The dangerous new cold war in cyberspace

When President Barack Obama was pondering what to do about Russian interference in the 2016 elections, his intelligence chiefs, according to New York Times reporter David Sanger,  considered the following possibilities for retaliation:

  • Reveal the secret tax haven accounts of Vladimir Putin and his oligarch friends.
  • Shut show the servers of Guccifer 2.0, DCLeaks and WikiLeaks, the web sites that disseminated confidential Democratic National Committee e-mails
  • Attack the computer systems of the GRU, the Russian military intelligence system.
  • Cut off the Russian banking system’s connection with SWIFT, the international clearinghouse for banking transactions.

Those are the kinds of things that are now possible.

None of these options were acted upon or even brought officially to the President’s notice.  The reason is that American computer systems would be virtually defenseless against retaliation.

It would be a new form of mutually assured destruction, less lethal than nuclear weapons, but still capable of destroying an industrial society’s ability to function.

For that reason President Obama chose to use economic and diplomatic sanctions instead.

Sanger in his new book, THE PERFECT WEAPON: War, Sabotage and Fear in the Cyber Age, described this new ongoing cold war and arms race in cyber weapons.

Nations are developing the capability to use the Internet to shut down each others’ electric power grids, financial institutions and other vital public services, as well as engage in espionage and political subversion.

Each country’s cyberwar aims are somewhat different, Sanger wrote.   Russia uses the Internet to spread propaganda and disinformation, but it also has “embeds” in the U.S. electrical grids and voter registration systems.

China’s interest is in electronic espionage to acquire U.S. intellectual property and trade secrets for its high tech industry.  North Korea and Iran just retaliate against U.S. economic sanctions.

He reported that the United States Cyber Command has the most powerful offensive cyber weapons, yet the United States is vulnerable to cyber retaliation from even as backward a country as North Korea.

One way to defend against this would be to strengthen defenses, by encouraging all American institutions to protect their data by means of secure cryptography.

Sanger reported that the FBI, CIA and NSA are reluctant to do this because they want access to private computer and communications systems themselves.

Cyber surveillance is, as he said, a powerful means to track spies, terrorists and criminals and, I would add, dissidents and protesters.

So we Americans are more vulnerable than we know to cyber attacks, and our government isn’t telling us about our vulnerability.

∞∞∞

The first major act of cyberwarfare, according to Sanger, was the unleashing of the Stuxnet virus against Iran’s nuclear development program in 2010.

The attack, according to Sanger, was planned by the National Security Agency and Israel’s Unit 8300 military cyber unit in order to appease Israel’s Prime Minister Benjamin Netanyahu, so that he would not order a bombing attack on Iran.

The operation, called Olympic Games, took out about 1,000 of Iran’s 6,000 or so centrifuges, and caused the Iranians to shut down many more out of fear, he wrote.

But a year later, Iran had 18,000 centrifuges in operation.  At best, its nuclear development program was delayed for a year, not stopped permanently.

The Iranians might never have been completely sure what hit them, except the the Stuxnet virus spread beyond Iran into industrial computer systems all over the world.  Computer scientists analyzed the virus and figured out its purpose.

He said the United States developed another plan, called Nitro Zeus, a cyber attack that, in case of war, would shut down all of Iran’s electrical and electronic systems.

 The significance, Sanger pointed out, was that it set a precedent, like the dropping of the atomic bomb on Hiroshima.

Iran responded to Student with distributed denial of service attacks on four dozen U.S. banks, including JP Morgan Chase, Bank of America and the New York Stock Exchange.   All of them quickly restored service, and none of them revealed that they had been attacked.

Meanwhile a mysterious organization called Shadow Brokers—which may or may not be connected to Russian intelligence—obtained NSA hacking codes and made them publicly available.

North Korea used one of the codes to release the WannaCry virus in 2016.  WannaCry exploited vulnerabilities in an old version of Microsoft Windows and spread all over the Internet, affecting businesses, government agencies and hospitals.  It would have crashed the British health system if an individual British hacker hadn’t stumbled on a command that shut the virus down.

Russian operatives unleashed the NotPetya virus on Ukraine in 2017.  It affected government agencies, mom-and-pop businesses that use credit cards, radio and TV broadcasters and the radiation monitors at the former nuclear power plant at Chernobyl.

It resembled the WannaCry virus, but with no shutdown code, Sanger wrote.  It, too, spread across the world.

We the public don’t know the full story.  We don’t know what the United States may be doing to harm enemies and rivals.  Sanger suspects U.S. cyber warriors are behind the failure of the North Korean missile program, but this has been questioned.

Some of Sanger’s other reporting also has been questioned.  He is a reporter who depends for his information on research into the public and access to top officials.  As he himself notes, his methods may not reveal the whole story.

This is an observation, not a criticism.   No individual can be certain of knowing the whole story.

∞∞∞

Sanger said the world is now at the same stage with cyber weapons that it was with nuclear weapons in the 1940s and 1950s, when full-scale nuclear war was a real possibility.

Since then nuclear-armed governments have agreed to limit the numbers of nuclear weapons and assure each other they are not in danger of being attacked.  Something similar is needed with cyber weapons, Sanger said.

There is no possibility of Russia, China, Iran, North Korea or other countries either giving up cyber weapons or limiting their use, unless there is some assurance that the United States will do the same.

I go further than that.  There is no possibility that these countries will give up cyber weapons unless the U.S. agrees to give up “regime change”.

Cyber weapons level the playing field for countries that fell threatened by the United States.

The U.S. is overwhelmingly superior in its power to impose economic sanctions, subsidize foreign fighters and (except for Russia and China) conduct bombing campaigns.

No sane leader will give up a means of retaliation so long as the leader’s country has reason to fear attack.

LINKS

The age of cyberwar is here | Now citizens need to have a say by David Sanger for The Guardian.  An excerpt from the book.

A book review of Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power by David Sanger (2012)

Tags: , , ,

3 Responses to “The dangerous new cold war in cyberspace”

  1. Steve Herzfeld Says:

    great article. you put together a bunch of information that i’ve read before into 1 place. people have no idea how dependent we are on computers and how vulnerable they are.

    Like

  2. Steve Herzfeld Says:

    good point. you did a great job of pulling a ton of important facts from his book.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: