Friday, June 28, 2013

More on the James Cartwright leak investigation

Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon TED Talks 03/29/2011:

Shane Harris and Noah Schachtman weigh in on the news about retired Gen. James Cartwright being the target of a major leak investigation, presumably over leaks about Stuxnet (A General Gets Knifed Foreign Policy 06/28/2013):

Usually, the Obama administration and the Pentagon do their bureaucratic knife fighting in private. Not so in the latest investigation of a national security leak.

his time the target is one of the highest profile -- and perhaps most controversial -- senior military officers in the United States, Gen. James Cartwright. The former vice chairman of the Joint Chiefs of Staff is now allegedly a top target in the FBI's investigation of who leaked details about the Stuxnet cyber weapon that hit Iran's nuclear program. ,,,

Cartwright is also vulnerable because - conveniently -- he's no longer in government. ... No doubt the FBI investigators are professionals, not political creatures. But even professionals take into account Washington's architecture of power. Targeting a sitting official has to be done with care, since it would be politically devastating to an administration that already is on the defensive about other officials who might have disclosed sensitive information.

Take the current CIA Director, John Brennan, for instance. He may have tipped TV pundits to the existence of a CIA mole in Yemen. Yet it's the Associated Press's reporting team that's coming under scrutiny for reporting on a CIA operation that foiled a bombing attempt - even though the story in question was held at the agency's request.
But Harris and Schachtman don't look at the considerations discussed in my previous post on how the Stuxnet program first came to public light and on Marcy Wheeler's interesting and plausible suggestion that the investigation may have to do with Cartwright's possibly having leaking political embarrassing information on Administration criticisms of Israel's conduct in relation to Stuxnet.

But Harris' and Schactman's commentary also points up yet again how actively senior officials in the Obama Administration leak classified information in self-serving ways, usually without being prosecuted for it.

This is also an important comment on the state of cyberwar:

The foreign policy implications of identifying the Stuxnet virus as the handiwork of U.S. spies were enormous. The Obama administration's protests against Chinese cyber espionage are undermined by the fact that America fired the first shot in a global cyber war. And it arguably led to an escalation. U.S. intelligence believes that the cyber attack on the facilities of Saudi Aramco last year was carried out by the government of Iran.
It's worth noting that the Administration's position is that a cyber attack on important US facilities constitutes an act of war. (Sources: US decides cyber attack can be 'act of war' NBC News 05/31/2011) Which means the US' and Israel's Stuxnet attack on Iran was an act of war. And, by that reasoning, a war crime.

More on the blowback potential (and the discovery of Stuxnet) from Mark Clayton, Presidential cyberwar directive gives Pentagon long-awaited marching orders Christian Science Monitor 06/10/2013:

Yet it’s not only collateral damage from cyberweapons, but the fuel that unleashing them provides for the current global cyberarms race that worries Ralph Langner, the Hamburg-based cybersecurity expert who in 2010 first publicly identified the Stuxnet cyberweapon that was used to attack and destroy a substantial chunk of Iran’s centrifuge system for developing nuclear fuel.

Stuxnet, the first publicly identified weapons-grade digital warhead, was created and deployed by the US – an attack authorized by President Obama and dubbed “Operation Olympic Games,” according to news reports that the White House has still not formally corroborated.

The biggest threat posed by the PPD-20, Mr. Langner writes, is the model it creates for unleashing powerful cyberweapons into the global network that can then be reworked either by hackers or rogue nation states like Iran and North Korea and relaunched back at the US.

“Nobody actually is able to predict the mid- and long-term effect of cyberweapons,” Langner notes. “The big issue is proliferation: It is much easier to rebuild a cyberweapon that is out in the open than a kinetic weapon.”

For example, even after the design of the F-35 fighter jet is leaked, it still requires a nation state to actually build one, he writes in an e-mail interview. Not so for cyber. A cyberweapons workshop can operate completely under the radar of satellite surveillance. It could even operate in foreign locations or on hostile soil. And, while building a fighter jet based on stolen blueprints may take a decade or so, it would require a dedicated team of cyberweapons experts just months to reengineer a devastating cyberweapon against US critical infrastructure, he adds.
Tags: ,

No comments: