Reliable Security Information

Rule Number One: Always Blame China, then Russia

Today, a collection of items having to do with the tradition of blaming China and its mighty but hard-to-see cyberwarriors. As stories on our nation's cybersecurity strategy and the military's plans for a cyberforce unfold, you'll continue to see a lot of this.

For example, when you want to build a cyber-attack force, it's always been convenient to blame the Chinese for starting a cyber-arms race, hacking into US utility companies, cyber-spying and installing backdoors and hidden boobytrap software switches in everything. (See here in the New York Times for a reference which reaches all the way back to 2001 when a US spy plane crashed into a Chinese fighter.)

Since this is a practice that has been carried out so well and for so long, the Chinese media has finally started to wise up to it.

So, this year, for the first time, this writer has begun to field questions from Chinese journalists, who are returning the favors long administered by their counterparts in the western English-speaking newsmedia. One could view it as a bit of tit-for-tat. That is, instead of wanting to talk about how their country is menacing US cyber-interests, paradoxically, they want to know about the US menacing the rest of the world's cyber-interests.

From a Q&A -- in e-mail -- this week:

Chinese journalist: Will US wage cyber warfare against its enemies?

GS: I doubt there will be any significant happenings of this nature. Too much potential for an exposure resulting in great embarrassment and bad publicity if caught doing such a thing. It wouldn't look good if the US military was caught installing a worldwide zombie botnet now, would it?

Chinese journalist: US cyber security may provoke the new world arms race on the new military frontier, do you think so?

GS:: The rhetoric on the subject may inspire something like this. However, it will be offset by the limited nature of what such things can accomplish in the real world.

Chinese journalist: What do you think of the cyberattacks worldwide?

GS: It's another day, just like many, for IT staffs.

Next up, a partial transcript from the Ian Masters radio show, a couple weeks ago. I've edited and condensed it to the most interesting points, dropping in on the common worked-to-death scripts re China and cyberwar.

Ian Masters, Pacifica radio host: There's [now] an expectation hacker soldiers will be hired. The New York Times has a piece on Sunday on the frontpage, a rather skeptical piece, suggesting that this indeed may be another raid on the treasury by the military industrial complex.

GS: Well, that's been a constant. I mean, it's not exclusive to the Obama administration. Cyberwarfare and cybersecurity have been used by the US government over the past fifteen years to, as you say, rattle the tin cup for a variety of reasons. I mean, it's kind of like, what many people don't realize is that the extremist views are in charge, OK? [Laughs] There really isn't a voice of moderation. And there really never has been in the area.

IM: So, in other words, the sky's always falling.

GS: That's right.

IM: And the Russians are coming.

GS: Or the Chinese. The Chinese were coming ten years ago. And they're coming again.

IM: And the terrorists are coming.

IM: In terms of cyberwarfare al Qaeda is not a player?

GS: No, they're not a player.

IM: They do low-tech video releases. So who is the target of this new initiative by President Obama, is it Russia and China?

GS: Those are the common two. Ten years ago there were a large number of stories circulated insisting China, the dragon, was about to show its claws and fire, and it had developed a cyberwarfare capability, and in the most extreme cases could attack the United States' oil refineries and cause explosions, war from remote, things like that. And with Barack Obama, on Friday, he includes in his speech a statement that cities in foreign countries have been blacked out by cyberattack, and that's simply an urban legend. There's nothing to back that up at all yet it finds its way into his cyber policy review report.

Now, why is that? [Laughs]

If you look at the footnotes of the report real carefully, this comes out of an old press release from a computer security company.

IM: So ginning up business?

GS: Well, specifically, this occured about a year ago. It was to gin up business for protection of remote control access systems. What better way to do it than to say the CIA had told [your expert business] that cities which cannot be named, in countries that cannot be named, had power companies attacked which cannot be named, causing blackouts in cities, the number of which cannot be named.

IM: Really?

GS: Yeah, well that's it ...

IM: Where is the beef then, as they once said in a political campaign? We've got a lot of sizzle -- but there's no steak here?

GS: Well, the real beef is that there isn't any doubting that there are problems with cybersecurity. We're now built on a system that's fundamentally insecure ... and when you choose to use the Internet ... to build your networks upon [it], then you're choosing to work with an insecure system and the daily problems that come with that are part of the overhead of doing business and conducting life like that. And that's a complete separate set of issues which everyone must deal with on a daily basis.

Ah, have you had an experience with removing malware, viruses or spyware from your computer?

IM: Well now, at the risk of advertising for Apple, I have a Mac.

GS: [Laughs] Well, good for you!

IM: So everyone is attuned to these things and paying the price.

GS: And everyone has to deal with it daily and take measures or suffer the consequences ... Bad actors on the Internet are not known for restraint, OK? If there was an ability to turn the United States off like a switch, it would have been done already, I think. They wouldn't show the qualms of, perhaps, a foreign country whose leaders would say: "Maybe we shouldn't do this."

Someone would just say: "No, we're going to do it because I want to be famous and show the world how powerful I am." Which is one of common motivations, among many, in people who do these kinds of things on the Internet, who are constantly knocking on your firewall door ...

The cant -- a fancy word, meaning 'the secret speech of gipsies, thieves, tramps or beggars' or the spouting of hyprocrisy -- on cyberwar has always been the same. And it repeats more often than generally thought, as this next section from July of last year illustrates.

CNN's Pentagon correspondent, Jamie McIntyre, was puzzled: "This term cyber warfare sounds kind of, you know -- amorphous, kind of hard to get your hands around it..." (See here for the excerpt's original publication in the Register.)

It was a slow news week in mid 2008 and CNN was into an afternoon segment on cyberwar. Suddenly, an expert was produced to claim that China had caused power blackouts in the US.

And, at this juncture, it's not so important to name the expert (it's in the original piece). What is important to note is that, for discussions of cyberwar, fantastic claims are common. No one challenges them.

"Well, they say that two [instances] of those were really the Chinese caused blackouts in the United States, one in 2003 and the other..." the expert told CNN.

More specifically, this was referencing an article in the National Journal. In the discussion about cyberwar, if something can be rammed into print, it can be used as a footnote, an exhibit of proof by someone else.

Substantial evidence supporting an extravagant claim is unimportant. What was important was that China be attributed with causing blackouts in the US years ago.

Returning to the original piece at the Reg, entitled "Cyber B-52 strikes mooted as a response to China cyberwar," it reads:

"The [CNN segment] demonstrated one common feature of all stories on cyberwar. You can say anything you wish and not suffer a beatdown ... Once on paper, it's fair to discuss such things as if they had the reality of a piece of granite.

"Since the Chinese had been causing blackouts, [it was ] reasoned the US government ought to show some backbone and give them a talking to ...

"To spend too much time arguing details [over this] is to be drawn into the deranged world of the American way of threat description ...

For the sake of discussion, then, it had been determined that China was at the root of trouble in cyberspace, that it had caused blackouts in the United States.

In this world, you can't pause to trouble yourself with the idea that no one has provided any evidence that it's true. You have to run with the ball.

So what should the United States do in retaliation?

Spin up a carpet-bombing force was the suggestion, according to a US military theorist. Seriously.

However, the US needed a special type of carpet-bombing, one fashioned for cyberspace. In this case, that meant having a force of cybermen and our own military botnet to launch denial-of-service attacks.

Last year, "Carpet-bombing in Cyberspace" was published in the Armed Forces Journal. The article's author, Col. Charles W. Williamson III, wrote: "America needs the ability to carpet bomb in cyberspace to create the deterrent we lack."

There was a cyber-carpet-bombing gap on the Internet, and the US was on the crappy end of the stick.

To eliminate the cyber-carpet-bombing gap, it was recommended the military immediately begin investing in its own military botnet.

Readers may be moved to recall the ending of Dr. Strangelove.

"Mr. President, we must not allow... a mine shaft gap!" -- General Buck Turgidson

"[Major] governments are reaching a point of no return in heading off a cyberwar arms race." -- The New York Times, here.

George Smith also blogs here.

Subscribe to SitRep: SitRep RSS Feed SitRep ATOM Feed