Recent American presidents have not been particularly savvy technologists. Bill Clinton sent just two emails during his eight years in office, and George W. Bush once said that he used “the Google” on occasion. Both men, however, authorized the development and deployment of sophisticated military technologies for cyber espionage and warfare that are now central to national defense. President Obama has only increased investment in military cyber operations. The Department of Defense will expand its cyber forces from roughly 1,000 to 6,000 by the end of 2016.
A new book by Shane Harris chronicles the startling rise and unsettling implications of cyber warfare and espionage. @War: The Rise of the Military-Internet Complex is a deeply informative account of how corporations, governments, and even individuals are rapidly perfecting the ability to monitor and sabotage the Internet infrastructure essential to their perceived and actual enemies.
One of Harris’s first examples comes from the conflict in the Balkans in the 1990s. US military hackers infiltrated the systems of Bosnian air traffic controllers and duped them into thinking that invading aircraft were coming from one direction when in fact they were approaching from another. The second Iraq war saw a massive increase in the scale and sophistication of cyber surveillance and aggression. In 2007, a squad of elite cyber warriors arrived in Iraq and launched an ambitious scheme to destroy networks of insurgents. Hackers tracked targets remotely by monitoring their cell phone signals, sent fake text messages that appeared to come from the network leaders, and posted messages in online Al-Qaeda chat rooms questioning whether violent bombings defied the tenets of Islam.
The events of 9/11 enabled the NSA to exponentially expand its efforts to intercept all electronic communications – from cell phone conversations to emails to Internet chat exchanges – with potential relevance to national security. One dominant method of NSA surveillance involves close cooperation with technology and telecommunications companies like Google, Yahoo, and AT&T. The government has paid millions of dollars for access to data stored on private servers and sidestepped the murky legality of their operations by analyzing so-called metadata stripped of identifying details.
The 2013 revelations by former-NSA employee Edward Snowden showed both the difficulties of anonymizing data and the tremendous potential for overreach that the NSA’s broad mandate has created. While Harris is sensitive to the privacy issues the Snowden affair raised, he places them in a larger context of risks and benefits that accompany powerful cyber espionage capabilities.
Proponents of increasing American strength in cyber espionage and warfare point to the frequent and often damaging campaigns launched by foreign countries against American institutions. In 2006, for instance, a critical American military advantage was erased when Chinese cyber spies penetrated military networks and stole the classified jet designs for the Joint Strike Fighter, a highly sophisticated aircraft. By 2012, a Chinese jet based partly on the stolen information made its debut. Over the past decade, both freelance and government-backed Chinese cyber spies have infiltrated military computer networks and snatched sensitive information about dozens of systems, everything from mine reconnaissance technology to sonar for undersea mapping.
And China is not the only aggressor. A blueprint of Obama’s helicopter was discovered on a computer in Iran, and a sustained attempt to disrupt the websites of major American banks was also attributed to Iran. Federal authorities informed more than 3,000 companies that they had been hacked in 2013 alone, and this number represents only those infiltrations that were detected. Many companies have discovered breaches but declined to publicize them in order to avoid alarming customers and investors.
Google and The New York Times were two of the more prominent targets, but perhaps more unsettling are cyber raids by Chinese hackers that have successfully mapped the designs of major American refineries and natural gas pipelines. In the event of a full-scale war, this information could be used to devastating effect.
The primary concern of the Chinese appears to be the theft of intellectual property from American companies; their motives are largely economic. But other countries and groups may want to access sensitive information in order to cause massive disruptions and even fatalities. President Obama has publicly warned that malevolent hackers could plunge entire American cities into darkness if they hijacked the computer systems that regulate power and utility companies.
American hackers employed by the military and private-sector security firms employ the same set of tactics as their enemies. The Chinese hacked email accounts of Obama’s campaign staffers in 2008, but hackers working for the American government broke in to an email server used by the president of Mexico in 2010. The NSA also accessed more than 85,000 text messages sent by Mexican presidential candidate Enrique Nieto.
When precisely cyber espionage escalates into warfare is difficult to pinpoint. One of the more frightening scenarios that Harris conjures involves the murky transition from espionage to sabotage. Many American companies practice “active defense,” a euphemism for attempting to disable the networks of hackers targeting a company. Often this involves implanting malware and viruses on machines in foreign countries. If a particularly malignant virus spread beyond its intended target and dismantled critical infrastructure in a foreign nation, a private company might find itself embroiled in a cyberwar with an entire country.
If such a war does occur, a vital type of weapon that will be used by both sides is called a “zero day vulnerability.” Zero days are potentially damaging flaws in software and hardware that have escaped the notice of the companies that made the products. Hackers find these vulnerabilities and sell them to governments and companies. The NSA and Google are both particularly large purchasers of zero days, which derive their name from the fact that the enemy would have zero days to prepare for an assault that exploited such a previously undetected weakness.
By stockpiling zero days, the NSA hopes to compile a formidable arsenal that could be used in the event of cyberwar. But Harris correctly notes the risk that such a policy could backfire. By supporting hackers who detect major flaws in software and hardware that could disable the digital infrastructure other countries, the NSA is funding a dangerous market. There’s no guarantee that the only buyers of such vulnerabilities will be American. For the right price, international hackers are already willing to sell damaging zero days to rogue groups. If a cyber attack does darken a major American city, our adversaries will likely have purchased a zero day from one of the same companies that Google, the NSA, and many American banks now support.