Dark Territory (46 page)

Chinese cyber attacks on,
224
–25

hacking of,
41

Defense Department, U.S.,
6
,
18
,
54
,
67
,
100
,
257

Advanced Research Projects Agency (ARPA),
7

Critical Infrastructure Commission and,
49

cyber attacks on,
47

in Eligible Receiver,
see
Eligible Receiver 97 cyber attack exercise

hacking and,
41

IDS devices and,
81
,
120
,
176

infrastructure policy directorate of,
43
–44

Internet connections to,
280

J Department of,
43
,
44

Microwave, Space and Mobile Systems office of,
19

Moonlight Maze cyber attack on,
78
–79,
81
–88,
119
,
123
,
212
–13,
223

National Communications System of,
177

network security of,
280
,
283

Solar Sunrise attack on,
74
–78,
80
,
81
,
101
,
119
,
120
,
123

Special Technological Operations Division of,
7

Strategic Leveraging Project of,
43

Defense Information Systems Agency (DISA),
65
,
74
,
75
,
78
,
80
,
82

Defense Intelligence Agency,
57

Defense Science Board:

cyber deterrence task force of,
279

cyber security report of,
275
–79

“Information Warfare-Defense” task force of,
54

demon-dialing,
9
–10,
59
,
64
,
112
,
113
,
161

denial-of-service attacks,
102
–3,
162
–63,
213
,
216

Department of Defense Cyber Strategy, The
(Carter),
283
,
316
n
–17
n

Depression, Great,
199

Desert Storm, Operation,
21
–25,
29
,
32
,
74
,
132
–33,
149
,
290
n

civilian casualties in,
24
–25

deterrence:

in cyber warfare,
see
cyber deterrence

nuclear,
277
,
278
,
284
–85

Deutch, John,
49

Devost, Matt,
65
,
66
,
80
–81,
273
,
293
n

digital communications:

data packets in,
5
–6,
17
–18,
131
,
156
,
192
–93,
194
,
248
,
249
–50

GCHQ's collection of data from,
228
–29

global switch from analog to,
25
,
28
–29,
30
,
35
,
126
–27,
275
–76

metadata in,
see
metadata

NSA's collection of data from,
196
–97,
228
–29,
230
–35,
237
–64

PRISM and,
247
–52

U.S. as hub of,
191
–92,
193
,
248

see also
telecom companies

Donilon, Thomas,
187
,
228
,
238

Asia Society speech of,
221
–22,
226
–27

Earnest, Josh,
272
n

East Germany,
235

cyber attacks by,
61
–62,
83

eBay,
102

e-commerce,
102

Einstein (IDS project),
177
,
179

elections, U.S.:

of 2000,
103
,
139
–40

of 2008,
197
,
198

Electromagnetic Systems Laboratory,
see
ESL, Inc.

electronic counter measures,
14
–15

Eligible Receiver 97 cyber attack exercise,
55
,
57
–58,
65
–72,
75
,
81
,
90
,
110
,
119
,
241
,
275

Army's refusal to participate in,
70

hacking of military communication and computer networks in,
57
,
67
,
68
–69

Minihan and,
57
,
65
,
66
,
71

as “no-notice” exercise,
67
,
68

NSA Red Team in,
57
,
66
,
67
–68,
69
–71,
72
,
76
,
80
,
182

postmortem briefing on,
70
–71

Ellis, James,
117

Emirnet,
75
,
76

Energy Department, U.S.,
166

cyber security as low priority of,
172
–73

ESL, Inc.,
7
,
15
,
58
,
120

espionage,
138
–39

microwave technology and,
12
–13,
16
–17,
22
,
132
–33,
289
n

Estonia, cyber attack on,
162
–64,
165
,
241

European Command, U.S.,
19

Executive Order 13010,
47
,
48
–49,
74

F-35 Joint Strike Fighter aircraft,
224
–25

Facebook, PRISM and,
247

FANEX,
18
,
66

Faurer, Lincoln,
26
,
28

Federal Bureau of Investigation (FBI),
63
,
74
,
77
–78,
98
,
269
,
288
n

National Infrastructure Protection Center of,
166

National Security Letters of,
254
–55,
256
,
260

Review Group briefings by,
254
–55

Review Group recommendations for,
256

Federal Intrusion Detection Network (FIDNET),
100
–102

Federal Trade Commission, North Korean cyber attack on,
213

fiber-optic cables,
132
–33

global spread of,
30
–31

Saddam's use of,
22
,
24

FIDNET (Federal Intrusion Detection Network),
100
–102

FireEye,
269

1st Armored Division,
149

FISA Court,
155
,
192
,
194
,
195
,
196
,
197
,
238
,
244

metadata collection and,
245
,
246
,
253
,
256
,
261
,
262
,
263

PRISM and,
248
,
249
–50

Review Group's recommendations for,
256
–57

secrecy of,
233

five eyes (U.S., Great Britain, Canada, Australia, New Zealand):

command-control systems hacking exercises of,
65
–66,
235

intelligence sharing by,
65

Flame computer virus,
205
–6,
213

Ford Escape, hacking of,
273
n

Foreign Assistance Act,
96

Foreign Intelligence Surveillance Act (1978),
196
–97

revisions to,
192
–95,
248

Foreign Intelligence Surveillance Court,
see
FISA Court

Fort Meade, Md.,
6
,
18
,
26

Fourth Amendment,
192
,
250

Franco, James,
269

Freeh, Louis,
96

Gandy, Charles,
16

Gates, Robert,
4
,
171
,
174
,
271
,
304
n
–5
n,
317
n

cyber warfare as concern of,
272
–73

“dark territory” metaphor of,
272

as defense secretary,
173
,
184
–89,
204
,
209
,
214

infrastructure security and,
280

Obama's replacing of,
220

and plan for protection of civilian infrastructure,
186
–89

Stuxnet and,
206

GEDA (Gain, Exploit, Defend, Attack) concept,
123

Gellman, Barton,
229

General Accounting Office,
47

General Services Administration,
97

Georgia, Republic of:

cyber attack on,
164
–66,
241

Russian invasion of,
164
–66

Giambastiani, Edmund,
174

Gibson, William,
45
–46

Glenn, John,
44
,
95

“Global Access Study” (NSA paper),
28
–29,
30

Golan Heights,
161

Good Harbor,
241

Google:

Chinese cyber attack on,
234

PRISM and,
247

Gorbachev, Mikhail,
16
,
162

Gore, Al,
40
,
103

in 2000 election,
103
,
139
–40

Gorelick, Jamie,
40
–41,
45
,
46
,
48
,
50
,
51

cyber crime and,
41
–42

Gourley, Robert,
84
,
88
,
276

Government Communications Headquarters (GCHQ), British,
116
–17,
213

communications data collected by,
228

Gravell, William,
291
n

Great Britain,
235

see also
five eyes

Great Depression,
199

Great Recession,
199
,
200

Greene, Brenton,
43
–44,
51

Greenwald, Glenn,
229

Grenada, U.S. invasion of,
145

Growing Vulnerability of the Public Switched Networks
(National Research Council),
54

GRU,
84

Guardian,
228,
229

“Guardians of Peace,” 268

Gulf War,
see
Desert Storm, Operation

Gunman (Soviet spy device),
16

hacking, hackers,
5
,
8
,
33
,
41
,
47
,
123
,
136
,
227
–28,
229
,
235

L0pht and,
90
–91

of military sites,
42

Network Security Monitoring and,
60
–61

of Social Security numbers and personal data,
265
,
268

software patches and,
136
–37

university computers as entry points for,
61
,
73
,
82

white-hat,
163

zero-day vulnerabilities and,
137

see also
cyber attacks, cyber warfare

Hadley, Stephen,
174

Haiti, planned U.S. invasion of,
58
–59,
64
,
107
–8,
112
,
161

Hamre, John,
71
,
74
,
77
–78,
80
,
81
,
86
,
113
,
120
,
121
,
122
,
125
,
153
–54,
183
,
296
n

Clarke and,
95
–96

Hanscom Air Force Base,
50
–51

Hathaway, Melissa,
176
–77,
279

CNCI plan of,
177
–78,
198
–99

Cyberspace Policy Review
issued by,
199
–200

Haver, Richard,
26
,
27
,
28
,
32
,
84

Hayden, Michael,
178
,
245

as Air Force Information Warfare Center commander,
122
–23,
126

Alexander's conflicts with,
152
–53,
154
–55

as CIA director,
215

CNE and,
138

“Director's Work Plan for Change” of,
128
–29

GEDA concept of,
123

as NSA director,
122
,
125
–26,
127
–33,
135
,
138
,
151
,
157
–59

TAO and,
135

Trailblazer and,
132

Heath, James,
154

Heberlein, Todd,
60
–61,
62

Hiroshima, atomic bombing of,
215

Homeland Security Department, U.S.,
18
,
142
,
167
,
179

CNCI and,
178

North Korean cyber attack on,
213

and protection of civilian infrastructure,
186