The Secret History of Cyber War

Uploaded on 2016-06-25 in NEWS-Cybersecurity News, FREE TO VIEW

Whilst it complains of the level and persistence of foreign cyber attacks against business and government agencies, the fact is, the US started it.

 At least, tat's one of the central thrusts of Fred Kaplan's "Dark Territory: The Secret History of Cyber War." Because it pioneered computing, the U.S. intelligence agencies enjoyed decades of dominance over rivals, and even learned how to remotely wreak havoc on, say, the Iranian nuclear program. But because nearly everything in our country is networked, we're uniquely vulnerable now that the rest of the world has caught up.

"If America, or US Cyber Command, wanted to wage cyber war," Kaplan writes, "it would do so from inside a glass house."

You heard echoes of breaking glass when federal prosecutors in Pittsburgh indicted five members of People's Liberation Army Unit 61398 for stealing secrets from Alcoa, US Steel and Westinghouse Electric. Also when North Korea, presumably, hacked and humiliated Sony. And did you know that Iran remotely ruined 20,000 computers owned by Las Vegas Sands Corp.?

The line between old-school espionage and cyber-sabotage blurred gradually over the past quarter century, Kaplan tells us, starting with 1991's Operation Desert Storm, in which American intelligence hacked into Iraq's air defense system.

Six years later, the Pentagon's J-39 unit was able to remotely switch off Serbia's government-controlled TV stations at key moments, hack Slobodan Milosevic's radar systems and relentlessly prank call his top aides.

And during the past decade, we sent Iraqi insurgents emails that seemed to be from trusted friends, much like the phishing messages we delete every day. But whereas our fake friends who are stranded in the Philippines just want our money, our emails to the jihadis told them to rendezvous with each other - and when they did, we killed them.

By 1998, though, hackers were penetrating the network at Andrews Air Force Base. Those intrusions were traced to high school students in California. But later analysis of other cyberespionage attacks showed that the malicious code was initially typed on Cyrillic keyboards, suggesting that Russia was in the game.

That's when, according to "Dark Territory," the National Security Agency came to the conclusion that the best defense was a good offense. When Pittsburgh native Michael Hayden led the NSA from 1999 to 2005, its guiding philosophy, according to Kaplan, was that "the best way to defend a network was to learn an adversary's plans for attack - which required getting inside his network."

The ultimate intrusion was the well-reported Operation Olympic Games, in which the US planted a 650,000-line hunk of malware, later dubbed Stuxnet, into the computers controlling the Iranian nuclear reactor at Natanz. The clever code shattered thousands of centrifuges and added years of headaches to the Iranian bid for weapons-grade uranium.

As the first cyber-operation to disrupt real-world infrastructure, Olympic Games was the information-age equivalent of the Hiroshima bombing, Kaplan argues. The difference: Nuclear weapons haven't been used since 1945.

By contrast, the Iranians have hacked American interests in Saudi Arabia. The North Koreans have launched denial-of-service attacks against South Korea and Wall Street. The Russians shut down the online infrastructure of West-leaning Estonia and Georgia. The Chinese, apparently, snatched the personal information of 21.5 million Americans who have applied for security clearances.

Kaplan, a Slate columnist and veteran of The Boston Globe, is deeply sourced. Luckily, he's not slavishly loyal to his sources: He deals dispassionately with the struggle, before and after Edward Snowden, to balance anti-terror measures and personal privacy.

The fun stuff? Details of meetings between top intelligence officials and hackers with nicknames like Mudge and Space Rogue. The dull stuff? Play-by-play accounts of federal task forces. The takeaway? "Anything we're doing to them," writes Kaplan, "they can do to us."

Ein News

« US National Cybersecurity Plan Costs $19b
NATO Tools Up For Cybewar »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

SSLGURU

SSLGURU

SSLGURU bring all of the major SSL certificate vendors to one market place in order to create the world's largest SSL store with the most competitive prices.

Tech Industry Forum (TIF)

Tech Industry Forum (TIF)

Tech Industry Forum is a not-for-profit, membership driven trade body. We bring together end users and some of the UK’s leading cloud, software, platform, infrastructure, and service providers.

Genua

Genua

Genua is a specialist in IT security services and solutions ranging from network and infrastructure security to encrypted comms and industrial automation.

AuthenTrend

AuthenTrend

AuthenTrend provide biometric authentication products to achieve high security with extreme ease-of-use for the user.

H-ON Consulting

H-ON Consulting

H-ON Consulting develops and applies robust cyber security procedures enabling control systems to be secure.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

Institute for Security and Technology (IST)

Institute for Security and Technology (IST)

The Institute for Security and Technology's goal is to provide the tools and insights needed for companies and governments to outpace emerging global security threats.

Bfore.ai

Bfore.ai

Stop future attacks, today. Bfore.ai is an operational threat intelligence feed to add predictive technology to your security infrastructure.

watchTowr

watchTowr

Continuous Attack Surface Testing, with the watchTowr Platform. The future of Attack Surface Management.

Securonix

Securonix

Securonix delivers a next generation security analytics and operations management platform for the modern era of big data and advanced cyber threats.

Metallic.io

Metallic.io

Metallic (formerly TrapX) is a SaaS portfolio for enterprise-grade backup and recovery, designed to protect your data from corruption, deletion, ransomware, and other threats.

CMIT Solutions

CMIT Solutions

CMIT Solutions is a recognized leader in Managed IT Services for businesses. We empower businesses like yours by providing innovative technology solutions, managed IT services and cybersecurity.

FOSSA

FOSSA

FOSSA is a leading SBOM (software bill of materials) and software supply chain risk management platform.

Operant AI

Operant AI

Operant AI is the only Runtime AI Application Defense Platform that actively protects every layer of live cloud and AI applications from infra to APIs.

Culminate

Culminate

Adopt AI with confidence in your SOC. Utilize human-AI teaming to conduct your investigations with unmatched accuracy and speed.

Sciber

Sciber

Sciber - data-driven cybersecurity. Strengthen your cyber defence with proactive, science-based and improvement-driven services.