cyber war

With ‘hunt forward’ ops, democracies strike back

Across the ever-expanding galaxy of the internet, it’s interesting how relationships grow and take shape according to their purpose.

In the way ransomware gangs can function as an extension of an authoritarian state, attacking economic targets of democracies at will, democratic cyber forces have found their way to leverage the network effect for defensive purposes: they’re called “hunt forward” operations.

(credit svgsilh cc)

Rather than wait around for infrastructure to be attacked, as has been the custom, US cyber forces partner with the cyber defence forces of friendly nations and look for trouble. You could claim it is akin to a search and destroy operation, but with some key differences. It’s search and destroy waged from the friendly ridges of allies. And, like everything online, it’s Janus-faced. Not only does it re-enforce the defensive muscle of allies like Lithuania, or that larger country much further to the south, Ukraine, but the spoils of the operation support the broader cause of cyber security.

As this cybercom release makes clear:

“…cyber operators sit side-by-side with the partner and hunt on the networks of the host nation’s choosing, looking for bad cyber activity and vulnerabilities. These insights are shared with the host nation and then brought back to share with public and private sector networks– bolstering homeland defense before those adversary tactics, techniques, and procedures may be used against the US.”

The information passes easily from cyber defender to partner cyber defender, then right back to the private sector who are in the position to take some of the most effective and lasting action.

US Cybercom commander General Paul Nakasone, who has been key to pushing this strategy, said hunt forward operations are “so powerful… because of the fact that we see our adversaries and we expose their tools”.

“If you’re an adversary, and you’ve just spent a lot of money on a tool, and you’re hoping to utilise it readily in a number of different intrusions, suddenly it’s outed and it’s now been signatured across a broad range of networks, and suddenly you’ve lost your ability to do that.”

Now that I’ve introduced the term, here is a link to the song ‘Search and Destroy’ by the Stooges.

The “four harms” of Chinese cyberhacking

In order for the US to have reason to respond to China‘s cyberattacks, the malicious activity must do one (or more) of the following:

1) Attack critical infrastructure like utilities.
2) Disrupt major computer networks.
3) Steal trade secrets and intellectual property.
4) Benefit from stolen trade secrets and property.

On the retaliation side, the US is considering:

1) Indictments.
2) Sanctions.
3) Diplomatic responses.
4) Ouster of known Chinese agents.
5) Covert cyber actions.

US offensive cyber capabilities, The Guardian, and the new rules of the game

No big surprise here, Guardian. The White House has been hinting about this for some time. On Twitter, the pundits seems to be clutching to this blind quote:

“We hack everyone everywhere. We like to make a distinction between us and the others. But we are in almost every country in the world.”

The US likes to haul China before the international court of public opinion for “doing what we do every day”, the source added.

But the most important quote comes earlier. Says a US official:

“Once humans develop the capacity to build boats, we build navies. Once you build airplanes, we build air forces.”

“As a citizen, you expect your government to plan for scenarios.”

And why shouldn’t the US? I think US citizens would be outraged to learn their government wasn’t capable of hitting back when the US is hit.

The same official says the US is ” very interested in having a discussion with our international partners about what the appropriate boundaries are.”

And that’s what Obama and Xi are doing, as I post this. Although the US no doubt has a robust hacking regime (i.e. it “hacks everyone”) it would be interesting to see how deep the links are between the NSA and Goldman Sachs, for example. Especially compared to links between PLA Unit 61398 and say, Huawei, ZTE and China’s state-owned-enterprises, or its major steel makers looking for sensitive pricing data from resources companies abroad.

It’s China’s use of cyberespionage to bolster its industries and economy that is likely forcing the US to consider offensive responses. And note the American preoccupation with rules, laws and “appropriate boundaries.”

This isn’t to say the Guardian and Washington Post scoops aren’t important. But regarding offensive cyber operations, the scoops might not be important in the way much of the West is taking them to be.

I would be really curious about the nationality of American Glenn Greenwald’s source for these “leaks” in particular. As an aside, it’s worth noting that The Guardian suffers more than most UK publications from the Athens-Rome complex with regards to the US. Who can forget the Clark County debacle of 2004?

Is a healthy shot of hysteria over Chinese cyberspying just what’s needed?

Few countries do hysteria as well as America. It’s in the blood. From the Salem Witchtrials to the Red Scares, it’s a talent. So it’s no surprise there is has been a shudder of hysteria in the recent reporting about Chinese hacking of US weapon secrets.

First The Washington Post reports that China has access to a cache of American military secrets. Then the Pentagon downplays the report

The truth is probably somewhere between the two reports. But to be honest, a certain amount of alarm is overdue, especially after decades of complacency about China. Obviously, something is amiss.

The free-trade Utopianists fought to liberate China with most-favored nation status. The thought at the time was that it would, for US business, open whole new vistas of profits. Free minds would follow free markets, I seem to remember hearing from a pre-9/11 America, whose cocksure business lobby was firmly in the driver’s seat of government and much of society.

A decade after China’s accession to the WTO, things haven’t worked out as planned.

Human rights have not marched forward in China – but let’s face it: US business could have lived with that outcome.

Instead, in 2013 Chinese authoritarian capitalism poses a direct challenge to Western business and government. It’s one thing for Western business to have trouble profiting from China, it’s quite another for the Chinese model to threaten the system upon which Western capitalism is based on.

When all blueprints and trade secrets stored on computers are up for grabs by Beijing to be incorporated into the goal of advancing China’s progress (or resumption of their premier place in world affairs – as they see it), it really raises the question of how the US business, but also government and people, will respond.

Looking at tech, David Gewirtz at ZDNet is on to something in his description of the cyberspying of the Chinese as consistent with ancient Chinese notions of war. Give Gewirtz credit for pulling together the strings on this:

“The skillful leader subdues the enemy’s troops without any fighting; he captures their cities without laying siege to them; he overthrows their kingdom without lengthy operations in the field.”

Sun Tzu repeats over and over the idea that once you get to shooting, you’ve given up your advantage. His entire strategic treatise is fighting the war before you fight the war.

Sound familiar? It sure seems like China is engaging in this cyberwar strategy using the Sun Tzu playbook.

And credit to Gewirtz here, too, for wrapping in an example from Battlestar Galactica. (It’s also interesting to read Gewirtz’s views on Chinese cyberprobing in light of the Senkaku-Diaoyu naval adventurism by the China). 

At this point, the reader may say: but the US hacks, too. True. I break out the difference between the Chinese strategic model and the US model here.

Given all of the above, US business, technology, and government must quickly learn something essential. If you want to effectively counter the China model: more of the same won’t work. More of the same, privatizing losses attributed to cyber theft, hiding them from the public, while socializing the risks for the economy and by extension the society won’t work.

And remember, the goal is not for the US economic empire to be “number one,” in anyone’s books. The goal is for the US republic to not get pinned down economically, technically, politically and have to answer to a foreign power wanting to revive an ancient order.

So the world will be watching to see if Obama shames Xi Jinping at their meeting next week in California. As Michael Auslin, from the AEI writes, it’s time to end the abusive relationship between China and the US.

Washington needs to admit that it is in an abusive relationship, and then find the courage to protect itself against further mistreatment.

In an ironic manner, Auslin, who proposes some decidedly non-free-tradey solutions including sending some “viruses back” to China, questions just what kind of relationship the US is fostering with China.

China’s top military leader told U.S. National Security Adviser Tom Donilon that Beijing wanted to create a “new type of major power relations.” Apparently that new relationship entails robbing your partner blind of his most sensitive secrets, then welcoming him for tea while mouthing nostrums about good fellowship.

There is a challenger out there, Uncle Sam, already as big and strong as you. So this is real, Uncle Sam: What are you going to do about it? A tinge of alarm is only necessary.