Once Again It's The US That Seems To Be The Most Aggressive With Cyberattacks
from the is-this-why-they're-so-afraid? dept
A new documentary is coming out by famed documentary filmmaker Alex Gibney called Zero Day. Big reports in Buzzfeed and the NY Times (both with additional reporting) note how it reveals that the famed Stuxnet attack by the NSA (with an assist from Israeli intelligence) was just a drop in the bucket of a massive cyberattack capability, under the code name NITRO ZEUS, that the US has built up in Iran as an "alternative" to nuclear war should diplomacy fail in negotiating Iran away from making nuclear weapons. The NY Times article focuses more on the geopolitical issues involved in the effort:For the seven-year-old United States Cyber Command, which is still building its cyber “special forces” and deploying them throughout the world, the Iran project was perhaps its most challenging program yet. “This was an enormous, and enormously complex, program,” said one participant who requested anonymity to discuss a classified program. “Before it was developed, the U.S. had never assembled a combined cyber and kinetic attack plan on this scale.”Meanwhile the Buzzfeed story focuses more on how the program was a bit of a mess with uncertain results:
Nitro Zeus had its roots in the Bush administration but took on new life in 2009 and 2010, just as Mr. Obama asked General John R. Allen, at United States Central Command, to develop a detailed military plan for Iran in case diplomacy failed. It was a time of extraordinary tension, as the Iranians accelerated their production of centrifuges and produced near-bomb-grade fuel and Western intelligence agencies feared they might be on the verge of developing a nuclear weapon. It was also a period of extraordinary tension with Israel, partly because of its presumed role in the assassination of Iranian nuclear scientists, and partly because of evidence that Mr. Netanyahu was preparing a pre-emptive strike against Iran, despite warnings from the United States.
However, one confidential source expressed concerns to Gibney about the extent of NITRO ZEUS, saying some planners had “no fucking clue” as to the consequences of some of the proposed attacks.It also notes that the State Department was reasonably concerned about the program -- both whether it was legal and how it might create some serious blowback:
“You take down part of a grid,” they told him, “you can accidentally take down electricity in the entire country.”
The film’s supporting research material also reveals an array of concerns about such capabilities within the U.S. government and agencies. The State Department was seen by those in other agencies as a “wet blanket” when it came to operations, for expressing concerns about violating the sovereignty of third-party nations’ cyberspace, or about operations that could have significant impact on civilians.Meanwhile, support for these concerns comes from a rather unexpected source: former NSA and CIA director Michael Hayden, normally quoted around these parts defending the intelligence community. However, here, he notes that massively broadening cyberattack efforts could come back to haunt the US:
“I know no operational details and don’t know what anyone did or didn’t do before someone decided to use the weapon, alright,” he said. “I do know this: If we go out and do something, most of the rest of the world now thinks that’s a new standard, and it’s something they now feel legitimated to do as well.I actually agree with Hayden. That doesn't happen very often!
“But the rules of engagement, international norms, treaty standards, they don’t exist right now.”
In public remarks, Hayden once noted of Stuxnet “this has the whiff of 1945. Someone just used a new weapon.” He also said the secrecy around the U.S.’s cyber programs was stifling the ability to have a public debate about their consequences.
“This stuff is hideously over-classified and it gets into the way of a mature public discussion as to what it is we as a democracy want our nation to be doing up here in the cyber domain,” Hayden said.
But, really, the main thing that gets me about this report is that we keep seeing Congress and the President going on and on and on about cybersecurity threats against the US -- and yet basically the only significant examples all seem to be the US attacking other countries. The inbound attacks -- such as the OPM hack or even the Sony hack -- actually seem fairly minor in comparison. Those are just hacks to get at data, not to actually break stuff. Yes, it's possible that US officials are freaking out because now they really understand the depth of what can be done thanks to the NSA doing it first, but maybe we should be thinking about dealing with that fact and shoring up our defenses (and not giving reasons to others to emulate us), rather than creating faux moral panics.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cyberattacks, iran, nitro zeus, nsa, stuxnet
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
pogo said it best:
we have met the enemy, and he is us ! ! !
1. if hayden is agin' it, i am almost certain it is some internecine skirmish, rather than any actual morals, ethics, empathy, or functioning metaphorical heart...
2. "alternative to nuclear war..." hmmm, why does this remind me of how the taser was to be an alternative to shooting, except it wasn't...
3. "...both whether it was legal and how it might create some serious blowback..." ...“you can accidentally take down electricity in the entire country.”
yeah, i think in olden times -like a couple decades ago- that was called a war krime...
now, its just the cost of doing bidness...
besides, war krimes are for losers, bitchez...
art guerrilla
aka ann archy
eof
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
all your base are belong to us
[ link to this | view in chronology ]
Unlike physical munitions, cyberwarefare weapons can and at some point will come back to haunt you. It might be 5 or 10 years before you see them but be assured the evidence and method have been left to be found, dissected, digested, and regurated in a different form again.
The internet has become tied to nearly everything that effects our lives in some form. Water, electricity, flow of traffic, of trains, of manufacturing, flight, finances, and military activities to only name a few. Imagine what would happen if you woke up tomorrow and the world you know began shutting down.
Today we are once again in the same position that the nuclear deterrent known as MADD put us. No one has the defenses other than possibly the military to fight all this and they aren't known for sharing. Bad enough the knowledge it can be done has been released. In a few years more I expect to see some of these developed tools being used on us behind the door of secrecy by other nations through rouge hacker groups while the nation responsible claims no knowledge. Kinda sounds like today don't it, with the US blaming China and Russia for doing the same things it is.
[ link to this | view in chronology ]
If the Rest of World Thinks the US is Evil
[ link to this | view in chronology ]
[ link to this | view in chronology ]
An attack is an act of War
http://www.forbes.com/sites/reuvencohen/2012/06/05/the-white-house-and-pentagon-deem-cyber- attacks-an-act-of-war/#6cadaf834a87
Link to an article from 2012 where it quotes both the White House and Pentagon as saying it would be an act of War.
[ link to this | view in chronology ]
Re: An attack is an act of War
http://www.businessinsider.com/us-drone-tweets-reveal-double-tap-plan-2012-12
[ link to this | view in chronology ]
Of course...
But instead of coveting and utilizing all these security holes we are finding, we should be actively helping organizations patch them in order to beef up our own infrastructure. That's where the dots fail to connect within our government agencies.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: reckless
U.S. DoD let this particular genie out of the bottle. Not to say someone else wouldn't have gone there eventually, but . . .
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6109203
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Screamin' Eagles!!!!!!
/s
[ link to this | view in chronology ]
[ link to this | view in chronology ]
At least China and Russia don't have to spend all that money to weaponize their systems since WE FUCKING GAVE THEM THE TEMPLATE when Stuxnet escaped into the wild.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Costs money and you have to find the right people to do it, who don't exist at the rate you're willing to pay. Enjoy the ride.
[ link to this | view in chronology ]