The Cyberwar Campaign against Jihadi Literature and WikiLeaks
Ellen Nakashima has a piece following up on the WSJ story previewing DOD’s cyberwar (which I posted on here). Before you read it, though, I wanted to suggest another reason we may be seeing this policy early (in addition to the hacking of all the defense contractors, now including L-3; and note, Nakashima references this legislation at the end of her article).
Last Thursday, the Defense Authorization bill passed the House. It retains Section 962, to which the Administration objected, which reads,
SEC. 962. MILITARY ACTIVITIES IN CYBERSPACE.
(a) AFFIRMATION.—Congress affirms that the Secretary of Defense is authorized to conduct military activities in cyberspace.
(b) AUTHORITY DESCRIBED.—The authority referred to in subsection (a) includes the authority to carry out a clandestine operation in cyberspace—
(1) in support of a military operation pursuant to the Authorization for Use of Military Force (50 U.S.C. 1541 note; Public Law 107–40) against a target located outside of the United States; or
(2) to defend against a cyber attack against an asset of the Department of Defense.
(c) BRIEFINGS ON ACTIVITIES.—Not later than 120 days after the date of the enactment of this Act, and quarterly thereafter, the Secretary of Defense shall provide a briefing to the Committees on Armed Services of the House of Representatives and the Senate on covered military cyberspace activities that the Department of Defense carried out during the preceding quarter.
(d) RULE OF CONSTRUCTION.—Nothing in this section shall be construed to limit the authority of the Secretary of Defense to conduct military activities in cyberspace.
So as you read Nakashima, remember that the Obama Administration objected to a section that authorized cyberwar in two circumstances–in support of an AUMF against a target outside of the US and in defense against a cyber attack on a DOD asset–and required quarterly briefings.
OK, now go read Nakashima.
Within the context of the Defense Authorization, a few points of DOD’s campaign to describe what they believe their cyberwar policy to be stick out. First, it envisions preparatory actions–basically spying on a presumably non-belligerent adversary’s infrastructure to map out how DOD would launch a cyberattack if the time came.
The framework clarifies, for instance, that the military needs presidential authorization to penetrate a foreign computer network and leave a cyber-virus that can be activated later. The military does not need such approval, however, to penetrate foreign networks for a variety of other activities. These include studying the cyber-capabilities of adversaries or examining how power plants or other networks operate. Military cyber-warriors can also, without presidential authorization, leave beacons to mark spots for later targeting by viruses, the official said.
In other words, DOD is indicating that it will engage in cyberwar activities outside of those authorized by Congress, activities which I’m sure they’re claiming fall under their “preparing the battlefield” giant loophole they use to engage in spywork.
Then there’s this:
Last year, for instance, U.S. intelligence officials learned of plans by an al-Qaeda affiliate to publish an online jihadist magazine in English called Inspire, according to numerous current and senior U.S. officials. And to some of those skilled in the emerging new world of cyber-warfare, Inspire seemed a natural target.
The head of the newly formed U.S. Cyber Command, Gen. Keith Alexander, argued that blocking the magazine was a legitimate counterterrorism target and would help protect U.S. troops overseas. But the CIA pushed back, arguing that it would expose sources and methods and disrupt an important source of intelligence. The proposal also rekindled a long-standing interagency struggle over whether disrupting a terrorist Web site overseas was a traditional military activity or a covert activity — and hence the prerogative of the CIA.
The CIA won out, and the proposal was rejected. But as the debate was underway within the U.S. government, British government cyber-warriors were moving forward with a plan.
As Nakashima goes onto explain, the British attack on Inspire managed to delay the publication of a bomb-making article in the magazine for two weeks. But it did eventually get published.
The Inspire story is fascinating not just because it reveals the ongoing turf war between DOD and CIA–and makes clear Mac Thornberry intends to let DOD win these battles.
But also, consider the cyberattack-which-shall-not-be-named: someone’s successful effort to ensure WikiLeaks couldn’t publish the State Department cables from a US server. The Inspire story makes it clear DOD is thinking in terms of take-downs of speech, which is precisely what the WL hack was.
And since WL was ultimately a compromise of DOD’s networks, it would solidly fall under the congressionally-defined defense “against a cyber attack against an asset of the Department of Defense.”
That is, it seems that Thornberry has authorized DOD to do things like hack WL. Congress seems to be in the business of helping the government exercise prior restraint.
That First Amendment sure was nice when we had it!
Though there’s just one weird aspect to this: DOD didn’t launch a cyberattack on WL when it compromised DOD resources: the Afghan and Iraq cables. Rather, it waited until all the DOD materials were already out, and then (we assume though don’t know) started attacking free speech to protect the State Department’s assets.
Anyway, all that prior restraint isn’t good enough, it seems, and the Administration is going to campaign for more lenient guidelines allowing DOD to wade through other countries’ infrastructure to figure out how to cyberattack them when the time comes.
I guess they can’t very well complain about the Lockheed and L-3 hacks then.
Reminds me of the dangers someone wrote about in a fine article about the difference between DOD’s Title 10 authority and the CIA’s Title 50 authority.
The timing of that response doesn’t really surprise me. A couple of points:
1. Retaliatory counterattack plan – When you receive incoming fire, you don’t instantly return fire at the immediate source of the incoming. Military folks tend to plan a campaign to counterattack at the opposition’s “center of gravity“, and not just or even at that immediate shooter. As in, cut off the head and the fists too will die.
2. I rather doubt that the US, and in particular, DOD’s Cyber Command, will limit itself to cyber-responses merely as a defense “against a cyber attack against an asset of the Department of Defense.” By straining and extending that logic just a wee bit, all assets and/or interests of the US can and would be considered “an asset [or interest] of the Department of Defense.”
There’s another coupla angles on this.
(1) In the long history of military ventures, incoming fire may be a diversion– concentrating your attention on one place, while something of greater importance is taking place elsewhere.
(2) Alternatively, the adversary wants you to fire back– so they can see where *your* defenses are.
In either case nowadays, don’t expect the adversary to hang around at the spot where they opened fire to have a victory smoke or anything. Like most modern guerrilla warfare, artillery is often taken to an isolated spot, fired, and then very quickly removed. Anyone who doesn’t work that way on the field of battle is asking for trouble. However, if you’re in a position to fire back *immediately,* then it’s probably a good idea– but mainly if your counter-attack comes from the wings and not your center.
Bob in AZ
And btw, that 1st Amendment thingie?
Must have been a 2-for-1 sale, and when SCOTUS scrapped the 4th Amendment yesterday, the Executive branch got to scrap the 1st Amendment as a tagalong freebie.
One wonders if these were just the tip of a mostly non-public iceberg. I’m guessing there are more targeted MIC piggies at the DOD trough.
I find it interesting this legislation gives these authorities, not to the president or Administration, but to the SecDef. In fact, one part specifically states SecDef can act independently of POTUS.
I assume you mean this
But wouldn’t this be analogous to watching a foreign air base for signs of missile installations and establishing an intel network in a country, or reviewing satellite intel and “marking” potential trouble spots, but not actually launching an attack? I’m not saying it’s right to do, but it does seem pretty much identical. Or am I missing something?
Excellent analysis EW, thank you. What do you do in your spare time, anyway?
The other shoe dropping here is that the breach of the securID system is a colossal failure of every aspect of management of the secure network. It shows for all to see the lack of planning, the aging of the security system, and the vulnerability of the system due to a hundred different errors that should have been the subject of an ongoing upgrade over the last ten years. It’s clear the DoD and CIA and every contractor was using old tech and sailing blissfully on without a care in the world…while the hacking and spy community was pushing the envelope.
So what now? Declare war! Declaring war gives us a patriotic platform from which to shout accusations, an enemy to blur our own mistakes, and a “forward” approach that ignores the complete screw up. It’s the perfect answer!
Plus wars get funded, often on the blacker books. Mistakes lead to Congressional hearings, and nobody wants to air their dirty laundry.
was = were. Nobody proofs before publishing anymore.
I was with you right up until
I just don’t see how that follows.
There was a story in March of last year, that the CIA and the Saudis had set up a Jihadi honeypot site, and DOD conducted cyberwar against the site.
The turf war lines up as here: CIA was interested in intelligence collection, DOD was interested in shutting stuff down.
When a nation’s defense establishment is conducting war operations against its intelligence establishment, you can guess that the divisions of opinion are pretty strong.
This bill seems to be taking sides.
I need a legal opinion from any attorneys out there. Yesterday I posted a link about a family in Medina Valley ISD who were suing to stop prayer at their son’s graduation. They were granted an injunction. What I didn’t say is that I know this family very well. They are dear friends of mine. Yesterday, the district released the high school senior’s name whose parents brought the lawsuit and Gretchan Carlson berated him this morning. The kid is a minor. Isn’t that illegal? How is it okay to release a minor child’s name or publish it in the media without parental permission?
If it is not protected by the court and court order, it is public information.
“The kid is a minor. Isn’t that illegal? How is it okay to release a minor child’s name or publish it in the media without parental permission?”
It’s not a minor being accused of a crime, it’s not HIPPA-related and unless it’s part of a specific court order blocking it, the name is public. Minors names are mentioned all the time in the news.
From the Nakashima link:”The use of any cyber-weapon would have to be proportional to the threat, not inflict undue collateral damage and avoid civilian casualties.”; if they can’t do that now with all the weapons they have, how are they going to do that with ‘cyber weapons?
Months ago, I argued here and elsewhere that civil rights lawyers and international law specialists were asleep on the job because they weren’t working to isolate out and define the cyber equivalents of the 1st amendment 5 rights, the 3rd amendment rights, 4th amendment rights, and the rights under the international humanitarian and human rights laws.
Now you are quoting the U.S. military using exact law of war language ticking off their rights as combatants and belligerents under those laws, they’ve already mapped out what they can do. I was right. I knew what I was talking about. And all those lawyers that found me to be talking extreme interpretations or thought everything had been decided already by hacker law? They have let you down.
So sorry, but Cassandra is never listened to until the belly of the horse opens.
Wow, hubris is thy name.
How great thou art.
Really? How about the hubris of believing you were protecting civil rights while letting the whole thing go? I was only bringing warnings. I did it here, I did it elsewhere. The lawyers didn’t take me seriously. I did the same on Guantanamo when the closing was announced: I said that the ICRC had expressed qualifications, Hina Shamshi told me she was sure I was mistaken, but I wasn’t because I’d been to a talk where a delegate had said so.
I’m not claiming to be the only one who knew, I’m not claiming to be some kind of genius. I am claiming to not have been listened to. The hubris is all yours.
The military can recruit top talent into its legal teams right now. It eats international law of war for breakfast. The lawyers here? Be lucky if they knew what it was. Glenn Greenwald dismissed Anonymous as a bunch of teenaged hackers. Really bad move. He thinks his articles on Drake were as factual as those of Jane Mayer. On the FISA debate, only pow wow understood that the government had moved to turn actual people into disk drives legally, and almost nobody saw that Leahy was embroiled in a huge fight over rollbacks, indicating that the FISC had ruled secretly that gathering the information was no longer the point at which 4th amendment rights got exercised. That’s the essence of the Patriot Act, but you’d never know that reading here.
If IHL becomes the standard for your rights on the internet, you will have the rights of a prisoner of war or a civilian in an occupied country. Right now you have the rights of a piece of corporate IP. That’s what I mean by being let down. The lawyers never moved to establish internet personalities as extensions of people, and their effects as their own. They never nailed down their publications as free press, they never nailed down their emails as private. Most importantly, they never nailed down their traces in databases as being something that if tracked, the person was being watched and their privacy invaded. They never got you your right to assemble here, your right to petition the government here, your right to publish or speak freely here. Now those rights are being defined with respect to the Geneva Conventions instead.
Have a nice day.
This is a fantastical steaming crock of shit. And I understand the law of war just fine; you just don’t like it when people understand the practicalities of law and actual litigation of the law as opposed to your non-legally trained and experienced pie in the sky wishful bullshit. You have now proven yourself to flat out be a whiny, petulant liar as Marcy and this blog have done as much as anyone, and did so early and often on the subject of surveillance and datamining.
Have a nice day yourself; maybe tomorrow you can be honest and polite instead of dishonest and gratuitously, and self inflatingly insulting.
No.you.don’t.
You and the other arrogant lawyers demote all those without “litigation experience” to spectator or advocacy status at every forum for discussion of such issues, neglecting that there are other areas of expertise necessary to make up the issues involved. You blew it. And no you don’t understand it. You didn’t understand the underlying internet issues as a group, and I contend you now don’t understand the underlying law of war issues. We won’t have any rights left, leaving it to you.
In the 1990s we were on our own at standards meetings trying to prevent some of this stuff, civil rights lawyers were nowhere to be found. You didn’t know it was happening.
You voiced your opinion here when the “hackers” used DDoS as protest, it was all crap.
At ACLU meetings there are only two groups: the lawyers, who are experts, and the non-lawyers, who are not. No matter that here in Silicon Valley the non-experts know more about the medium than all the expert lawyers will in their next thousand lives. Not once do the lawyers, who at the ACLU don’t even deign to have an email address, ever ask the rabble a question or for an opinion.
You don’t know, you don’t ask, you are too good to ask. Now we will live as unlawful combatants on the internet.
I wasn’t going to jump into this, and I respect your opinion, but this just isn’t my experience at all
Are you talking about the San Jose chapter, or are you talking about the affiliate? In either case, I can’t imagine this being true at all.
I think there’s a misunderstanding somewhere
It was my experience at San Jose meetings, and my experience contacting the national organization and the Northern California offices. I nearly had to hack to get contact information for the national organization. What’s that about anyway? I’ve been a member since the 1980s, why don’t they trust me to have their email address? They have mine.
On their blog site, the CAPTCHA is set to delete as a near default. They plain don’t want other people’s opinions.
When I had the go ’round with Hina Shamshi, it was here. That was a first clue that U.S. civil liberties lawyers don’t always know how ICRC people operate. It isn’t a huge failing, but it is an indication that people need to listen sometimes. I had been expecting confirmation from her, not disagreement.
Right now, there are big changes afoot in the way the internet is being mapped. The cyberwarfare stuff is only one part of it. But it isn’t all legal stuff. And lawyers need to be just a little bit humble and a lot more proactive and less focused on litigation and more focused on proposing standards and legislation if they want to win, in my humble opinion. Things are moving very fast and freedoms are being lost very quickly. But with the exception of corporate lawyers, you very rarely see lawyers at standards meetings or technical conferences.
As for the “whiny petulant liar” business, a google search of this site for the terms “Scott Macintosh” (Bush appointed DOJ lawyer for counterterrorism who argued that people could be treated like disk drives) or “rollbacks” (key operative term discriminating the SJC version of the FISA bill from the others in terms of datamining, that showed that the government was data warehousing the internet and therefore that there had been a key FISC decision), fails to show you were so on top of these issues at the time, and that therefore my statements are lies. I’d be more circumspect with the use of your litigation insults in the future.
Give it a rest and go neurotically pester someone else, somewhere else. I have had to discuss this problem of your plaintiff badgering before with you, and am not going to do it again. Just stop.
You called me a liar. Don’t do that again. I didn’t lie, and you insulted where you had no grounds for it. Now watch your mouth. You are not arguing from the high ground, you are an insulting prick who has people taking out diaries to complain about you. Take your ego down a few notches and drop the attack dog routine.
People have a right to express frustration with your profession. Those of us in high-tech listen to rants against ourselves all the time. People have a right to vent about watchdog blogs that miss the boat on issues, too. If all criticism is dismissed as neurotic pestering it’s no wonder FDL in general devolves too often into the same old rant against the empire, and big issues go whizzing past.
Most of the operating systems are being re-written to be incapable of the freedoms that were possible on the internet a decade ago. The hardware will conform within a couple of years, it’s already started. Have you noticed? Do you think you and Marcy will write about it a few years from now when it’s way too late and it’s only a failing legal issue?
I called you a liar because you materially misrepresented what was covered on this blog and when, and you appear to be continuing to do so with impunity. It was not an insult saying you did this, it was a fact. I am done with you on this. Stop. Now.
Just laying the groundwork for a cyberwar on terror.
Obama can then be a hero and bring the boots home while everything else continue as “normal.”
Related
Pentagon moves to classify cyber-attacks (which it launches) as ‘acts of war’
Read the very interesting comment
bmaz,
A complaint has been written to firedoglake. I expect to see a response. I am not going to stand for your behavior here, and no one else should stand for it, either.
You have been warned numerous times over an extended period of time about this type of conduct. I warned you today, you kept at it. I am right here and owe you exactly nothing other than patience, and you used that up long ago.
Me too. So I wrote a diary about it.