Cybersecurity: the Pentagon offensive and the digital Pearl Harbor
By End the Lie
In early June of this year, the Pentagon announced their change in policy that now allows the United States to respond to cyber-attacks with physical bombs and guns. This shift signaled a new era in warfare, a shift from the tried-and-true physical conflicts to the mysterious new world of cyberwarfare.
This month the Pentagon has officially declared cyberspace as an “operational domain” which is nothing more than a domain in which war is waged like land, air, and sea.
When Leon Panetta stated that the next Pearl Harbor could be a cyberattack on American infrastructure, the Western media had a field day. The LulzSec controversy helped to solidify the idea of a cyber-threat in the minds of the American people.
With the internet now portrayed as a battlefield like any other, the people of the United States only needed a direct attack on government systems to justify the escalation of cyberwarfare strategy.
Well this is exactly what we got in March of this year when 24,000 files were stolen from a United States defense contractor according to Deputy Defense Secretary William Lynn III. Lynn has stated that the files were stolen by a foreign intelligence service.
The target of the attack and the name of the nation allegedly responsible have not been released nor have any details of what the breached files contained. Still mysterious is exactly what will come of this attack in terms of military response.
One thing we can be sure of is that it is just another excuse to push forward with the China-style legislation known as the Protect IP act. This event is far from alone, as it seems that Anonymous continues to add fuel to this anti-internet freedom fire.
Earlier this week hackers under the banner of the LulzSec/Anonymous Operation AntiSec (Anti-Security) breached American defense contractor Booz Allen Hamilton’s servers. This resulted in 90,000 e-mails and encrypted passwords being released belonging to military personnel.
The military contractor refused to comment on the breach but this marks a massive new leap in the severity of the breaches being carried out by so-called hacktivist groups.
In addition to leaking 90,000 e-mails and passwords which will allow criminal “phishing” groups to fraudulently access bank accounts and so much more, the hackers deleted an entire 4 GB of Booz Allen Hamilton’s source code.
While the hackers aren’t necessarily praiseworthy for their actions, it appears that Booze Allen Hamilton’s security measures were far from adequate. According to AntiSec’s post on PirateBay.org they, “infiltrated a server ont heir network that basically had no security measures in place.”
The LulzSec-Anonymous hybrid group has also attacked the FBI contractor IRC Federal among other high profile targets.
As I have pointed out so many times, these only serve to beef up the argument for the implementation of draconian internet legislation in the United States. I have yet to hear a compelling argument in support of a single thing LulzSec and Anonymous are doing currently.
Even the groups they are attempting to help, like Food Not Bombs of Orlando, Florida, have called their hack attacks a “distraction.”
While no real activists and civil libertarians seem to be pleased with the actions of these hacking groups, the Pentagon is likely quite happy with their work.
It makes it a lot easier to sell violent military retaliation or over-the-top internet control when you have a laundry list of cases to point to in which normal people have their information breached as well.
Some military officials are already criticizing the Department of Defense’s cybersecurity plan as “way too predictable.”
General James Cartwright of the United States Marines Corps said that the Pentagon needs to prepare offensive measures to wield over potential attackers.
Despite the Pentagon’s clear statement that military force can and will be utilized against hackers, General Cartwright thinks that defensive measures are too expensive and not efficient.
Cartwright is under the impression that the only thing that will deter potential attackers will be the threat of retaliation. The massive logical hole in Cartwright’s assumptions is that cyber-attacks are not easily attributable to a single country or government.
If a Chinese hackers breaches Pentagon networks without the consent or support of the Chinese government do we bomb China? Or should we just retaliate with a malicious virus?
If an American teenager from Chicago breaks into military servers should we send him a nasty virus via e-mail or just kick down his door and kill him?
Proponents of the retaliation tactic have yet to explain these major concerns. These issues will shape international diplomacy in the decades to come.
If the U.S. military’s cyber command estimates that the Pentagon networks are probed by over 250,000 possible hackers every hour, how would offensive strategies be even remotely efficient?
The fact is, the networks are not secure as is, and threatening hackers in Romania with military force is going to be no more effective than a thorough finger-wagging.
If the United States chooses to take the policy that any cyber-attack will be retaliated against even if it is not directly attributable to a nation’s government, we will find ourselves even more alienated than we are currently.
The federal government has already been sinking billions into their attempts at cybersecurity measures.
All of these efforts seem to fall far short of the mark, evidenced by the fact that a foreign intelligence agency was just recently able to make off with thousands of secret documents.
When Deputy Defense Secretary William Lynn III outlined the Department of Defense’s new cybersecurity strategy far too many questions were left unanswered and ambiguity continues to reign supreme.
Meanwhile, on the legislative front, the battle against internet freedom wages on as Senator Patrick Leahy’s Protect IP Act is discussed in Washington.
According to more than 90 law professors from across the United States the proposed act is not only unconstitutional but it is actually “more restrictive than Chinese law.”
However, experts have pointed out that the internet bill could actually help hackers. Of course, the Motion Picture Association of America, or MPAA, one of the largest backers of this legislation vehemently denied such claims.
Regardless of the fact that the MPAA has absolutely no evidence to back their claims, the legislation moved out of committee even after the security concerns were raised by several experts and presented in May of this year.
The battlefield of the internet is getting uglier by the day and we are just seeing the growing pains of what will likely become the largest front in coming decades.
I sincerely hope that the American people can stand up and refuse to have our Constitution thrown out the window completely in the name of cybersecurity. This is neither necessary nor acceptable.