Color me skeptical about the Sunday Times report that Edward Snowden’s archive got cracked. Not saying it couldn’t happen despite 256 bit encryption, accidents do happen, but the story as presented reeks of psyops bullshit unloaded by the NSA-GCHQ team with the help of obliging media in the UK.
What I think is happening is that the United States is upping its game…in public cyberattribution.
Honestly parsing and presenting a cyberattribution dossier is a thankless job. Remember how the Obama administration looked foolish on the Sony hack?
Sure you don’t. That was so…four months ago.
Here’s what I wrote back then on the occasion of the rollout of the US government’s Cyber Threats Intelligence Integration Center:
According to AP (actually, according to AP’s Ken Dilanian, the notoriously obliging amanuensis to the US security establishment ):White House cybersecurity coordinator Michael Daniel has concluded that cyberintelligence at the moment is bedeviled by the same shortcomings that afflicted terrorism intelligence before 9/11 — bureaucracy, competing interests, and no streamlined way to combine analysis from various agencies, the official said.
The hack on Sony's movie subsidiary, for example, resulted in a variety of different analytical papers from various agencies. Each one pointed to North Korea, but with varying degrees of confidence.
…As I argued in various venues recently with reference to the Sony hack, for purposes of semiotics (clear messaging, positioning, blame avoidance, and signaling of US government intentions) if not forensics (proving whodunit), painting a convincing, action-worthy cyberbullseye on the back of some foreign enemy is a major challenge for governments these days.When some high-profile outrage like Sony occurs, the US government has to make a prompt show of control, capability, and resolve. Letting a bunch of data nerds chew over the data for a few weeks and spit up an equivocal conclusion like “It looks like the same guys who did this did that, and maybe the guys who did that were…” doesn’t quite fill the bill.Which is pretty much what happened on Sony. Various private sector and government actors all stuck their oar in, contradictory opinions emerged, messaging was all over the map.… By establishing a central clearing house for relevant information, the US government is on the right side of the information symmetry equation. “You say you think this, but you don’t know this, this, and this, or the stuff we can’t tell you because it’s classified above your clearance.”And even if the real takeaway from the investigatory process still is “It looks like the same guys who did this did that, and maybe the guys who did that were…” it comes out as “The Cyber Threats Intelligence Integration Center has attributed this cyberattack to North Korea with a high degree of confidence. By Executive Order, the President has already commanded CyberCommand to make a proportional response.”You get the picture.So I expect jobs one and two and three for CTIIC will be to generate persuasive dossiers for backgrounding, leaking, whatever on the PRC, North Korea, and the Russian Federation, to be deployed when some mysterious alchemy of evidence, circumstance, and strategy dictate that one of them has to get tagged as The Bad Guy for some cyberoutrage.
Fast-forward, to employ a quaint VHS-era term, to June 5. Ellen Nakashima lays out the administration position on the OPM hack in a Washington Post article remarkable for its completely categorical no-two-ways-about-it statement that “China” had dunnit:
China is building massive databases of Americans’ personal information by hacking government agencies and U.S. health-care companies, using a high-tech tactic to achieve an age-old goal of espionage: recruiting spies or gaining more information on an adversary, U.S. officials and analysts say.
Groups of hackers working for the Chinese government have compromised the networks of the Office of Personnel Management…
[caption]China hacked into the federal government’s network, compromising four million current and former employees' information. The Post's Ellen Nakashima talks about what kind of national security risk this poses and why China wants this information. (Alice Li/The Washington Post)…U.S. officials privately said China was behind it.…“This is an intelligence operation designed to help the Chinese government,” the China expert said.
Emphasis added, natch.
Either the US has spectacularly upped its forensics game
since Michael Daniel’s rueful reflections in February or (my theory)…
The great minds were sitting around a table in Washington
and concluded:
“We can’t prove this was a Chinese hack, but let’s turn this
around. Nobody can disprove this was a
Chinese hack, so nobody can prove us wrong when if we declare without
qualification it was a Chinese
hack. So let’s just go for it.”
Parenthetically, I might point out that one problem I see
is, If with categorically and openly identifying the PRC as source of the hack
is that we should immediately and openly retaliate at a commensurate level. Otherwise, where’s our national credibility
& deterrence? Still waiting for the
shoe to drop on that one.
The tip-off for me that the WaPo was carrying Obama
administration water with this totally backgrounded mostly anonymous scoop was
this:
The big-data approach being taken by the Chinese might seem to mirror techniques used abroad by the NSA, which has come under scrutiny for its data-gathering practices under executive authority. But in China, the authorities do not tolerate public debate over the proper limits of large-scale spying in the digital age.
The piece was written June 5, three days after the Obama
administration had put the Snowden unpleasantness behind it and totally
regained the moral high ground, in its own mind if nobody else’s, by replacing
the Patriot Act with the USA Freedom Act a.k.a. "Uniting
and Strengthening America by Fulfilling Rights and Ending
Eavesdropping, Dragnet-collection and Online Monitoring
Act."
Now, with the legalities of the US cyberprograms
re-established, it was time to stop playing defense and go on offense against
those public-debate-intolerant Chinese!
And that means relaunching the China cyberoutlaw product! With the story of a hack that had, if I
understand Nakashima’s account correctly, had occurred in December 2014!
Again, it is perhaps little remembered except by me that a
key US objective for the Xi Jinping—Barack Obama summit in Sunnylands in June
2013 was to cap an eighteen month public opinion campaign against PRC
cyberoffenses with a personal rebuke by President Obama and the presentation of
an embarrassing dossier to Xi Jinping.
If, as I did, one googled “Xi Jinping cyberwarfare” on June
3, 2013, the first four pages of results included hits like these, indicating
that the Western press was energetically singing from the same cyberwar hymnal:
China Doesn't Care if Its 'Digitalized' Military Cyberwar Drill Scares You
Atlanticwire
China Is Winning the Cyber War Because They Hacked U.S. Plans for Real War
Atlanticwire
Krauthammer to Obama: Launch cyber war on China
Fox News
China Is Our Number One National Security Threat
International Business Journal
House Intelligence Chairman: US “Losing” Cyber-War
Wall Street Journal
US Says China Is Stepping Up Cyber War
Financial Times
U.S. China Cyberbattle Intensifies
Politico
Just a reminder; these headlines are from June 2013, not
June 2015.
In this case, the China Matters serendipity engine was
firing on all cylinders; three days later the Washington Post and Guardian
newspapers published their first revelations from Edward Snowden, fundamentally
skewing the frame of the Chinese cyberwarfare story.
I’ve always wondered if the timing of Snowden’s revelations
had something to do with the hypocrisy of the world’s biggest cybersnoop trying
to stick that label on the PRC.
Anyway, the Obama administration has had two years to lick
its wounds, do damage control, and reboot the program.
And guess what! Xi
Jinping’s coming to the United States again in September! This time we’ll be ready for him fer sure! Snowden discredited! NSA on top! PRC in doghouse!
I must state here that I believe that PRC cyberespionage
program is massive, government-backed, full spectrum, and actively exploring
offensive capabilities. But I also think
that the US tactics are destabilizing and escalatory & have more to do with
maintaining the US cyberadvantage as part of the burgeoning and profitable
China-threat milsec business than they do with diminishing the threat to the
American people from PRC cybermisbehavior.
And I take the current spate of news stories as part of an
effort to get us used to perpetual cyberwar, just as we were bombarded with
stories about malevolent Muslims in the last decade to reconcile us the the
Global War on Terror, the erosion of civil liberties, and expensive and
perpetual conflicts.
At this time, a trip down memory lane is warranted for
people who have forgotten how the Obama administration methodically rolled out PRC
Cyberthreat v. 1.0, the buggy pre-Snowden product, and are perhaps not
connecting the dots on the rollout of PRC Cyberthreat v. 2.0, Now Bigger and
Scarier! and how this might be a factor in the headlines blaring out of their
newspapers & TVs & tablets.
Below the fold, for the sake of posterity, a lengthy recap on the first abortive US
salvo in the China cyberthreat propaganda war.
