Biggest Threat to an Open Internet: U.S. Intelligence Community

The biggest threat to the open internet is not Chinese government hackers or greedy anti-net-neutrality ISPs, it’s Michael McConnell, the former director of national intelligence.

McConnell

McConnell’s not dangerous because he knows anything about SQL injection hacks, but because he knows about social engineering. He’s the nice-seeming guy who’s willing and able to use fear-mongering to manipulate the federal bureaucracy for his own ends, while coming off like a straight shooter to those who are not in the know.

When he was head of the country’s national intelligence, he scared President Bush with visions of e-doom, prompting the president to sign a comprehensive secret order that unleashed tens of billions of dollars into the military’s black budget so they could start making firewalls and building malware into military equipment.

And now McConnell is back in civilian life as a vice president at the secretive defense contracting giant Booz Allen Hamilton. He’s out in front of Congress and the media, peddling the same Cybaremaggedon! gloom.

And now he says we need to re-engineer the internet.

We need to develop an early-warning system to monitor cyberspace, identify intrusions and locate the source of attacks with a trail of evidence that can support diplomatic, military and legal options — and we must be able to do this in milliseconds. More specifically, we need to re-engineer the Internet to make attribution, geo-location, intelligence analysis and impact assessment — who did it, from where, why and what was the result — more manageable. The technologies are already available from public and private sources and can be further developed if we have the will to build them into our systems and to work with our allies and trading partners so they will do the same.

Re-read that sentence. He’s talking about changing the internet to make everything anyone does on the net traceable and geo-located so the National Security Agency can pinpoint users and their computers for retaliation if the U.S. government doesn’t like what’s written in an e-mail, what search terms were used, what movies were downloaded. Or the tech could be useful if a computer got hijacked without your knowledge and used as part of a botnet.

The Washington Post gave McConnell free space to declare that we are losing some sort of cyberwar. He argues that the country needs to get a Cold War strategy, one complete with the online equivalent of ICBMs and Eisenhower-era, secret-codenamed projects. Google’s allegation that Chinese hackers infiltrated its Gmail servers and targeted Chinese dissidents proves the United States is “losing” the cyberwar, according to McConnell.

But that’s not warfare. That’s espionage.

McConnell’s op-ed then pointed to breathless stories in The Washington Post and The Wall Street Journal about thousands of malware infections from the well-known Zeus virus. He intimated that the nation’s citizens and corporations were under unstoppable attack by this so-called new breed of hacker malware. … Continue Reading

NSA, Google team Up

The world’s largest Internet search company and the world’s most powerful electronic surveillance organization are teaming up in the name of cybersecurity.

Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google — and its users — from future attack.

Google and the NSA declined to comment on the partnership. But sources with knowledge of the arrangement, speaking on the condition of anonymity, said the alliance is being designed to allow the two organizations to share critical information without violating Google’s policies or laws that protect the privacy of Americans’ online communications. The sources said the deal does not mean the NSA will be viewing users’ searches or e-mail accounts or that Google will be sharing proprietary data.

The partnership strikes at the core of one of the most sensitive issues for the government and private industry in the evolving world of cybersecurity: how to balance privacy and national security interests. On Tuesday, Director of National Intelligence Dennis C. Blair called the Google attacks, which the company acknowledged in January, a “wake-up call.” Cyberspace cannot be protected, he said, without a “collaborative effort that incorporates both the U.S. private sector and our international partners.”

But achieving collaboration is not easy, in part because private companies do not trust the government to keep their secrets and in part because of concerns that collaboration can lead to continuous government monitoring of private communications. Privacy advocates, concerned about a repeat of the NSA’s warrantless interception of Americans’ phone calls and e-mails after the Sept. 11, 2001, terrorist attacks, say information-sharing must be limited and closely overseen.

“The critical question is: At what level will the American public be comfortable with Google sharing information with NSA?” said Ellen McCarthy, president of the Intelligence and National Security Alliance, an organization of current and former intelligence and national security officials that seeks ways to foster greater sharing of information between government and industry.

On Jan. 12, Google took the rare step of announcing publicly that its systems had been hacked in a series of intrusions beginning in December.

The intrusions, industry experts said, targeted Google source code — the programming language underlying Google applications — and extended to more than 30 other large tech, defense, energy, financial and media companies. The Gmail accounts of human rights activists in Europe, China and the United States were also compromised.

So significant was the attack that Google threatened to shutter its business operation in China if the government did not agree to let the firm operate an uncensored search engine there. That issue is still unresolved.

Google approached the NSA shortly after the attacks, sources said, but the deal is taking weeks to hammer out, reflecting the sensitivity of the partnership. Any agreement would mark the first time that Google has entered a formal information-sharing relationship with the NSA, sources said. In 2008, the firm stated that it had not cooperated with the NSA in its Terrorist Surveillance Program.

Sources familiar with the new initiative said the focus is not figuring out who was behind the recent cyberattacks — doing so is a nearly impossible task after the fact — but building a better defense of Google’s networks, or what its technicians call “information assurance.”

One senior defense official, while not confirming or denying any agreement the NSA might have with any firm, said: “If a company came to the table and asked for help, I would ask them . . . ‘What do you know about what transpired in your system? What deficiencies do you think they took advantage of? Tell me a little bit about what it was they did.’ ” Sources said the NSA is reaching out to other government agencies that play key roles in the U.S. effort to defend cyberspace and might be able to help in the Google investigation.

Read the Rest

Pentagon Struggles with Cyber Security

WASHINGTON — On a Monday morning earlier this month, top Pentagon leaders gathered to simulate how they would respond to a sophisticated cyberattack aimed at paralyzing the nation’s power grids, its communications systems or its financial networks.

The results were dispiriting. The enemy had all the advantages: stealth, anonymity and unpredictability. No one could pinpoint the country from which the attack came, so there was no effective way to deter further damage by threatening retaliation. What’s more, the military commanders noted that they even lacked the legal authority to respond — especially because it was never clear if the attack was an act of vandalism, an attempt at commercial theft or a state-sponsored effort to cripple the United States, perhaps as a prelude to a conventional war.

What some participants in the simulation knew — and others did not — was that a version of their nightmare had just played out in real life, not at the Pentagon where they were meeting, but in the far less formal war rooms at Google Inc. Computers at Google and more than 30 other companies had been penetrated, and Google’s software engineers quickly tracked the source of the attack to seven servers in Taiwan, with footprints back to the Chinese mainland.

After that, the trail disappeared into a cloud of angry Chinese government denials, and then an ugly exchange of accusations between Washington and Beijing. That continued Monday, with Chinese assertions that critics were trying to “denigrate China” and that the United States was pursuing “hegemonic domination” in cyberspace.

These recent events demonstrate how quickly the nation’s escalating cyberbattles have outpaced the rush to find a deterrent, something equivalent to the cold-war-era strategy of threatening nuclear retaliation.

So far, despite millions of dollars spent on studies, that quest has failed. Last week, Secretary of State Hillary Rodham Clinton made the most comprehensive effort yet to warn potential adversaries that cyberattacks would not be ignored, drawing on the language of nuclear deterrence.

“States, terrorists and those who would act as their proxies must know that the United States will protect our networks,” she declared in a speech on Thursday that drew an angry response from Beijing. “Those who disrupt the free flow of information in our society or any other pose a threat to our economy, our government and our civil society.”

But Mrs. Clinton did not say how the United States would respond, beyond suggesting that countries that knowingly permit cyberattacks to be launched from their territories would suffer damage to their reputations, and could be frozen out of the global economy. … Continue Reading

ISP and Telecom State’s Secret Surveillance Machine

Why not follow the money trail…. As the interface between state and private criminality, following the money trail is oxygen and combustible fuel for rooting out corruption in high places: indelible signs left behind like toxic tracks by our sociopathic masters.

After all, there’s nothing quite like exposing an exchange of cold, hard cash from one greedy fist to another to focus one’s attention on the business at hand.

And when that dirty business is the subversion of the American people’s right to privacy, there’s also nothing quite like economic self-interest for ensuring that a cone of silence descends over matters best left to the experts; a veritable army of specialists squeezing singular advantage out of any circumstance, regardless of how dire the implications for our democracy.

In light of this recommendation researcher Christopher Soghoian, deploying the tools of statistical analysis and a keen sense of outrage, reaffirmed that “Internet service providers and telecommunications companies play a significant, yet little known role in law enforcement and intelligence gathering.”

That the American people have been kept in the dark when it comes to this and other affairs of state, remain among the most closely-guarded open secrets of what has euphemistically been called the “NSA spying scandal.”

And when the Electronic Frontier Foundation (EFF) posted thousands of pages of documents “detailing behind-the-scenes negotiations between government agencies and Congress about providing immunity for telecoms involved in illegal government surveillance” last month, they lifted the lid on what should be a major scandal, not that corporate media paid the least attention.

A lid that Obama’s “change” regime hopes to slam back down as expeditiously as possible.

Hoping to forestall public suspicions of how things actually work in Washington, the administration has declared that “it will continue to block the release of additional documents, including communications within the Executive Branch and records reflecting the identities of telecoms involved in lobbying for immunity,” according to EFF’s Senior Staff Attorney Kurt Opsahl.

No small matter, considering that should a court ever find avaricious telecoms and ISPs liable for violating the rights of their customers, fines could mount into the billions. Even in today’s climate of corporate bailouts and “too big to fail” cash gifts to executive suite fraudsters, damages, both in monetary terms and adverse publicity, would hardly be chump change. … Continue Reading

NSA Embraces Cloud Computing

The National Security Agency is taking a cloud computing approach in developing a new collaborative intelligence gathering system that will link disparate intelligence databases. Cloud computing may increase intelligence awareness among agencies and in effect increase national security, although the security of the actual information itself may be a major challenge.

The system, currently in testing, will be geographically distributed in data centers around the country, and it will hold “essentially every kind of data there is,” said Randy Garrett, director of technology for NSA’s integrated intelligence program, at a cloud computing symposium last week at the National Defense University’s Information Resources Management College.

The system will house streaming data, unstructured text, large files, and other forms of intelligence data. Analysts will be able to add metadata and tags that, among other things, designate how securely information is to be handled and how widely it gets disseminated. For end users, the system will come with search, discovery, collaboration, correlation, and analysis tools.

The intelligence agency is using the Hadoop file system, an implementation of Google’s MapReduce parallel processing system, to make it easier to “rapidly reconfigure data” and for Hadoop’s ability to scale.

The NSA’s decision to use cloud computing technologies wasn’t about cutting costs or seeking innovation for innovation’s sake; rather, cloud computing was seen as a way to enable new scenarios and unprecedented scalability, Garrett said. “The object is to do things that were essentially impossible before,” he said.

NSA’s challenge has been to provide vast amounts of real-time data gathered from intelligence agencies, military branches, and other sources of intelligence to authorized users based on different access privileges. Federal agencies have their own systems for sharing information, but many remain disconnected, while community-wide systems like Intellipedia require significant user input to be helpful.

The NSA effort is part of Intelligence Community Directive 501, an effort to overhaul intelligence sharing proposed under the Bush administration. Current director of national intelligence Dennis Blair has promised that intelligence sharing will remain a priority.

“The legacy systems must be modernized and consolidated to allow for data to actually be shared across an enterprise, and the organizations that collect intelligence must be trained and incentivized to distribute it widely,” he said in response to questions from the Senate prior to his confirmation.

The new system will run on commodity hardware and “largely” on commercial software, Garrett said. The NSA will manage the arrayed servers as a pool of resources rather than as individual machines.