Wednesday, February 20, 2013

If There’s a War With China…




It’s All Evan Osnos’ Fault!

Evan Osnos is the China columnist for the New Yorker.

My impression is that he usually covers the social issues/human rights/dissident beat.

However, yesterday, riffing off the news about organized Chinese hacking of US government and private websites, he veered off into counter-proliferationblack ops:


The fact is that the United States government has already shown signs of an energetic capacity for cyber war, as in the case of Stuxnet, the software worm that the U.S., working with Israel, is believed to have used to disrupt Iran’s uranium-enrichment program. Coincidentally, I happened to ask some North Korea experts last week if Pyongyang’s latest round of nuclear tests might make it a prime target for a Stuxnet-style intervention. “The only time I heard anything along such lines recently was suspicion that the April launch failure may have resulted from cyber attack—but that was in the realm of conspiracy theory,” John Delury, of Yonsei University, in Seoul, told me. 

As long as it’s in the realm of the theoretical, here’s another twist: given China’s vocal frustration with its erstwhile allies in Pyongyang, and China’s fondness for cyber adventures, any chance that China might try a Stuxnet approach to slow down a headache on its northeast border? From what I gathered, the chances were slim, in part because of operational differences between Iran and North Korea. “Do the Chinese know which industrial-control systems are in place?” Adam Segal, of the Council on Foreign Relations, asked. “Could they deliver the malware to a system that is most likely ‘air gapped’ and not connected to the Internet? Could they be sure that the infection wouldn’t spread—back to China or to U.S. or others? Do D.P.R.K. nuclear scientists travel? Is it possible to leave thumb drives around with no one noticing?”



On a couple of levels I am gobsmacked by Olnos’ blithe presumption.

I will set aside for the time being his rather fanciful view of the dynamics underlying PRC-DPRK relations.  Suffice to say that Beijing’s vision for sustaining its rather precarious economic and political sway over the northern half of the Korean peninsula do not involve sabotaging Pyongyang’s most cherished strategic initiative.

But as to the casual attitude toward a “Stuxnet approach”, Stuxnet was an act of war.  Full stop.  If the PRC or anybody else did that to us, they would face the prospect of direct, escalating retaliation.  

If one is looking for an explanation for why cyberwarfare has become an obsession of the Department of Defense, with the planned addition of thousands of specialists to “Cyber Command”, and why President Obama raised the spectre of cyberwarfare in his State of the Union address, look no further than Stuxnet.

I believe the stories of massive hacking effort condoned and directed by the PRC government, and the significant value of the intellectual property and secrets extracted.

But for the sake of clarity, let’s call it “cyberespionage”.  

Cyberwarfare—the destruction of military, industrial, or infrastructure facilities i.e. acts of war—is qualitatively different.

I also believe that the reason that that the reason that Chinese cyberespionage is hyped today (and conflated into the “cyberwarfare” category) is to distract attention from the US complicity in an irrevocable escalation of cyberwarfare, and to prepare public opinion against the day when this weapon is turned against us.

In the same article that Osnos advances the narrative of the dire character of  Chinese hacking (After years of warnings that Chinese hacking was a rising threat, the Mandiant study, and the willingness of U.S. officials to confirm many of its findings, signal a blunt new American counteroffensive against the era of Chinese cyber attacks), he proposes that the PRC might engage in a Stuxnet-type exploit of cross-border military sabotage.

There’s a qualitative difference in what the PRC has been accused of in the past, and what the US did with Stuxnet.

That’s not because the PRC is run by wonderful, peace-loving people--or because the PRC has not developed any cyberwar weapons (for one thing, I expect the PRC's computer scientists have been interested and involved participants in Iran's struggles with Stuxnet).  

It’s because the PRC is extremely careful to avoid cycles of escalation with US power, preferring to counterpunch asymmetrically.  

In defense matters, the asymettric doctrine is embodied in “non-interference in the affairs of sovereign states” as a bedrock value, one that provides China with a ready, if ever-eroding, bulwark against US “pre-emption” and “R2P” doctrines which leverage US military and technological superiority across national borders, and the ability for unmatchable escalation that is at the heart of the American game.

That isn’t a diplomatic and strategic shield to be abandoned lightly for the transient pleasures of fucking with North Korea’s nuclear program, or other cyberwarfare shenanigans, for that matter.

So I found Osnos’ speculation rather clueless, both in the matter of his understanding of the PRC security mindset and in the matter of his apparent utter gormlessness as to the significance of the Stuxnet exploit.

I will speculate that Olnos’ level of comfort with the “Stuxnet approach” has a lot to do with the fact that “we did it first, so it must be OK.”

Well, it’s not OK, and President Obama realizes it and the Pentagon realizes it, as can be seen from the attached piece. 

But if Evan Osnos thinks it’s OK, and his ignorance is contagious, we’re closer to the day when US cyberaggression against China can be excused and advocated as “less than war” and any Chinese retaliation will, inevitably, be condemned as “an act of war”.

So Evan, if there’s a war with China…it’s your fault!

Crossing the Digital Line

President Obama chose to open the Pandora’s box of cyberwar with the Stuxnet attack on Iran’s centrifuge operations.  In the process, he made a mockery of the Pentagon’s attempts to establish the rules of cyberwarfare in discussions with a most active and interested adversary--China.

Now, it is almost inevitable that, in addition to potential battlefields on land, sea, and in the air, the escalating and repeating cycle of genuine risk, threat inflation, politicized fearmongering, destabilizing challenges, and growing polarization, accompanied by expanded missions and fattened budgets for the security establishment and its defense contractors —will apply to the US-PRC cyber-arena.

China, of course, is an enthusiastic practitioner of every commercial, military, and diplomatic hack known to science and, it can be safely assumed, is developing its own suite of cyberweapons.
I expect Stuxnet also provides adequate inspiration and justification for the Chinese security and defense establishment to further formalize and professionalize its cyberwar operation and bloat its budget.

Chinese hacks against US targets have traditionally been attributed to freelancers indirectly steered by the Chinese government in order to preserve deniability, as I wrote for Asia Times in April 2012:

China is notorious for its interest in cyber-war as an asymmetric counter to the conventional military superiority of the United States ... and for its apparent willingness to farm out, encourage, or benefit from private hacker initiatives.

On 2010, Mara Hvistendahl wrote in Foreign Policy:

[T]he hacking scene in China probably looks more like a few intelligence officers overseeing a jumble of talented - and sometimes unruly - patriotic hackers. Since the 1990s, China has had an intelligence program targeting foreign technology, says James A Lewis, senior fellow for cyber-security and Internet policy at the Center for Strategic and International Studies. Beyond that, however, things get complicated. "The hacking scene can be chaotic," he says. "There are many actors, some directed by the government and others tolerated by it. These actors can include civilian agencies, companies, and individuals." [3]

Patriotic hackers in China are called "hong ke" or "red guest", a pun on the phonetic rendering "hei ke" or "black guest" for hacker.

Their patriotic cyber-duties included destroying the online presence of South Korean boy band Super Junior after an unruly and undignified crowd of Chinese fans clamored to hear the band at the Shanghai World Expo and embarrassed Chinese nationalists. [4]

They also weigh in on foreign issues of greater moment, mixing it up with their Japanese counterparts when Sino-Japanese passions are inflamed by visits to the Yasukuni Shrine or the collision between a Chinese fishing boat and Japanese coast guard vessel off Diaoyutai/Senkaku in 2010.

But their major utility to the Chinese government may be their ability to generate chaff - a barrage of cyber-attacks to distract and overwhelm US security specialists trying to cope with China's pervasive, professional program of industrial and military espionage - and give the People's Republic of China (PRC) government deniability when hacking is traced to a Chinese source.

Chinese industrial cyber-espionage has emerged as a dominant near-term security concern of the United States.

The Barack Obama administration went public with its case against China in November 2011, with a report on industrial espionage titled Foreign Economic Collection. It described China rather generously as a "Persistent Collector" given the PRC's implication in several high-profile industrial espionage cases and soft-pedaled the issue of official Chinese government involvement. The report stated:

US corporations and cyber-security specialists also have reported an onslaught of computer network intrusions originating from Internet Protocol (IP) addresses in China, which private sector specialists call "advanced persistent threats." Some of these reports have alleged a Chinese corporate or government sponsor of the activity, but the IC [intelligence community] has not been able to attribute many of these private sector data breaches to a state sponsor. Attribution is especially difficult when the event occurs weeks or months before the victims request IC or law enforcement help. [5]

A month later, in December 2011, US criticism of China became a lot more pointed. Business Week published an exhaustive report on Chinese cyber-espionage, clearly prepared with the cooperation of federal law enforcement authorities as it named and described several investigations:

The hackers are part of a massive espionage ring codenamed Byzantine Foothold by US investigators, according to a person familiar with efforts to track the group. They specialize in infiltrating networks using phishing e-mails laden with spyware, often passing on the task of exfiltrating data to others.

Segmented tasking among various groups and sophisticated support infrastructure are among the tactics intelligence officials have revealed to Congress to show the hacking is centrally coordinated, the person said. US investigators estimate Byzantine Foothold is made up of anywhere from several dozen hackers to more than one hundred, said the person, who declined to be identified because the matter is secret.
[6]

United States security boffin Richard Clarke had this to say about Chinese cyber-espionage in an interview with Smithsonian magazine:

"I'm about to say something that people think is an exaggeration, but I think the evidence is pretty strong," he tells me. "Every major company in the United States has already been penetrated by China."

"What?"

"The British government actually said [something similar] about their own country."

Clarke claims, for instance, that the manufacturer of the F-35, our next-generation fighter bomber, has been penetrated and F-35 details stolen. And don't get him started on our supply chain of chips, routers and hardware we import from Chinese and other foreign suppliers and what may be implanted in them-"logic bombs," trapdoors and "Trojan horses," all ready to be activated on command so we won't know what hit us. Or what's already hitting us.
[7]

Some big numbers are being thrown around to publicize the Chinese threat.

Business Week's report, while admitting the woolliness of its methodology, stated that losses to American companies from international cyber-espionage amounted to US$500 billion in a single year.

Scott Borg, director of a non-profit outfit called the US Cyber Consequences Unit told Business Week:

"We're talking about stealing entire industries ... This may be the biggest transfer of wealth in a short period of time that the world has ever seen."

Beyond these apocalyptic economic and military scenarios, we might also descend to the personal and political and point out that Google, a favorite target of Chinese cyber-attacks, is Obama's friend, indispensable ally, brain trust and source of personnel in the high-tech sector.

Connect the dots, and it is clear that the Obama administration, in its usual meticulous way, is escalating the rhetoric and preparing the public and the behind-the-scenes groundwork for major pushback against China in the cyber-arena.


When the New York Times (and Bloomberg and the Wall Street Journal) got hacked after printing embarrassing stories about the immense family wealth of Chinese leaders at the end of 2012, the dominant meme was still the “amateur hacker” as “nationalist vigilante” determined to avenge the affront to China’s dignity.

However, I was struck by the fact that the hackers explored the New York Times system primarily to identify sources for the offending articles.  

Perhaps the intruders simply wanted reveal the names in order to incite a “flesh engine search” so that the sources would face the rough justice administered by the PRC’s nationalistic netizens (though I haven’t heard that any source was exposed on the Chinese internet)…but to me it appears more plausible that somebody in the PRC security apparatus wanted to find out-- for internal use--who violated party discipline by leaking personal information on the families of top leaders from the files of the Organization Department.

It was also interesting to me that, according to the Times, most of the hacks occurred during business hours…Chinese time.  The implication being, the PRC is moving away from the freelance hacker model to employing salaried drones who punch the clock at 8:00 am and spend their day grinding down a punchlist of planned cyberintrusions.

The United States, of course, has not been standing idly by.

In a parallel to the alleged Chinese regime patronage of freelance hackers, the United States Department of Defense also has a history of recruiting black-hat hackers to provide the DoD with expertise or…whatever.

I profiled one of the first publicized freelance hacks of Chinese sites, by one “Hardcore Charlie” on the occasion of a blizzard of hacks by “Anonymous China” against several hundred sites, many of which, like the Taoyuan Land Reform Bureau’s, were low-level and presumably poorly secured.  

 “Hardcore Charlie”’s hack attracted some media attention because his hack of the China Electronics Import & Export Corp. website scored some puzzling and confidential if not particularly useful documents: shipping manifests for contractors trucking supplies to US bases in Afghanistan.

I don’t know of “Hardcore Charlie” hacked the website of the China Electronics Import and Export Corporation for lulz, from principled outrage, or because he thought or was told that he could avoid the prosecutorial hammer currently descending on associates in his hacker collective by executing a China hack at the behest of the US government.  

In any case, judging by his manifesto, Hardcore Charlie does not look like the model cyber-soldier:

Hola comradezz, Today us prezenta recently owneed chino military kontraktor CEIEC Us be shoked porque their shiiit was packed with goodiez cummin froma USA Military brigadezz in Afghanistan, them lulz hablando mucho puneta sam slit eyed dudz in Vietnam and Philiez doing bizness in Ukraine and Russia selling goodiez to Taliban terrorists.

 As the US and China professionalize its cyber forces—and expand their capabilities beyond espionage and low level harassment to inflicting real-world damage and casualties—freelancers like Hardcore Charlie, with his affection for anti-imperialist thrash metal, will be remembered as quaint artifacts of a simpler, more innocent bygone age when the devastation of a cyberattack was measured by the brilliance of the taunting gif deposited on the victim’s homepage.

The U.S. military has a strong bias toward formalizing and institutionalizing aggression in order to prevent uncontrolled and counterproductive actions by its own forces, allies, and proxies, and trying to get its antagonists to accept the same norms.  As will be seen below, the U.S. military has already had an unsuccessful go at trying to define the rules of cyber-engagement with the Chinese before Stuxnet blew the American argument out of the water.  

However, cyberwarfare is in a different class from other forms of unconventional warfare.

Because of the central feature of the Internet—its interconnectedness—it is extremely difficult to assure a high level of security and containment in the case of an attack and prevent unpredictable and extensive “collateral damage”...

…even if cyber attacks are executed by serious people in crisp military uniforms who have been trained to the highest level of readiness through cogent Powerpoint presentations and loyally obey crystal-clear orders transmitted down the chain of command from omniscient strategists and tacticians.

In fact, I might say that it was…irresponsible…for President Obama to get the world into the cyberwarfare business.

The US government has been frantically cleaning up the Stuxnet cybermess, as can be seen from this post from last year, with a new afterword.

Friday, October 12, 2012
 
America Freaked Out by the Cyberboogeyman It Unleashed


The theme of Secretary of Defense Panetta’s remarks at the Intrepid Air and Sea Museum on October 12 before the “Business Executives for National Security”, in the words of the BBC:


Actually, Mr. Panetta, the “cyber Pearl Harbor” has already happened. 

It was called Stuxnet, the virus designed and delivered by the governments of the United States and Israel to sabotage Iran’s nuclear program.

By unleashing Stuxnet—an act of cyberwar—a Rubicon was crossed.  Not my words, but the words of Michael Hayden, the ex-director of the CIA.

Now the United States is scrambling to deal with the consequences…and the Western media is by and large obligingly doing its best to help shove Stuxnet into the memory hole.

Panetta used his speech to push for more cybersecurity legislation by discussing cyberattacks on Aramco in Saudi Arabia and RasGas of Qatar using the “Shamoon” virus.  The attacks—which occurred and were reported in August 2012, a few months after Stuxnet—wiped data from tens thousands of management computers, replaced some files with a taunting image of a burning American flag, and reportedly rendered the computers useless.

I was amused to hear that Mr. Panetta carefully characterized these incidents as “the most destructive [cyber] attack that the private sector has seen to date.”

I assume he added the “private sector” qualifier to put the fear of cyber-God into the security-obsessed executives he was addressing (although applying the term “private sector” to Aramco, the state-owned Saudi Arabian oil behemoth and  RasGas, which is 70% owned by state-owned Qatar Petroleum is a bit of a stretch). 

But limiting the scope of discussion to “private sector” cyberattacks also excludes the much more significant, expensive, fiendishly complex, and destructive Stuxnet virus, which attacked and disabled a strategic Iranian government installation.

Stuxnet typifies the grave threat to physical infrastructure that Mr. Panetta got so worked up about much more vividly than an office computer data hack along the lines of Shamoon.

And Stuxnet escaped into the wild to infect computer systems around the world!  Collateral damage-wise, there apparently wasn't much for Stuxnet to do in a non-uranium centrifuge environment, but it did spread to 100,000 hosts in 155 (mostly US-friendly) countries. (There has recently been a good deal of techie back and forth as to whether Stuxnet's global romp was really an unplanned escape; presumably people are implying that the Israeli spooks inserted some kind of hunter-killer app that allowed the virus to search Iran and the globe for similar installations to degrade.)

Despite its obvious utility as an object lesson in the genuine, real world dangers of cyberweaponry, Stuxnet did not come up in Mr. Panetta’s remarks, or in much of the media coverage. 

Wonder why.

Instead, DoD backgrounders painted the Shamoon attacks as dastardly underhanded Iranian payback for (legal and public) sanctions regime, not as possible direct retaliation for a (secret and unilateral) cyberattack.

To its credit, the New York Times, which got the Stuxnet story from the Obama White House back in June, did mention the Stuxnet exploit in its coverage of Panetta’s speech.

In any case, the United States, having committed the first cyberattack, is trying to pull up the cyberdrawbridge in anticipation of retaliation.

One of more interesting elements of this exercise is the U.S. efforts to paint its actions as a response to Chinese and Iranian cyberthreats, instead of its own actions.  As indicated above, the Western media has been an obliging enabler, leading to some topsy-turvy reporting.

The Daily News titled the AP report on Panetta’s speech: 


Maybe a better title would be Anti-Iran Alliance Reaps Viral Retaliation for Stuxnet Sneak Attack.

As Secretary Panetta's speech demonstrates, touting the insidious cyberwar designs of our adversaries has too much efficacy as a national security hot button for the US government and the Western media to be squeamish about pushing it, no matter what we did with Stuxnet.  We're the good guys, after all!

That's certainly the case for China, which is a cyber-adversary of considerable notoriety, though (unlike the United States) it has apparently confined the bulk of its efforts to espionage rather than sabotage to date.

[In the excerpt reproduced below, I chew over the Stuxnet/cyberwarfare issue some more in an article I wrote for Asia Times on the recommendation to ban Huawei, the PRC’s leading telecommunications provider, from the US market on security grounds.]

Amid the ferocious Iran-bashing - and "by any means necessary" justifications for covert action against that country's nuclear program - that have become endemic in the West, the true significance of the Stuxnet exploit has been overlooked by many, at least in the West.

Stuxnet was the release of an important cyber-weapon - a virus that did not simply seek sensitive information or attempt to disrupt communication, but one that was reportedly rather effective in damaging a strategic Iranian facility by an act of sabotage.

It was an act of cyberwar.

As David Sanger, The New York Times' national-security adviser, wrote in his White House-sanctioned account:
"Previous cyberattacks had effects limited to other computers," Michael V Hayden, the former chief of the CIA, said, declining to describe what he knew of these attacks when he was in office. "This is the first attack of a major nature in which a cyberattack was used to effect physical destruction", rather than just slow another computer, or hack into it to steal data.

"Somebody crossed the Rubicon," he said.
[8]

In true US imperial style, Stuxnet was unleashed unilaterally and without a declaration of war, to satisfy some self-defined imperatives of US President Barack Obama's administration.

That's not a good precedent for other cyber-powers, including China, to rely on US restraint, or to restrain themselves.

The Obama administration's attempt to deal with the issue of its first use of cyber-warfare seems to go beyond hypocritical to the pathetic.

There are rather risible efforts to depict the Stuxnet worm - which caused the centrifuges to disintegrate at supersonic speeds - as little more than a prank, albeit a prank that might impale hapless Iranian technicians with aluminum shards traveling at several hundred kilometres per hour, rather than a massive exercise in industrial sabotage:

"The intent was that the failures should make them feel they were stupid, which is what happened," the participant in the attacks said. When a few centrifuges failed, the Iranians would close down whole "stands" that linked 164 machines, looking for signs of sabotage in all of them. "They overreacted," one official said. "We soon discovered they fired people."

According to Sanger, at least President Obama knew what he was getting into:

Mr Obama, according to participants in the many Situation Room meetings on Olympic Games [the codeword for the Stuxnet operation—PL], was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade. He repeatedly expressed concerns that any American acknowledgment that it was using cyber-weapons - even under the most careful and limited circumstances - could enable other countries, terrorists or hackers to justify their own attacks.

"We discussed the irony, more than once," one of his aides said. Another said that the administration was resistant to developing a "grand theory for a weapon whose possibilities they were still discovering". Yet Mr Obama concluded that when it came to stopping Iran, the United States had no other choice ...

Mr Obama has repeatedly told his aides that there are risks to using - and particularly to overusing - the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.

 But Obama did it anyway, in the service of a dubious foreign-policy objective - forcibly and unilaterally disabling Iran's (currently) non-military nuclear program - that was arguably an overreaction to Israel's blustering threat to attack Iran unilaterally, and an attempt to get himself some political breathing space from vociferously pro-Israeli interests in US politics.



[Before the revelation of US government involvement in the Stuxnet exploit] the Pentagon's cyberwar strategists did their best to frame the cyberwar issue as law-abiding America vs the unprincipled cyber-predators of the PRC.

With Sanger-assisted Stuxnet hindsight, this May report, with its wonderful title "US hopes China will recognize its cyber war rules", is, well, hypocritical and pathetic:

While no one has, with 100% certainty, pinned the Chinese government for cyber-attacks on US government and Western companies, in its 2012 report "Military and security developments involving the People's Republic of China", the US secretary of defense considers it likely that "Beijing is using cyber-network operations as a tool to collect strategic intelligence" ...

The report raises China's unwillingness to acknowledge the "Laws of Armed Conflict", which the Pentagon last year determined did apply to cyberspace ...

Robert Clark, operational attorney for the US Army Cyber Command, told Australian delegates at the AusCERT conference last week how the Laws of Armed Conflict in cyberspace might work internationally to determine when a country can claim self-defense and how they should measure a proportionate response.

One problem with it was highlighted by Iran, following the Stuxnet attack on its uranium-enrichment facility in Natanz, which never declared the incident a cyberattack.

Air Force Colonel Gary Brown, an attorney for US Cyber Command, in March this year detailed dozens of reasons why Iran, in the context of the Laws of Armed Conflicts in cyberspace, didn't declare it an attack. This included that difficulties remain in attributing such an attack to a single state. [10]

A few days later, Sanger's story confirmed that the Obama administration had indeed released Stuxnet, rendering moot the Pentagon's plans for a chivalric, rules-based cyberwar tournament, …

Heightened mutual suspicion - maybe we should call it endemic mistrust - is now a given in cyber-relations between the United States and its adversaries/competitors, for a lot of good reasons that don't necessarily have anything to do with Chinese misbehavior, but have more than a little to do with the US willingness to unleash a cyberattack on an exasperating enemy without setting clearly defined ground rules, and its need to pull up the cyber-drawbridge over the national digital moat to prevent retaliation.



Afterword:

Part of the inevitable blowback from the Stuxnet exploit was the acknowledgment that there was no longer any “no first use” deterrent to cyberattacks.

In a classic military-industrial complex response, a strategic mis-step is never a cause for reflection and correction, but is always a justification for more defense  spending.

A head-to-head conventional war with China isn’t likely, despite the overheated imagination displayed in the AirSea Battle scenario, and it is difficult to identify any satisfying proxy battlefield in meatspace where the PRC and the USA might be tempted to slug it out.

But cyberwarfare?...Bring it!

The Department of Defense has a “Cyber Command” which, it revealed to the Washington Post, is muscling up from 500 staff to 4000 “cyberwarriors”.

The Post interviewed William J. Lynn III, identified as one of the maestros of the DoD’s cyber strategy:

“Given the malicious actors that are out there and the development of the technology, in my mind, there’s little doubt that some adversary is going to attempt a significant cyber-attack on the United States at some point…The only question is whether we’re going to take the necessary steps like this one to deflect the impact of the attack in advance or… read about the steps we should have taken in some post-attack commission report.”

The DoD is keen to emphasize that its cyberwarriors will be primarily playing defense, understandable considering the vulnerabilities of America’s immense, dispersed, highly integrated and—and the case of the power grid, at least—rather decrepit national infrastructure.

But of course there will be “combat mission forces”:

The combat mission forces, one of the three divisions of Cyber Command will launch cyber-attacks alongside traditional military offensives.

This new class of cyber warrior would be responsible for penetrating the machines behind identified attack sources, installing spyware to monitor connections to those machines, and following the trail back to the desktop of the attacker. They would have to research and exploit vulnerabilities, craft malware, operate honey pots, and even engage in targeted Denial of Service attacks,” Richard Stiennon, chief research analyst at IT-Harvest, told GlobalPost.

Contra Dr. Stiennon’s assertions, I don’t think that the DoD really believes that the scope of Cyber Command combat missions will be limited to delectable honey pots and “even” targeted Denial of Service attacks.

Not when the cyberwar scenarios, according to Leon Panetta, include our enemies derailing trains, contaminating water supplies, or shutting down power grids.  We’re going to be able to do that, too.

It would appear to me that the DoD is trying to keep the cyberwar genie in the bottle—defining the US interest as degrading the enemy’s offensive cyberwar capabilities and drawing the line at industrial or military sabotage—but unfortunately President Obama already pulled the cork with Stuxnet.






1 comment:

Albert Hou said...

I really like your post, this is what i was looking forward to know.
your info was really very important for me and others to know too.
Keep sharing more.
Inverter manufacturer