|
To Hack or Not To Hack - US cyber strategy
 [ZeihanOnGeopolitics] The New York Times dropped a fun piece last week asserting a coalition of like-minded national security and intelligence professionals are neck-deep in an offensive cyber operation against the Russian electricity system. The article suggests the hacking was meant to provide a cudgel to beat Russia with should it intervene in American elections again. The real kicker was the assertion made by a host of anonymous sources that not only was U.S. President Donald Trump unaware of the operation, but that the sources were afraid to tell him for fear the White House would shut the operation down.There’s a bit of peeling required for this particular onion: Computerization didn’t happen all at once. At first computers were multi-billion-dollar monuments of circuitry that only major governments could afford, to be used "simply" to compute complicated math (ergo the term computer). They certainly weren’t hooked into civilian infrastructure. Besides, there was nothing to "hook" into. Pre-1980s tech was analogue and manual, not digital and automatic. Fast forward to the 1980s and this changed rapidly. The marriage of now-more-attainable computers to telephony brought us modems long before it brought us smartphones. That linkage enabled the first computer networks to snake through the worlds of finance, media, energy, academia and manufacturing. As computers became ubiquitous, the possibility of extreme damage being inflicted upon the average American citizen expanded exponentially. A new policy was required for this new era. The president at the time was Ronald Reagan. His executive guidance was threefold: First, the U.S. government would provide no cyber protection to any part of the civilian system. Individual firms and citizens were wholly responsible for protecting their computer systems from outside threats. Second, the U.S. government would maintain an absolutely massive hacker corps with standing orders to hack everything and put malware and backdoors into every imaginable foreign system. Third, the U.S. would deign to identify precisely where its red lines were. These three points explain why it is so simple for Nigerians to defraud your grandmother, why the Russians could interfere in the U.S. elections with ease, and why everyone is so afraid to go after the really important stuff: infrastructure in the United States. In essence, America’s cyber policy is a lot like the rest of its armed forces: you can poke and prod the exposed flanks of the behemoth and you might or might not get swiped at for your trouble, but if you ever do something that really draws its attention, well... you’d better have a great bunker. In the event the U.S. ever did decide to cut loose, it would have a remarkably shitty quarter. The lack of cyberdefense would ensure that power grids would fail, vulnerable city bureaucracies would be left helpless, and all the businesses that forgot to update their Windows operating system from last decade’s would find they no longer have computers. In other words, it would hurt. But whoever the U.S. was going to war with would find themselves facing off against nearly four decades of surveillance, planning, and preparation by skilled, vengeful nerds. In the best-case scenario (for the targets), they would regress a century as everything from power to water to communications to shipping simply seized up, never coming on-line again until a complete computer-free overhaul was completed. The Reagan administration’s guidance on cyber sat broadly unchanged for the next four presidents. Offensive cyber was used rarely and the U.S. refuses to discuss it. It is only under Donald Trump that some shifts have occurred. In Trump’s early months as executive the U.S. government leaked it had done something I find hilarious: It didn’t simply identify the specific Russian agents who had interfered in the United States’ 2016 presidential elections, it sent cease-and-desist letters to those agents at their home addresses complete with enough personal touches to drive home to the Russian hackers that the U.S. government knew more about their personal lives than the Russian government itself. What all this makes clear is that the U.S. realized it had undersold itself and underutilized its tools, which is quite literally the last thing you want to do with a deterrent. But times are changing and so, it appears, the pace of operations is picking up. Posted by: DarthVader 2019-06-20 |
|
| http://www.rantburg.com/poparticle.php?ID=543758 |