How Cyber Escalation of the Cold War Has Led to Cyber Attack Proliferation


Star Chart – Many operators in the Ether

In the midst of a tumultuous election year, the Cold War with Russia (and China) just got hotter. Late last week as reported on ZeroHedge and other financial sites, the White House officially charged Russia with hacking candidate Clinton’s emails, declared a “Cyber War” on alleged enemies, and tasked the CIA to initiate a wide-ranging “clandestine” cyber operation designed to harass and “embarrass” the Kremlin leadership.” In an exclusive NBC report, the Obama administration “is contemplating an unprecedented cyber covert action” announced by Vice President Biden who provided no proof of the charges. But the policy that offensive cyber war was the US mode of engagement has been in place already for five years.

The Administration has intensified this “cyber war” consistently during the Obama second term but, like military operations, more engagement has led to a proliferation of cyber wars and cyber warfare actors. The official policy that ‘cyber war equals war’ was issued by the White House in 2011 in the final, published strategy, which stated that: “When warranted, the United States will respond to hostile acts in cyberspace as we would to any other threat to our country. We reserve the right to use all necessary means — diplomatic, informational, military, and economic — as appropriate and consistent with applicable international law, in order to defend our Nation, our allies, our partners, and our interests.”

The US Air Force declared in December 2005 a new mission:” to deliver sovereign options for the defense of the United States of America and its global interests — to fly and fight in air, space and cyberspace.” This policy of state-sponsored cyber warfare became institutionalized in 2006 when Marine General “Hoss” Cartwright proposed to President Bust that Operation Olympic Games be launched against Iran to disrupt their network of uranium enrichment centrifuges at its Natanz facility using an Israeli-US designed industrial controller virus called Stuxnet (which the US public only learned in June 2013 when the Justice Department security leak investigation was exposed). The computer security industry learned of the virus in mid 2009 when it leaked into the internet and an early decoder, Ralph Langner, called Stuxnet “a playbook (which has) legitimized a new form of industrial warfare.” Indeed, South Korea created a cyber-warfare unit in 2009 as did the UK and China in 2010 and other nations in the subsequent years.

Cyber-warfare targeted additional critical infrastructure resources during summer 2012 when Saudi Aramco and Qatari RasGas production controllers and system management computers were wiped clean by a virus called “Shamoon” of unattributed origin. Late that fall, Secretary of Defense Leon Panetta warned of a Cyber Pearl Harbor in a New York dinner as he detailed the utter devastation of Shamoon during the summer. But, interestingly, Panetta warned that the Shamoon incidents “renewed concerns about still more destructive scenarios that could unfold” against both the US Government and American companies – “imagine the impact an attack like this would have on your company.” In August 2012, Panetta asserted a major change in U.S. defense policy such that under new rules of engagement for cyberwarfare the Pentagon’s role would extend to defending private-sector computers against a major attack.

The coincidence of this leak investigation and the announcement of a “global” cyberwarfare policy by the Chairman of the Joint Chiefs Martin Dempsey is uncanny, the New York Times reported: “globally, new regulations were needed to govern actions by the world community in cyberspace. He said that the Chinese did not believe that hacking American systems violated any rules, since no rules existed.” At this stage, Dempsey segregated cyber intelligence and cyber warfare (the “dual-hat” structure) but, without fanfare, declared “defensive blocking” operations would be complimented by offensive operations, if so ordered by POTUS. This diktat, of course, is a violation of the War Powers Clause, Article 1, Section 8, Clause 11, which empowers ONLY Congress to declare war. Remember, in 2012-2014, the Chinese were the cyber-enemy.

But the Stuxnet investigator, Ralph Langner, explained at a Brookings Institution speech that, “Cyberweapons proliferate by use, as we see in the case of Stuxnet, Several months or weeks or a year later, the code is available on the Internet for dissection by anyone who has the motivation or money to do so.”  Indeed, over the past five years, banks and other financial institutions have been flooded with viruses and hack attacks, and much of this malware is being securely downloaded from supposedly secure sites to client computers (2m attacks on bank accounts, 800M overall attacks in 2015, according to Kaspersky Lab). In 2012, Kaspersky found a cyber surveillance virus  designed to hack banking transactions, stealing login information for social networks, email and instant messaging in the Middle East – specifically targeting Lebanon’s BlomBank, ByblosBank, Credit Libanais, Citibank and eBay’s Paypal online payment system. Researchers confirmed that this virus was conducting surveillance on banking transactions and being used to steal money out of targeted accounts. The virus called called Gauss was a new virus; related to Stuxnet, Flame and Duqu, yet a more sophisticated, state-sponsored cyber-espionage tool. Researchers from the security software manufacturer Symantec Corp, confirm Kaspersky Lab’s summation that Gauss is related to previous government-created cyber warfare viruses. Kapersky Lab stated: “After looking at Stuxnet, Duqu and Flame, we can say with a high degree of certainty that Gauss comes from the same ‘factory.’ All these attack toolkits represent the high end of nation-state-sponsored cyber-espionage and cyber war operations.”


Picture credit: TTGT Media

And now the threat is systemic. Kansas City Federal Reserve President Esther George stated this past week that the whole payments system is under risk and she warned that the growing threats were undermining public confidence in the system. “We must keep pace with the rapidly evolving and expanding risks that threaten the payments ecosystem,” The breaches are already exposed as WIRED detailed: for example, hackers stole $81M from the New York Federal Reserve in February 2016 through the SWIFT international payments network (the banking system’s backbone).

In reaction to Biden’s threat, Russian President Putin remarked, that such threats do not “meet the standards of international communication… Too bad that based on the current [US] internal political problems, Russia-US relations are being sacrificed. This actually destroys international relations in general.”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s