US CyberSpy vs CyberSpy Incompetence
Spy vs Spy was a Mad Magazine comic strip started during the Cold War era in 1961. Drawn by Antonia Prohias, the strip featured two spies one level too clever such that they inevitably did themselves in with scheming stunts of self-destruction. These spies were Maxwell Smart over confident and Inspector Clouseau clumsy clowns as seen in this cartoon:
Apparently the US Intelligence Services such as the CIA. NSA, and Naval Intelligence have latched onto these “all too clever” cyber-agents and policies with one stark difference – the other side was staffed by cold and calculating operators who, over the past 20 years, have been able to take full advantage of the US Cyber-sie by stealing- not just hoards of government classified secrets but also nearly all the arsenal of US created cyber hacking tools.
Worse, the Chinese, Iranian, ISIS, North Korean, and Russian cyber experts using these US tools have been able to unleash a broad range of cyber attacks to loot US and World businesses and government agencies. . .
How Pervasive are the US Cyber Spy Tool Breaches
First Cyber-spy gaffe, give away as Open Source Software key cyber-software tools and don’t expect anybody to exploit it for malvolence. Tor is free and open-source software for enabling anonymous communication. It was developed in the mid 1990s by the Naval Research Laboratory to ensure that Naval communications could not be a)intercepted for deciphering or b)tracked to reveal source and destination communications for tracing vessel and submarine movements. Tor and its counterparts such as I2p, Freenet and GnuNET are all anonymous browsers of the resulting Deep Web which is not just invisible to but also nearly 500 times the size of the regular surface Web .
As it turns out, anonymous browsing which is untraceable is as vital to hackers and criminal organizations as it is for military and corporate systems. But what the Naval Research Laboratory and Electronic Frontier Foundation as sponsors failed to do when Tor was released as Open Source was some elementary controls on the code. . .
As a result hackers have taken the Open Source Tor [and I2P, Freenet and GnuNET as well] and adapted it for their own purposes including creating a host of vulnerabilities for their malignant ends. Congratulations Naval Intelligence for hoping for the best and reaping the worst possible outcome – creating the Dark Web Space with which provides cover for enemy state cyber-hackers and organized crime.
Second Cyber-spy gaffe, presume your headquarters are impervious to hack attack; then lose secrets through your own staff and/or incompetence. The record from 2000 to 2013 of Federal Government cyber-attacks is full of incidents where security incompetence or internal employees were the source of most data breaches. . .
Third Cyber-spy gaffe, lose control of your most important cybertools as the NSA did in 2016. And then once lost, all the tools were dumped in code form by a still secret group known as the Shadow Brokers for all the world to see and employ for their own massive cyber hacking exploits. . .
Based on the timing of the attacks and clues in the computer code, researchers with the firm Symantec believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — like a gunslinger who grabs an enemy’s rifle and starts blasting away. The Chinese action shows how proliferating cyber-conflict is creating a digital Wild West with few rules or certainties,…The losses have touched off a debate within the intelligence community over whether the United States should continue to develop some of the world’s most high-tech, stealthy cyberweapons if it is unable to keep them under lock and key.”
The result is that over the last decade, US Cyber Intelligence has fallen into disarray and and badly needs revitalization. See recent Naval Intelligence assessment of that need.
Consequences of US Intelligence Incompetence
The US record for preparation against Cyberattacks is woeful. In the early 2000, the US provided access to the Deep Web to hackers and enemy state agents through Open Source of anonymous communication tools. Since 2010 the US Intelligence community has fallen victim to internal personnel like Eric Snowden releasing methods and policies to the hacking world. And the last 5-7 years has seen the US lose highly potent cyber-tools through agents “mishandling” highly confidential tools or the astonishing miscalculation of the the degree of the vulnerability of their prized cybertools to detection and capture in combat.
Clearly there is a hubris about US Intelligence Effectiveness and Invulnerability. Yet all the major Intelligence players [CIA, NSA, and Naval Intelligence] have proven to be remiss in defending US business, government and individual citizens against cyberattacks. Because some of the very best US hacking tools are in possession of organized crime and foreign agents, US infrastructure systems which are running on old , outdated, and/or poorly monitored control systems , are particularly at risk. This means major systems such as the US electrical grid, air transportation control centers, intertwined oil,/gas/chemical pipelines have become increasingly susceptible to concerted cyberattack.
But perhaps most disconcerting is how social media like Facebook, Twitter, Youtube have been mastered as propaganda machines for sowing massive misinformation on political and economic issues. So much so that the last US Presidential election was swayed by Russian cyber-agents. And so you can imagine how President Trump, already a vocal dissenter of the US Intelligence community, will be “reluctant” to investigate the foreign cyberagent influence by social media let alone revitalize the US Cyber-Agencies.
------------------------------------------------------------------------------------------------------------------------------
End of Countries Blaming Each Other of Cyber Espionage?
"In our world today, countries are “united” through a world-organ named United Nations, where civilized discussions about conflicts and misunderstandings are raised. But in the cyber world, it is basically every country for itself, there is no such thing as the Internet’s united nation, there is no central organ to organize the unorganized.
It’s been a very well-known fact that powerful nations of the world, especially those that are permanent members of the UN Security Council maintains their own elite hacker team. The key here is other nations are better with their own PR than others, the weaker the PR arm of the country, the possibility of its hacker team being demonized by other nations is higher. . .Cyber warfare, including its silent cousin, cyber espionage involves units organized along nation-state boundaries, in offensive and defensive operations, using computers to attack other computers or networks through electronic means.
Hackers and other individuals trained in software programming and exploiting the intricacies of computer networks are the primary executors of these attacks. These individuals often operate under the auspices and possibly the support of nation-state actors. In the future, if not already common practice, individual cyber warfare units will execute attacks against targets in a cooperative and simultaneous manner.
China is the favorite country to blame when it comes to cyber espionage and cyber attacks against other nations it does not like. However, for a country to openly point the fingers to China is basically harming itself, given the strong economic influence of China . . .
more
No comments:
Post a Comment