HOME



Digby's Hullabaloo
2801 Ocean Park Blvd.
Box 157
Santa Monica, Ca 90405














Infomania

Buzzflash
Cursor
Raw Story
Salon
Slate
Prospect
New Republic
Common Dreams
AmericanPoliticsJournal
Smirking Chimp
Crisis Papers



MediA-Go-Go

BagNewsNotes
Crooks and Liars
CJR Daily
consortium news
Scoobie Davis




Blog-o-rama

Eschaton
Demosthenes
Political Animal
Driftglass
Firedoglake
oilprice.com
Taylor Marsh
Spocko's Brain
Talk Left
Suburban Guerrilla
Paperweight's Fair Shot
corrente
Pacific Views
Echidne
TAPPED
Talking Points Memo
pandagon
Daily Kos
MyDD
Electrolite
Americablog
Tom Tomorrow
Left Coaster
Angry Bear
Rooks Rant
The Poorman
Seeing the Forest
Cathie From Canada
Frontier River Guides
Brad DeLong
The Sideshow
Liberal Oasis
BartCop
Juan Cole
Mark Kleiman
Rising Hegemon
alicublog
Unqualified Offerings
Mad Kane
Blah3.com
Alas, A Blog
Fanatical Apathy
RogerAiles
Lean Left
Oliver Willis
Ruminate This
skippy the bush kangaroo
Slacktivist
uggabugga
Crooked Timber
discourse.net
Amygdala
the talking dog
David E's Fablog
Nitpicker
The Agonist


email address:
digbysez at gmail dot com
isnospoon at gmail dot com

01/01/2003 - 02/01/2003 02/01/2003 - 03/01/2003 03/01/2003 - 04/01/2003 04/01/2003 - 05/01/2003 05/01/2003 - 06/01/2003 06/01/2003 - 07/01/2003 07/01/2003 - 08/01/2003 08/01/2003 - 09/01/2003 09/01/2003 - 10/01/2003 10/01/2003 - 11/01/2003 11/01/2003 - 12/01/2003 12/01/2003 - 01/01/2004 01/01/2004 - 02/01/2004 02/01/2004 - 03/01/2004 03/01/2004 - 04/01/2004 04/01/2004 - 05/01/2004 05/01/2004 - 06/01/2004 06/01/2004 - 07/01/2004 07/01/2004 - 08/01/2004 08/01/2004 - 09/01/2004 09/01/2004 - 10/01/2004 10/01/2004 - 11/01/2004 11/01/2004 - 12/01/2004 12/01/2004 - 01/01/2005 01/01/2005 - 02/01/2005 02/01/2005 - 03/01/2005 03/01/2005 - 04/01/2005 04/01/2005 - 05/01/2005 05/01/2005 - 06/01/2005 06/01/2005 - 07/01/2005 07/01/2005 - 08/01/2005 08/01/2005 - 09/01/2005 09/01/2005 - 10/01/2005 10/01/2005 - 11/01/2005 11/01/2005 - 12/01/2005 12/01/2005 - 01/01/2006 01/01/2006 - 02/01/2006 02/01/2006 - 03/01/2006 03/01/2006 - 04/01/2006 04/01/2006 - 05/01/2006 05/01/2006 - 06/01/2006 06/01/2006 - 07/01/2006 07/01/2006 - 08/01/2006 08/01/2006 - 09/01/2006 09/01/2006 - 10/01/2006 10/01/2006 - 11/01/2006 11/01/2006 - 12/01/2006 12/01/2006 - 01/01/2007 01/01/2007 - 02/01/2007 02/01/2007 - 03/01/2007 03/01/2007 - 04/01/2007 04/01/2007 - 05/01/2007 05/01/2007 - 06/01/2007 06/01/2007 - 07/01/2007 07/01/2007 - 08/01/2007 08/01/2007 - 09/01/2007 09/01/2007 - 10/01/2007 10/01/2007 - 11/01/2007 11/01/2007 - 12/01/2007 12/01/2007 - 01/01/2008 01/01/2008 - 02/01/2008 02/01/2008 - 03/01/2008 03/01/2008 - 04/01/2008 04/01/2008 - 05/01/2008 05/01/2008 - 06/01/2008 06/01/2008 - 07/01/2008 07/01/2008 - 08/01/2008 08/01/2008 - 09/01/2008 09/01/2008 - 10/01/2008 10/01/2008 - 11/01/2008 11/01/2008 - 12/01/2008 12/01/2008 - 01/01/2009 01/01/2009 - 02/01/2009 02/01/2009 - 03/01/2009 03/01/2009 - 04/01/2009 04/01/2009 - 05/01/2009 05/01/2009 - 06/01/2009 06/01/2009 - 07/01/2009 07/01/2009 - 08/01/2009 08/01/2009 - 09/01/2009 09/01/2009 - 10/01/2009 10/01/2009 - 11/01/2009 11/01/2009 - 12/01/2009 12/01/2009 - 01/01/2010 01/01/2010 - 02/01/2010 02/01/2010 - 03/01/2010 03/01/2010 - 04/01/2010 04/01/2010 - 05/01/2010 05/01/2010 - 06/01/2010 06/01/2010 - 07/01/2010 07/01/2010 - 08/01/2010 08/01/2010 - 09/01/2010 09/01/2010 - 10/01/2010 10/01/2010 - 11/01/2010 11/01/2010 - 12/01/2010 12/01/2010 - 01/01/2011 01/01/2011 - 02/01/2011 02/01/2011 - 03/01/2011 03/01/2011 - 04/01/2011 04/01/2011 - 05/01/2011 05/01/2011 - 06/01/2011 06/01/2011 - 07/01/2011 07/01/2011 - 08/01/2011 08/01/2011 - 09/01/2011 09/01/2011 - 10/01/2011 10/01/2011 - 11/01/2011 11/01/2011 - 12/01/2011 12/01/2011 - 01/01/2012 01/01/2012 - 02/01/2012 02/01/2012 - 03/01/2012 03/01/2012 - 04/01/2012 04/01/2012 - 05/01/2012 05/01/2012 - 06/01/2012 06/01/2012 - 07/01/2012 07/01/2012 - 08/01/2012 08/01/2012 - 09/01/2012 09/01/2012 - 10/01/2012 10/01/2012 - 11/01/2012 11/01/2012 - 12/01/2012 12/01/2012 - 01/01/2013 01/01/2013 - 02/01/2013 02/01/2013 - 03/01/2013 03/01/2013 - 04/01/2013 04/01/2013 - 05/01/2013 05/01/2013 - 06/01/2013 06/01/2013 - 07/01/2013 07/01/2013 - 08/01/2013 08/01/2013 - 09/01/2013 09/01/2013 - 10/01/2013 10/01/2013 - 11/01/2013 11/01/2013 - 12/01/2013 12/01/2013 - 01/01/2014 01/01/2014 - 02/01/2014 02/01/2014 - 03/01/2014 03/01/2014 - 04/01/2014 04/01/2014 - 05/01/2014


 

This page is powered by Blogger. Isn't yours?

Hullabaloo


Thursday, June 13, 2013

 
The militarized internet

by digby

If twitter is any gauge, a lot of people think this article in Wired about General Keith Alexander is just all kinds of kewl:
General Keith Alexander, a man few even in Washington would likely recognize. Never before has anyone in America’s intelligence sphere come close to his degree of power, the number of people under his command, the expanse of his rule, the length of his reign, or the depth of his secrecy. A four-star Army general, his authority extends across three domains: He is director of the world’s largest intelligence service, the National Security Agency; chief of the Central Security Service; and commander of the US Cyber Command. As such, he has his own secret military, presiding over the Navy’s 10th Fleet, the 24th Air Force, and the Second Army.

Alexander runs the nation’s cyberwar efforts, an empire he has built over the past eight years by insisting that the US’s inherent vulnerability to digital attacks requires him to amass more and more authority over the data zipping around the globe. In his telling, the threat is so mind-bogglingly huge that the nation has little option but to eventually put the entire civilian Internet under his protection, requiring tweets and emails to pass through his filters, and putting the kill switch under the government’s forefinger. “What we see is an increasing level of activity on the networks,” he said at a recent security conference in Canada. “I am concerned that this is going to break a threshold where the private sector can no longer handle it and the government is going to have to step in.”

In its tightly controlled public relations, the NSA has focused attention on the threat of cyberattack against the US—the vulnerability of critical infrastructure like power plants and water systems, the susceptibility of the military’s command and control structure, the dependence of the economy on the Internet’s smooth functioning. Defense against these threats was the paramount mission trumpeted by NSA brass at congressional hearings and hashed over at security conferences.

But there is a flip side to this equation that is rarely mentioned: The military has for years been developing offensive capabilities, giving it the power not just to defend the US but to assail its foes. Using so-called cyber-kinetic attacks, Alexander and his forces now have the capability to physically destroy an adversary’s equipment and infrastructure, and potentially even to kill. Alexander—who declined to be interviewed for this article—has concluded that such cyberweapons are as crucial to 21st-century warfare as nuclear arms were in the 20th.

And he and his cyberwarriors have already launched their first attack. The cyberweapon that came to be known as Stuxnet was created and built by the NSA in partnership with the CIA and Israeli intelligence in the mid-2000s. The first known piece of malware designed to destroy physical equipment, Stuxnet was aimed at Iran’s nuclear facility in Natanz. By surreptitiously taking control of an industrial control link known as a Scada (Supervisory Control and Data Acquisition) system, the sophisticated worm was able to damage about a thousand centrifuges used to enrich nuclear material.

The success of this sabotage came to light only in June 2010, when the malware spread to outside computers. It was spotted by independent security researchers, who identified telltale signs that the worm was the work of thousands of hours of professional development. Despite headlines around the globe, officials in Washington have never openly acknowledged that the US was behind the attack. It wasn’t until 2012 that anonymous sources within the Obama administration took credit for it in interviews with The New York Times.

But Stuxnet is only the beginning. Alexander’s agency has recruited thousands of computer experts, hackers, and engineering PhDs to expand US offensive capabilities in the digital realm. The Pentagon has requested $4.7 billion for “cyberspace operations,” even as the budget of the CIA and other intelligence agencies could fall by $4.4 billion. It is pouring millions into cyberdefense contractors. And more attacks may be planned.
I don't suppose the American public have any business knowing if their government is launching such attacks. Why would we? What could possibly go wrong?
Inside the government, the general is regarded with a mixture of respect and fear, not unlike J. Edgar Hoover, another security figure whose tenure spanned multiple presidencies. “We jokingly referred to him as Emperor Alexander—with good cause, because whatever Keith wants, Keith gets,” says one former senior CIA official who agreed to speak on condition of anonymity. “We would sit back literally in awe of what he was able to get from Congress, from the White House, and at the expense of everybody else.”

Now 61, Alexander has said he plans to retire in 2014; when he does step down he will leave behind an enduring legacy—a position of far-reaching authority and potentially Strangelovian powers at a time when the distinction between cyberwarfare and conventional warfare is beginning to blur. A recent Pentagon report made that point in dramatic terms. It recommended possible deterrents to a cyberattack on the US. Among the options: launching nuclear weapons.
Like I said, what could possibly go wrong?

When the Guardian revealed this program the other day there was a spirited debate about whether this, unlike the other programs, was something we should welcome and expect. My problem with it wasn't that the government was creating plans to defend against attacks on US cyber-infrastructure or even war plans in case such a thing happened. What I found questionable was the idea that this was conceived as  21st Century offensive war planning, and and in ways that do not necessarily fall within the traditional "national security" boundaries.

When it comes to cyber issues, I'm afraid we are seeing a confluence of commerce and security that everyone should stop and think about for a minute. How are these people defining the "national interest" and on whose behalf are they planning to launch cyberwar? What are the consequences of doing such a thing and who decides that it must be done?

And what do we think about paying huge amounts of taxpayer dollars to contractors like this?
Defense contractors have been eager to prove that they understand Alexander’s worldview. “Our Raytheon cyberwarriors play offense and defense,” says one help-wanted site. Consulting and engineering firms such as Invertix and Parsons are among dozens posting online want ads for “computer network exploitation specialists.” And many other companies, some unidentified, are seeking computer and network attackers. “Firm is seeking computer network attack specialists for long-term government contract in King George County, VA,” one recent ad read. Another, from Sunera, a Tampa, Florida, company, said it was hunting for “attack and penetration consultants.”

One of the most secretive of these contractors is Endgame Systems, a startup backed by VCs including Kleiner Perkins Caufield & Byers, Bessemer Venture Partners, and Paladin Capital Group. Established in Atlanta in 2008, Endgame is transparently antitransparent. “We’ve been very careful not to have a public face on our company,” former vice president John M. Farrell wrote to a business associate in an email that appeared in a WikiLeaks dump. “We don’t ever want to see our name in a press release,” added founder Christopher Rouland. True to form, the company declined Wired’s interview requests.
[...]
Bonesaw also contains targeting data on US allies, and it is soon to be upgraded with a new version codenamed Velocity, according to C4ISR Journal. It will allow Endgame’s clients to observe in real time as hardware and software connected to the Internet around the world is added, removed, or changed. But such access doesn’t come cheap. One leaked report indicated that annual subscriptions could run as high as $2.5 million for 25 zero-day exploits.

The buying and using of such a subscription by nation-states could be seen as an act of war. “If you are engaged in reconnaissance on an adversary’s systems, you are laying the electronic battlefield and preparing to use it,” wrote Mike Jacobs, a former NSA director for information assurance, in a McAfee report on cyberwarfare. “In my opinion, these activities constitute acts of war, or at least a prelude to future acts of war.” The question is, who else is on the secretive company’s client list? Because there is as of yet no oversight or regulation of the cyberweapons trade, companies in the cyber-industrial complex are free to sell to whomever they wish. “It should be illegal,” says the former senior intelligence official involved in cyber­warfare. “I knew about Endgame when I was in intelligence. The intelligence community didn’t like it, but they’re the largest consumer of that business.”
There are some serious implications to all of this that need to be hashed out by the American people. Of course we need to have defenses against cyber attacks. I don't think anyone in the country thinks otherwise. But this looks like it could be a monumental financial boondoggle that is in great danger of running amok and causing some very serious problems. Frankly, this scares me much more than the threat that some would-be is going to get a hold of some beauty supplies and blow himself up.

Islamic terrorism is not and never has been an existential threat. This, I'm not so sure about. We should at least have a little chat about it before we let Cyber Buck Turgidson and his friends run wild.

.





Search Digby!