@War: The Rise of the Military-Internet Complex (40 page)

Read @War: The Rise of the Military-Internet Complex Online

Authors: Shane Harris

Tags: #Computers, #Non-Fiction, #Military, #History

BOOK: @War: The Rise of the Military-Internet Complex
3.4Mb size Format: txt, pdf, ePub

[>]
A security research firm soon:
Kim Zetter, “Google Hackers Targeted Source Code of More Than 30 Companies,” Threat Level,
Wired
, January 13, 2010,
http://www.wired.com/threatlevel/2010/01/google-hack-attack/
.

[>]
“The scope of this”:
Kim Zetter, “Report Details Hacks Targeting Google, Others,” Threat Level,
Wired
, February 3, 2010,
http://www.wired.com/threatlevel/2010/02/apt-hacks/
.

[>]
“They indoctrinate someone”:
Author interview, August 2013.

[>]
“We scare the bejeezus”:
Tom Gjelten, “Cyber Briefings ‘Scare the Bejeezus' Out of CEOs,” NPR, May 9, 2012,
http://www.npr.org/2012/05/09/152296621/cyber-briefings-scare-the-bejeezus-out-of-ceos
.

[>]
Several classified programs allow:
Author interviews with current and former intelligence officials and security experts. See also Riley, “US Agencies Said to Swap Data.”

[>]
Microsoft, for instance:
Ibid. Glenn Greenwald et al., “Microsoft Handed the NSA Access to Encrypted Messages,”
Guardian
, July 11, 2013,
http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data

[>]
Cisco, one of the world's:
Author interview.

[>]
And
McAfee:
See Riley, “US Agencies Said to Swap.”

[>]
In 2010 a researcher at IBM:
Andy Greenberg, “Cisco's Backdoor for Hackers,”
Forbes
, February 3, 2010,
http://www.forbes.com/2010/02/03/hackers-networking-equipment-technology-security-cisco.html?partner=relatedstoriesbox
.

[>]
The Homeland Security Department also conducts:
The list of meetings and their agenda can be found at
http://www.dhs.gov/cross-sector-working-groups
.

[>]
After the terrorist attacks, the NSA:
See the case documents for
USA v. Nacchio
, in particular “Exhibit 1 to Mr. Nacchio's Reply to SEC. 5 Submission,” which contains FBI Form 302 Regarding November 14, 2005, Interview of James F. X. Payne, a former Qwest executive. See also Shane Harris,
The Watchers: The Rise of America's Surveillance State
(New York: Penguin Press, 2010), p. 16, which describes in further detail the interactions between Qwest and the NSA.

[>]
To obtain the information:
See the Homeland Security Department's list of critical infrastructure sectors,
http://www.dhs.gov/critical-infrastructure-sectors
.

[>]
In a speech in 2013:
Major General John Davis, Speech to the Armed Forces Communications and Electronics Association (AFCEA) International Cyber Symposium, Baltimore Convention Center, June 25, 2013,
http://www.dvidshub.net/video/294716/mg-davis-afcea#.UpSILmQ6Ve6#ixzz2lkc87oRy
.

 

12. Spring Awakening

 

[>]
 
In March of that year:
Author interviews with current and former US officials and security experts, including a spokesperson for the Homeland Security Department, May 2012. A subsequent interview was conducted in October 2013 with a former senior FBI official who worked on the case. The intrusions against natural gas companies were first reported in Mark Clayton, “Alert: Major Cyber Attack Aimed at Natural Gas Pipeline Companies,”
Christian Science Monitor
, May 5, 2012,
http://www.csmonitor.com/USA/2012/0505/Alert-Major-cyber-attack-aimed-at-natural-gas-pipeline-companies
.

[>]
But at the height of the Cold War:
See Thomas Reed,
At the Abyss: An Insider's History of the Cold War
(New York: Presidio Press, 2004).

[>]
The alerts from companies:
Author interview, October 2013.

[>]
They shared “mitigation strategies”:
Author interview with Homeland Security Department official, May 2012.

[>]
That summer
,
Homeland Security: Information Sharing Environment 2013 Annual Report to the Congress
,
http://www.ise.gov/annual-report/section1.html#section-4
.

[>]
Homeland Security, the FBI, the Energy Department:
Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team,
Monthly Monitor
(ICS—MM201310), July–September 2013, released October 31, 2013,
http://ics-cert.us-cert.gov/sites/default/files/Monitors/NCCIC_ICS-CERT_Monitor_Jul-Sep2013.pdf
.

[>]
Shell, Schlumberger, and other:
Zain Shauk, “Phishing Still Hooks Energy Workers,”
FuelFix
, December 22, 2013,
http://fuelfix.com/blog/2013/12/22/phishing-still-hooks-energy-workers/
.

[>]
In a rare public appearance:
Berlin spoke at a cyber security conference at the Newsuem in Washington, DC, on May 22, 2013.

[>]
A few months after the intrusions:
Brian Krebs, “Chinese Hackers Blamed for Intrusion at Energy industry Giant Telvent,”
KrebsonSecurity
, September 26, 2012,
http://krebsonsecurity.com/2012/09/chinese-hackers-blamed-for-intrusion-at-energy-industry-giant-telvent/
.

[>]
But the country also needs:
World Bank, “GDP Growth,”
http://data.worldbank.org/indicator/NY.GDP.MKTP.KD.ZG

[>]
China is the world's second-largest:
US Energy Information Administration,
http://www.eia.gov/countries/country-data.cfm?fips=CH
.

[>]
At least one US energy company:
Michael Riley and Dune Lawrence, “Hackers Linked to China's Army Seen from E.U. to D.C.,” Bloomberg.com, July 26, 2012,
http://www.bloomberg.com/news/2012-07-26/china-hackers-hit-eu-point-man-and-d-c-with-byzantine-candor.html
.

[>]
And the country has pursued legitimate paths:
Ryan Dezember and James T. Areddy, “China Foothold in US Energy,”
Wall Street Journal
, March 6, 2012,
http://online.wsj.com/news/articles/SB10001424052970204883304577223083067806776
.

[>]
By one estimate, the flow:
Nicole Perlroth and Quentin Hardy, “Bank Hacking Was the Work of Iranians, Officials Say,”
New York Times
, January 8, 2013,
http://www.nytimes.com/2013/01/09/technology/online-banking-attacks-were-work-of-iran-us-officials-say.html?pagewanted=all&_r=3&
.

[>]
The banks' Internet service providers:
Author interview with Mark Weatherford, August 2013.

[>]
“For the first two or three weeks”:
Ibid.

[>]
Reportedly, the Iranian regime:
Yaakov Katz, “Iran Embarks on $1b. Cyber-Warfare Program,”
Jerusalem Post
, December 18, 2011,
http://www.jpost.com/Defense/Iran-embarks-on-1b-cyber-warfare-program
.

[>]
A group of financial executives:
Author interview with senior financial services executive who participated in the meeting, November 2013.

 

13. The Business of Defense

 

[>]
It occurred to Hutchins:
Author interview with Eric Hutchins, January 2014.

[>]
Using the kill chain model, Lockheed:
Author interview with Charlie Croom, January 2014.

[>]
“Within a couple of years”:
Author interview with former military intelligence officer, July 2013.

[>]
A security expert with close ties:
Author interview with cyber security expert, December 2013.

[>]
“We've already got”:
Author interview with Mark Weatherford, August 2013.

[>]
On February 18, 2013:
Mandiant,
APT1: Exposing One of China's Cyber Espionage Units
,
http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf
.

[>]
Less than a month later:
Donilon's full speech, before the Asia Society on March 11, 2013, can be seen at
http://asiasociety.org/video/policy/national-security-advisor-thomas-donilon-complete
.

[>]
“We decided it was”:
Author interview with Dan McWhorter, February 2013.

[>]
Mandiant's forensic analysts:
Nicole Perlroth, “Hackers in China Attacked the Times for Last 4 Months,”
New York Times
, January 30, 2013,
http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html?pagewanted=all&_r=0
.

[>]
Reportedly
,
more than a third:
Hannah Kuchler and Richard Waters, “Cyber Security Deal Highlights Threats from Spying,”
Financial Times
, January 3, 2014,
http://www.ft.com/intl/cms/s/0/e69ebfdc-73d0-11e3-beeb-00144feabdc0.html?siteedition=intl#axzz2pM7S3G9e
.

[>]
“A lot of companies, organizations”:
Ibid.

[>]
While working as an NSA contractor:
Author interviews with school officials and individuals familiar with the details of Snowden's trip, January 2014.

[>]
They came back with a three-hundred-plus-page report:
President's Review Group on Intelligence and Communications Technologies,
Liberty and Security in a Changing World
, December 12, 2013,
http://www.whitehouse.gov/sites/default/files/docs/2013-12-12_rg_final_report.pdf
.

[>]
In September 2013 a senior air force:
John Reed, “The Air Force Still Has No Idea How Vulnerable It Is to Cyber Attack,”
Foreign Policy
, September 20, 2013,
http://killerapps.foreignpolicy.com/posts/2013/09/20/the_air_force_still_has_no_idea_how_vulnerable_it_is_to_cyber_attack
.

[>]
And this more than four years:
Siobhan Gorman, August Cole, and Yochi Dreazen, “Computer Spies Breach Fighter-Jet Project,”
Wall Street Journal
, April 21, 2009,
http://online.wsj.com/article/SB124027491029837401.html
.

[>]
A month after the air force's admission:
Aliya Sternstein, “IG: Government Has No Digital Cyber Warning System,” Nextgov, November 5, 2013,
http://www.nextgov.com/cybersecurity/2013/11/ig-government-has-no-digital-cyber-warning-system/73199/
.

[>]
Earlier in the year a pair:
Nicole Perlroth, “Electrical Grid Is Called Vulnerable to Power Shutdown,” Bits,
New York Times
, October 18, 2013,
http://bits.blogs.nytimes.com/2013/10/18/electrical-grid-called-vulnerable-to-power-shutdown/
.

[>]
“There isn't a computer system”:
McConnell spoke at a cyber security conference sponsored by Bloomberg in Washington, DC, October 30, 2013.

[>]
Investigators concluded that the hackers:
Brian Krebs, “Target Hackers Broke in Via HVAC Company,”
KrebsonSecurity
, February 5, 2014,
http://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/
.

[>]
In February 2014 a Senate committee report:
Craig Timberg and Lisa Rein, “Senate Cybersecurity Report Finds Agencies Often Fail to Take Basic Preventative Measures,”
Washington Post
, February 4, 2013,
http://www.washingtonpost.com/business/technology/senate-cybersecurity-report-finds-agencies-often-fail-to-take-basic-preventive-measures/2014/02/03/493390c2-8ab6-11e3-833c-33098f9e5267_story.html
.

[>]
At a security conference in Washington, DC:
Alexander spoke in Washington, DC, at the Newsuem on October 8, 2013,
http://www.youtube.com/watch?v=7huYYic_Yis
.

 

14. At the Dawn

 

[>]
A senior administration official:
Author interview with senior administration official, January 2014.

[>]
The timing of Obama's speech:
Olivier Knox, “Obama NSA Speech on Anniversary of Eisenhower Warning,” Yahoo News, January 16, 2014,
http://news.yahoo.com/obama-nsa-speech-on-anniversary-of-eisenhower-warning-025532326.html
. White House aides told Knox that the timing was a coincidence.

[>]
In December 2013, Ernest Moniz:
“Moniz Cyber Warning,”
EnergyBiz
, January 5, 2014,
http://www.energybiz.com/article/14/01/moniz-cyber-warning
.

[>]
The government is well aware:
General Keith Alexander disclosed the number during a speech at Georgetown University on March 4, 2014.

[>]
“At the end of the day”:
Press briefing by senior administration officials, February 12, 2014.

[>]
Once those liability protections are in place, the government:
For a thorough examination of how Internet service providers may be tapped to better secure cyberspace, see Noah Shachtman, “Pirates of the ISPs: Tactics for Turning Online Crooks into International Pariahs,” Brookings Institution, July 2011,
http://www.brookings.edu/~/media/research/files/papers/2011/7/25%20cybersecurity%20shachtman/0725_cybersecurity_shachtman.pdf
.

[>]
Some observers have likened:
Ibid. See also Jordan Chandler Hirsch and Sam Adelsberg, “An Elizabethan Cyberwar,”
New York Times
, May 31, 2013,
http://www.nytimes.com/2013/06/01/opinion/an-elizabethan-cyberwar.html
.

[>]
But unlike other clouds:
Brandon Butler, “Amazon Hints at Details on Its CIA Franken-cloud,”
Network World
, November 14, 2013,
http://www.networkworld.com/news/2013/111413-amazon-franken-cloud-275960.html
.

Other books

Charmed (Second Sight) by Hunter, Hazel
River Song by Sharon Ihle
Indiscreet by Mary Balogh
OMG... Am I a Witch?! by Talia Aikens-Nuñez
Spell of the Crystal Chair by Gilbert L. Morris
The Unseen by Sabrina Devonshire
Will She Be Mine by Jessica L. Jackson
Then You Happened by Sandi Lynn