The Secret History of Cyber War

Uploaded on 2016-06-25 in NEWS-Cybersecurity News, FREE TO VIEW

Whilst it complains of the level and persistence of foreign cyber attacks against business and government agencies, the fact is, the US started it.

 At least, tat's one of the central thrusts of Fred Kaplan's "Dark Territory: The Secret History of Cyber War." Because it pioneered computing, the U.S. intelligence agencies enjoyed decades of dominance over rivals, and even learned how to remotely wreak havoc on, say, the Iranian nuclear program. But because nearly everything in our country is networked, we're uniquely vulnerable now that the rest of the world has caught up.

"If America, or US Cyber Command, wanted to wage cyber war," Kaplan writes, "it would do so from inside a glass house."

You heard echoes of breaking glass when federal prosecutors in Pittsburgh indicted five members of People's Liberation Army Unit 61398 for stealing secrets from Alcoa, US Steel and Westinghouse Electric. Also when North Korea, presumably, hacked and humiliated Sony. And did you know that Iran remotely ruined 20,000 computers owned by Las Vegas Sands Corp.?

The line between old-school espionage and cyber-sabotage blurred gradually over the past quarter century, Kaplan tells us, starting with 1991's Operation Desert Storm, in which American intelligence hacked into Iraq's air defense system.

Six years later, the Pentagon's J-39 unit was able to remotely switch off Serbia's government-controlled TV stations at key moments, hack Slobodan Milosevic's radar systems and relentlessly prank call his top aides.

And during the past decade, we sent Iraqi insurgents emails that seemed to be from trusted friends, much like the phishing messages we delete every day. But whereas our fake friends who are stranded in the Philippines just want our money, our emails to the jihadis told them to rendezvous with each other - and when they did, we killed them.

By 1998, though, hackers were penetrating the network at Andrews Air Force Base. Those intrusions were traced to high school students in California. But later analysis of other cyberespionage attacks showed that the malicious code was initially typed on Cyrillic keyboards, suggesting that Russia was in the game.

That's when, according to "Dark Territory," the National Security Agency came to the conclusion that the best defense was a good offense. When Pittsburgh native Michael Hayden led the NSA from 1999 to 2005, its guiding philosophy, according to Kaplan, was that "the best way to defend a network was to learn an adversary's plans for attack - which required getting inside his network."

The ultimate intrusion was the well-reported Operation Olympic Games, in which the US planted a 650,000-line hunk of malware, later dubbed Stuxnet, into the computers controlling the Iranian nuclear reactor at Natanz. The clever code shattered thousands of centrifuges and added years of headaches to the Iranian bid for weapons-grade uranium.

As the first cyber-operation to disrupt real-world infrastructure, Olympic Games was the information-age equivalent of the Hiroshima bombing, Kaplan argues. The difference: Nuclear weapons haven't been used since 1945.

By contrast, the Iranians have hacked American interests in Saudi Arabia. The North Koreans have launched denial-of-service attacks against South Korea and Wall Street. The Russians shut down the online infrastructure of West-leaning Estonia and Georgia. The Chinese, apparently, snatched the personal information of 21.5 million Americans who have applied for security clearances.

Kaplan, a Slate columnist and veteran of The Boston Globe, is deeply sourced. Luckily, he's not slavishly loyal to his sources: He deals dispassionately with the struggle, before and after Edward Snowden, to balance anti-terror measures and personal privacy.

The fun stuff? Details of meetings between top intelligence officials and hackers with nicknames like Mudge and Space Rogue. The dull stuff? Play-by-play accounts of federal task forces. The takeaway? "Anything we're doing to them," writes Kaplan, "they can do to us."

Ein News

« US National Cybersecurity Plan Costs $19b
NATO Tools Up For Cybewar »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

DynaRisk

DynaRisk

DynaRisk helps companies protect their staff, clients and supply chain from cyber threats by enabling people to take action for themselves.

Cancom

Cancom

CANCOM group is one of the leading providers of IT infrastructure and IT services in Germany and Austria. Solution areas include network security.

IronNet Cybersecurity

IronNet Cybersecurity

IronNet’s product and services provide enterprise-wide security management and visibility of your network, users and assets.

CyberMDX

CyberMDX

CyberMDX delivers proactive security built for hospital devices. 360° visibility, insight, and protection for all connected hospital technologies.

Critical Start

Critical Start

Critical Start provides Managed Detection and Response services, endpoint security, threat intelligence, penetration testing, risk assessments, and incident response.

Red River

Red River

Red River is a technology transformation company, bringing 25 years of experience and mission-critical expertise in analytics, cloud, collaboration, mobility, networking and security solutions.

RealCISO

RealCISO

RealCISO is a CISO grade cloud platform to help companies understand, manage, and mitigate their cyber risk.

NetBlocks

NetBlocks

NetBlocks is a global internet monitor working at the intersection of digital rights, cyber-security and internet governance.

CERT.JE

CERT.JE

CERT.JE is responsible for promoting and improving the cyber resilience across the critical national infrastructure, business communities and citizens in Jersey.

Cyber Security Partners (CSP)

Cyber Security Partners (CSP)

Cyber Security Partners specialise in the provision of Cyber Security Consultancy, Data Protection and Certification and Compliance services.

White Tuque

White Tuque

A new way to protect your organization. White Tuque is your partner in identifying threats, understanding your risk, and ensuring your business remains resilient.

NetCentrics

NetCentrics

NetCentrics leverages an innovative, agile, ‘what’s-next’ approach to our customers’ IT and cyber challenges.

SECQAI

SECQAI

At SECQAI we create dual-use hardware and software to enable the future of computing.

CR Group

CR Group

CR Group is a Swedish-owned, cyber-security company oriented towards the European market. We offer solutions for vital societal functions that are both easy-to-buy and easy-to-use.