buried in Drogin’s piece was comment by John Gilligan who “directs information technology and information systems at the [Department of Energy.]”
Gilligan, while talking about hacker attacks, “[also argued] that the danger is usually overstated,” according to the Times.
“To get access to the electricity grid computers, to start to shut some of the grid, you have to really work at it . . . To do a Pearl Harbor, you need a lot of inside information.”
————-
The September 19, 1999, issue of New Scientist magazine invoked the mythos as an example of what “cyberwar” could do in an article entitled: “To the virtual barricades.”
“[Electronic Pearl Harbor” can be done — as was demonstrated two years ago when the US Department of Defense conducted a ‘war game’ to test its defences against cyber attacks. In an operation dubbed Eligible Receiver, fifty hackers tried to infiltrate DoD systems using only the simplest of hacking tools.
“Their task was to simulate an attack from North Korea. Despite the best efforts of the DoD, intelligence and security agencies, and the private sector . . . the hackers reduced a virtual electricity grid to 50 per cent effectiveness in just seven days.”
————-
On June 26, 1999, the Christian Science Monitor featured a story entitled: “The hidden dangers of information warfare.”
The Monitor’s reporter cited the Pentagon’s secret exercise, Eligible Receiver, in the standard manner.
“. . . Operation Eligible Receiver demonstrated the potential vulnerability of the U.S. government’s information systems. The National Security Agency hired 35 hackers to launch simulated attacks on the national information structure. The hackers obtained ‘root access’ – the highest level of control – in 36 of the government’s 40,000 networks.
“If the exercise had been real, the attackers would have been able to create power outages across Los Angeles, Chicago, Washington, and New York. They could have disrupted the Department of Defense’s communication systems (taking out most of the Pacific Command) and gained access to computer systems aboard U.S. Navy vessels.
“It was a disturbing exercise. So much so, that several top White House officials have spoken of the possibility of an ‘electronic Pearl Harbor’ attack on the U.S. mainland. Added to these vulnerabilities is the fact that most Americans have no sense of how information warfare will affect them.”
Further along, the Monitor called upon James Adams, appearing here as CEO of IDefense — a firm that advertises its skill in preventing potential “Eligible Receivers,” to provide the pro forma warnings.
“It is a very serious problem,” said Adams for the Monitor.
————-
From the April 1999 issue of “Government Executive,” a reporter writes on the danger of cyberterror to the national networks:
“The liability posed by such dependence became clear when the Pentagon conducted an exercise known as Eligible Receiver in 1997. Using off-the-shelf technology and software downloaded from hacker Web sites, a team of about 20 employees from the National Security Agency hacked into unclassified Pentagon computer systems. The surprise exercise, designed to expose weaknesses in computer security, succeeded beyond the planners’ wildest expectations. Among other things, the exercise showed how hackers might disrupt troop deployments.
“It was startling,” [Deputy Defense Secretary] John Hamre said. ‘We didn’t really let them take down the power system in the country, but we made them prove that they knew how to do it.'”
————-
From an April 22, 1999, issue of “Inside the Army:”
“Two years after Eligible Receiver, a joint exercise conducted by DOD in which virtual ‘terrorists’ used stolen hardware from a government facility to gain control over secret computer systems without being detected, the military finds itself ‘in full-scale conflict,’ [Deputy Secretary of Defense] John Hamre said. Important lessons learned over this period include ‘that cyperspace ain’t for geeks, it’s for warriors,’ he said.”
————-
From a March 22, 1999 report by Associated Press writer Laura Myers entitled “Study Finds Hacker Threat a Real Danger.” Reporter Myers appears to be only vaguely familiar with the Pentagon claim and gets a figure wrong.
This is hardly a liability for the mythos. Even Pentagon proponents of “Eligible Receiver” can’t seem to agree on the number of people involved.
Myers nevertheless passes on the growing legend as proof of national danger:
“In 1997, a national security team of about 20 people, in a cyberwar game [Eligible Receiver] lasting three months, gained access to unclassified Pentagon computers, giving the team the ability to disrupt troops movements.”
————-
From an interview on cyberterrorism conducted with Senator John Kyl by the United States Information Agency (USIA), published in November 1998:
Kyl: Well, [cyberterrorism is] surprisingly easy. It’s hard to quantify that in words, but there have been some exercises run recently. One that’s been in the media, called Eligible Receiver, demonstrated in real terms how vulnerable the transportation grid, the electricity grid, and others are to an attack by, literally, hackers — people using conventional equipment, no “spook” stuff in other words.
————-
From the Fall 1998 issue of the University of Southern California’s “Networker” magazine:
“Operating under the code-name Eligible Receiver, 35 people working for the National Security Agency targeted unclassified computer systems across the country. Employing only hacking tools downloaded from the Net and standard-issue computers, the team reportedly accessed the U.S. Pacific Command in Hawaii – in charge of 100,000 troops – among other targets.
“‘We didn’t really let them take down the power system in the country, but we made them prove that they knew how to do it,’ Deputy Secretary of Defense John Hamre told the press.
“Before Eligible Receiver, what you had was a bunch of driven geeks and a few admirals and generals dotted around who said that ‘this is really important stuff’ and a bunch of traditionalists who were saying ‘yeah, right. It’s all just rubbish, really,’ says Adams. ‘Well, Eligible Receiver gave everyone a very nasty shock because it showed that the whole system could be devastated,’ he adds.”
Editor’s note: James Adams wrote a book called “The Next World War,” published in 1998, that based most of its premises that computers would fight all future wars on Pentagon claims like “Eligible Receiver.” The book was pilloried for passing on myths and April Fool’s jokes, such as the Gulf War virus hoax, as fact. [Adams also founded a computer security company called iDefense. Many years ago it declared bankruptcy and faded away.]
“[Eligible Receiver] resonated at the Department of Defense, which has 2.1 million computers, 100,000 local area networks, and more than 100 long-distance networks. Eligible Receiver was ‘a very telling example for all of the senior leadership here,’ says Susan Hansen, a [Pentagon flack] for Secretary of Defense William Cohen.
————-
From a USIA interview (published in November 1998) with reporter James Adams, here advertised as the CEO of “Infrastructure Defense,” a firm started to help protect from potential Eligible Receivers:
“The ‘hackers’ taking part in the exercise — called Eligible Receiver — were, in fact, U.S.government employees. They were given no advance intelligence. They bought their laptops from a local computer store.
“The hackers successfully demonstrated that they could with ease break into the power grids of all the major U.S. cities — from Los Angeles to Chicago to Washington, D.C., to New York — that were linked to the U.S. capability to deploy forces. At the same time they were able to break into the -911- emergency telephone system and could comfortably have taken both of those networks down . . .”
————-
From a September 2, 1998, Jane’s Defense Weekly piece on information warfare and the Department of Defense:
“In one Joint Chiefs of Staff simulation, known as Eligible Receiver, US officials posing as terrorists were able to shut down key command and control systems at US Pacific Command headquarters.”
————-
In an August 2, 1998 story by Cox Newspapers’ by Andrew Glass entitled: “Target America: Computer Warfare,” the Pentagon grail is credited with turning off all operations of the DoD’s Pacific Ocean/Asian command as well as the 911 system.
Sun Tzu — an ancient and quite dead Chinese military philosopher — is credited with the germ of the idea, too, somehow.
“Last June, the National Security Agency staged a ‘red team’ exercise, code-named Eligible Receiver, in which agents pretending to be North Koreans infiltrated the command-and-control facilities of the U.S. Pacific Command in Honolulu — demonstrating their ability to neutralize most U.S. armed forces from Okinawa to San Diego for many hours without firing a shot.
“Attaining 100 victories in 100 battles is not the pinnacle of excellence,” [Sun Tzu] wrote in ‘The Art of War,’ the earliest known treatise on military science. ‘Subjugating the enemy’s army without fighting is the true pinnacle of excellence.'”
And, further on:
“Appearing last June before the Senate Judiciary subcommittee on technology, terrorism and government information, Ellie Padgett, deputy chief of the NSA’s office of defensive information warfare, told of one aspect of the worrisome success in Eligible Receiver.
In a phase of the exercise that simulated attacks, she said, ‘we scripted (an) Internet message (that) would be sent out to everybody saying there was a problem with the 911 system, understanding that human nature would result in people calling the 911 system to see if there was a problem’ — thus causing the overloaded phone system to crash.”
————-
In a speech in Aspen, Colorado, in late July 1998, the Pentagon’s John Hamre said of Eligible Receiver: “A year ago, concerned for this, the department undertook the first systematic exercise to determine the nation’s vulnerability and the department’s vulnerability to cyber war. And it was startling, frankly. We got about 30, 35 folks who became the attackers, the red team . . . We didn’t really let them take down the power system in the country, but we made them prove that they knew how to do it.”
————-
From a June 1998 Congressional Governmental Affairs Committee meeting chaired by Congressman and former actor Fred Thompson who played a naval commander in the movie adaptation of Tom Clancy’s “The Hunt for Red October”:
“Lt. General Minihan, the Director of the National Security Agency, will identify in greater detail the nation’s vulnerability as revealed in a recent war game known as Eligible Receiver. The Committee also will explore whether the [Y2K] problem will increase America’s vulnerability to attack. As we approach the 21st century, will terrorists and rogue nations test their information warfare weapons without fear of being caught and insert data smart bombs into the nation’s computers for use at a later date?”
————-
From a May 24, 1998 story in the Washington Post written by Bradley Graham:
“Many details of the exercise, dubbed Eligible Receiver, remain closely held. But according to official sources, a group of 35 NSA specialists simulated a series of rolling power outages and 911 emergency phone overloads in Washington and a handful of other cities. They showed that large-scale blackouts could be caused by targeting computerized sensing and control devices known as Supervisory Control and Data Acquisition systems, which have become common substitutes for human monitors in operating electrical, oil, gas, transportation and water treatment systems.”
————-
From an April 23, 1998 press conference led by Kenneth Bacon, the Pentagon’s head flack:
“And that was one of the, as I said, one of the signal achievements of the exercise the Joint Staff ran, ELIGIBLE RECEIVER, to improve the awareness of people within the Department of what the computer security issue is.”
