Page 3 of
3 US digs in for cyber warfare
By Peter
Lee
But Obama did it anyway, in the service
of a dubious foreign-policy objective - forcibly
and unilaterally disabling Iran's (currently)
non-military nuclear program - that was arguably
an overreaction to Israel's blustering threat to
attack Iran unilaterally, and an attempt to get
himself some political breathing space from
vociferously pro-Israeli interests in US politics.
And of course there were problems.
Stuxnet made a mockery of its reputation
as a "surgical strike" magic bullet that would
destroy Iran's centrifuges but otherwise do no
harm. It escaped into the wild - something that
Obama's team likes to blame on the Israelis, but
an evasion of culpability that would probably not
hold up in a court of law - and infected
computer
systems around the world.
Presumably,
Chinese intelligence services did not have to wait
for Stuxnet to arrive in China; they were probably
invited to help out with the forensics by the
Iranian government, and probably have a very nice
idea of how it works, and creative ideas about how
it could be modified to target other systems.
The Stuxnet background provides an
interesting context to the immense ballyhoo about
Chinese cyber-espionage and cyber-warfare threats,
of which the House Intelligence Committee report
is only one instance.
What better way to
distract attention from one's own first use of
cyber-weapons than to raise the alarm about what
the bad guys might do instead?
One of the
sweetest fruits of this exercise in misdirection
is an April (pre-Sanger expose) National Public
Radio report on what it identified as the real
cyber-threat in the Middle East: Iran.
The big fear in the US is that a
cyberattacker could penetrate a computer system
that controls a critical asset like the power
grid and shut it down. Such an effort is
probably beyond the capability of Iranian actors
right now, according to cyber-security experts.
But a less ambitious approach would be to hack
into the US banking systems and modify the
financial data. [Dmitri] Alperovitch, whose new
company CrowdStrike focuses on cyber-threats
from nation-states, says such an attack is well
within Iran's current capability.
"If
you can get into those systems and modify those
records, you can cause dramatic havoc that can
be very long-lasting," he says.
The
possibility that Israel's traditional bugbear,
Hezbollah, could be prevailed upon to deliver the
fatal code on Iran's behalf is discussed in
detail. [9]
The Pentagon's cyberwar
strategists did their best to frame the cyberwar
issue as law-abiding America vs the unprincipled
cyber-predators of the PRC.
With
Sanger-assisted Stuxnet hindsight, this May
report, with its wonderful title "US hopes China
will recognize its cyber war rules", is, well,
hypocritical and pathetic:
While no one has, with 100%
certainty, pinned the Chinese government for
cyber-attacks on US government and Western
companies, in its 2012 report "Military and
security developments involving the People's
Republic of China", the US secretary of defense
considers it likely that "Beijing is using
cyber-network operations as a tool to collect
strategic intelligence" ...
The report
raises China's unwillingness to acknowledge the
"Laws of Armed Conflict", which the Pentagon
last year determined did apply to cyberspace ...
Robert Clark, operational attorney for
the US Army Cyber Command, told Australian
delegates at the AusCERT conference last week
how the Laws of Armed Conflict in cyberspace
might work internationally to determine when a
country can claim self-defense and how they
should measure a proportionate response.
One problem with it was highlighted by
Iran, following the Stuxnet attack on its
uranium-enrichment facility in Natanz, which
never declared the incident a cyberattack.
Air Force Colonel Gary Brown, an
attorney for US Cyber Command, in March this
year detailed dozens of reasons why Iran, in the
context of the Laws of Armed Conflicts in
cyberspace, didn't declare it an attack. This
included that difficulties remain in attributing
such an attack to a single state.
[10]
A few days later, Sanger's story
confirmed that the Obama administration had indeed
released Stuxnet, rendering moot the Pentagon's
plans for a chivalric, rules-based cyberwar
tournament, with the US occupying the moral high
ground.
Heightened mutual suspicion -
maybe we should call it endemic mistrust - is now
a given in cyber-relations between the United
States and its adversaries/competitors, for a lot
of good reasons that don't necessarily have
anything to do with Chinese misbehavior, but have
more than a little to do with the US willingness
to unleash a cyberattack on an exasperating enemy
without setting clearly defined ground rules, and
its need to pull up the cyber-drawbridge over the
national digital moat to prevent retaliation.
Suspicion of other people's cyber-motives
has become a self-fulfilling prophecy, and anxious
allies are expressing their cyber-solidarity by
banding together against the external threat.
In the midst of important national debates
on Chinese investment, Canadian and Australian
intelligence services, probably prompted by their
opposite numbers in the United States, both issued
damning reports on Chinese cyber-threats.
The Australian government has banned
Huawei and ZTE from participation in its massive
National Broadband Network project. In Canada,
cyber-spying is cited as a justification for
limiting investment by Chinese state-owned
enterprises (such as CNOOC) in any strategic
Canadian businesses.
On the other side of
the fence, Iran, in a decision that was widely
mocked in the United States, is developing a more
secure national intranet - with equipment
allegedly provided by Huawei.
Of course,
in the up-is-down rhetoric that drives US Internet
policy, Iran's attempts to shield itself from
foreign threats is itself a threat:
"Any attempt by a country to make an
intranet is doomed to failure," Cedric Leighton,
a retired deputy director at the National
Security Agency, said in an interview. But he
said Iran's "cyber-army", a network of
government-supported hackers that has attacked
Western targets in recent years, does stand to
gain from the attempted creation of a national
network. By connecting thousands of servers
inside Iran, the government would "build on
their knowledge of networks and how they
operate", he said, increasing their capabilities
to both launch and repel cyberattacks.
[11]
By the way, the largest intranet
in the world is the unclassified chunk of the US
military's data network, known as NIPRNET, a fact
that perhaps escaped Leighton. SIPRNet, the
classified part of the US military network, with
4.2 million users, is also doing OK, though it was
the source for the WikiLeaks CD.
As The
Economist put it, the Internet is becoming
balkanized. [12]
And as Winston Churchill
might have put it, a digital curtain is descending
across the Middle East, Asia, and virtually every
significant national border. This phenomenon is a
direct expression of the insecurity of governments
as they attempt to limit the vulnerabilities that
encrypted connectivity reveal to their internal
and external enemies, and as they deal with the
consequences of their own efforts to exploit and
compromise the Internet.
It is easy for
governments to blame others, but they might as
well blame themselves.
Head
Office: Unit B, 16/F, Li Dong Building, No. 9 Li Yuen Street East,
Central, Hong Kong Thailand Bureau:
11/13 Petchkasem Road, Hua Hin, Prachuab Kirikhan, Thailand 77110
