Dark Territory: The Secret History of Cyber War

“If history were taught in the form of stories, it would never be forgotten,” Rudyard Kipling said. “Dark Territory” takes this approach in trying to tell what it calls in its subtitle “The Secret History of Cyber War.”

A Pulitzer Prize winner in journalism and now a columnist for Slate, Fred Kaplan has written a number of highly regarded books on national security.

“Dark Territory” builds on this trifecta, taking the reader into the world of the new security topic du jour, cyberwar. The title comes from the former secretary of defense Robert Gates, who said that when it comes to the questions of conflict in the digital age, “we’re wandering in dark territory.” There is widespread uncertainty not just about how a cyberwar should be fought, but also over the fundamentals of who should fight it and even whether it is a war or not.

Kaplan follows Kipling’s advice, gathering the stories of American government leaders who played key roles in the development of cybersecurity policy. They range from White House officials and former directors of the National Security Agency to lesser-known figures like Willis Ware. An engineer turned policy adviser, Ware wrote the first paper warning of the problems of cybersecurity, in 1967, before Arpanet, the progenitor of the Internet, had even been created.

Kaplan had access to several of these people, and so the book is peppered with many fascinating behind-the-scenes ­anecdotes. For example, it opens with the story of Ronald Reagan watching the 1983 Matthew Broderick hacker movie “WarGames,” which led him to ask for the first national security policy directive on information systems security. At their best, these stories ultimately come together, often in surprising ways. The writers of the very same movie that so troubled Reagan turn out to have been advised by Ware, some 15 years after his first warnings.

There are, however, two problems with this history-by-story approach. The first is that the anecdotes and characters often come and go too fast. Many last a mere paragraph or two, never to be brought back. The same flaw weakens the overall book, which lacks summation or closure.

This is unfortunate, as several recurring themes are there to be pulled out. This 2016 election campaign has already seen much debate over monitoring the communications not only of potential bad guys but also of a far greater number of American citizens innocent of any wrongdoing. “Dark Territory” shows that this tension dates back decades, and that the government has consistently leaned toward more monitoring and data collection.

The point is an important one, especially since Kaplan also convincingly shows that whatever we are able to do to others, they will most likely find a way to do to us. Decades after Ware warned that the only completely secure computer is one nobody can use, the United States developed the Stuxnet computer virus, which was able to leap across most known ­defenses to sabotage Iranian nuclear research.

This, however, inspired Iran to create Shamoon, a computer virus it used in an attack that wiped out the hard drives in over 30,000 computers at the Saudi ­Aramco company. A foe like Iran can be hit in new ways, but also should be expected to develop the digital means to hit back.

The worry is that unlike in the Cold War, there is no mutuality; the United States is more dependent on the Internet than its adversaries. “If America, or US Cyber Command, wanted to wage cyber war,” Kaplan writes, “it would do so from inside a glass house.” To put it another way, the stories in “Dark Territory” detail how much attention has been focused on building new kinds of cyber-offenses and not enough on the means to ward off attacks. Too few in a position to influence policy seem to be asking if this may be the equivalent of trying to protect that glass house with a stone-sharpening kit.

Which leads to the second problem: selection bias. Kipling’s lesson on the value of history told through stories depends on a crucial aspect; the stories chosen have to be interesting, important and reflective. Though “Dark Territory” is presented as a “secret history,” it is really a collection of the not-so-secret, often less-than-exciting accounts, of mid- and executive-level ­insiders, mostly at the National Security Agency, who debated and formulated cybersecurity policy.

That’s not necessarily a bad thing. But it means Kaplan’s narrative by story is far from complete, and too often not memorable. “Dark Territory” is a book more about the briefings, commission reports and meetings of study groups than it is about actual operations. For instance, you get the inside story of how various policy directives did or didn’t make their way to the White House. That 22 NSA officers were killed in Iraq and Afghanistan, though, is mentioned merely in an aside. Similarly, the Snowden affair is told essentially from the vantage point of the review panel President Obama delegated to write a report on it, after the fact. Who Snowden was, how and why he did what he did, the operations he revealed and the repercussions all get about as much coverage as how the five members of the temporary commission decided where to locate their office.

This selection also shapes the questions that aren’t asked. Kaplan tells us that a small group of policy makers became consumed by the fear that “a handful of technical savants, from just down the street or the other side of the globe, could devastate the nation.” Exciting stuff, except that is the conclusion of a working group in 1995. What neither the insiders nor ­Kaplan himself seems willing to wrestle with is why this fear of a “cyber Pearl Harbor,” which drives almost all of the book, not to mention billions in spending in the real world, never actually happened over the ensuing two decades.

What did happen instead was a wide range of other activities below the level of outright conflict, from digital espionage to mass intellectual-property theft to ­cybercrime costing hundreds of billions of dollars. These harms all get short shrift, again reflecting the sources and focus of a book that presents its history only through a Washington DC, NSA centric lens. When private industry does make an appearance, it is usually because some unnamed executive has frustrated a government official by not being willing to do exactly what he or she wanted since it wasn’t in that executive’s business interest.

In much the same way, foreign governments are black boxes in Kaplan’s book. Perhaps this is simply an indication that leaders in Washington are having a hard time accepting a simple fact, that while the Internet may have been created by a United States government research program, it is no longer under American government control, or even American in its makeup.

That is to say, “Dark Territory” packs in a great deal of material, yet also not enough. It is a readable and informative history of policy formulation. But the overall darkness from which the book takes its title remains to be lifted.

DARK TERRITORY
The Secret History of Cyber War
By Fred Kaplan

NYT:

« UK: Twitter To Train Prosecutors To Fight Online Abuse
Open Source Intelligence: Special Ops In Syria Exposed »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Blueliv

Blueliv

Blueliv is a leading provider of targeted cyber threat information and intelligence. We deliver automated and actionable threat intelligence to protect the enterprise and manage your digital risk.

CSO

CSO

CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks.

Armadillo Sec

Armadillo Sec

Armadillo provide penetration testing and vulnerability assessment services.

Quick Heal Technologies

Quick Heal Technologies

Quick Heal Technologies is a leading IT security solutions provider focused on endpoint and network security solutions.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Xcina Consulting (XCL)

Xcina Consulting (XCL)

Xcina Consulting provides high quality business and technology risk assurance and advisory services.

Digital Arts

Digital Arts

Digital Arts provides internet security software and appliance products for companies and individuals.

Bright Machines

Bright Machines

Bright Machines delivers intelligent, software-defined manufacturing by bringing together our flexible factory robots with intelligent software, production data and machine learning.

ACM-CCAS

ACM-CCAS

ACM is a UKAS-accredited certification body helping businesses around the world perform to a higher standard. Our certifications include ISO 27001 and ISO 22301.

DANAK

DANAK

DANAK is the national accreditation body for Denmark. The directory of members provides details of organisations offering certification services for ISO 27001.

Tier1Asset (T1A)

Tier1Asset (T1A)

T1A is Europe’s leading IT refurbisher. We offer certified data erasure using blancco on site and at our facilities, providing environmentally sound disposal of your used equipment.

NetNordic Group

NetNordic Group

NetNordic is a Nordic system integrator focusing on solutions and services in the area of networking, smart data centers, cybersecurity, and unified communication.

Lucata

Lucata

Lucata solutions support groundbreaking graph analytics and improved machine learning for organizations in financial services, cybersecurity, healthcare, pharmaceuticals, telecommunications and more.

Buguard

Buguard

Buguard is a multi-award-winning supplier of Application Security Assessments and GRC services.

Klarytee

Klarytee

Protect your data wherever it goes. Klarytee is a SaaS platform that builds security into sensitive content to enable granular control in AI, public cloud and SaaS.

Amiosec

Amiosec

Amiosec is a British cyber innovation business specialising in delivering simple-to-use solutions to the complex problems of the modern world.