ChrisWeigant.com

Please support ChrisWeigant.com this
holiday season!

Cyberwar Or Cybervandalism?

[ Posted Monday, December 22nd, 2014 – 18:10 UTC ]

The whole story would likely be rejected as a Hollywood plot, on the grounds that nobody would believe it could ever happen, even as comedy or farce. A dictator is insulted by an upcoming movie -- a comedy about his own assassination -- and he unleashes his hackers on the studio to take revenge, by posting their embarrassing emails and then prevents the movie's release by making ludicrous threats to theaters? Preposterous!

Nevertheless, here we are, pondering how to react. The United States government will likely take some sort of revenge of our own, and we may in fact already be doing so. As I write this, there are stories circulating that North Korea's internet (such as it is) is going haywire. What an odd coincidence, eh?

President Obama, in his year-end press conference, called North Korea's actions "cybervandalism." This outraged John McCain, who called the North Korean Sony hack an "act of war." Others have called it an act of "cyberterrorism." While on one level it doesn't make a dime's worth of difference what politicians call it, the interesting thing is how nebulous these terms are, mostly due to their newness.

The basic concept has been around for a while, though. Ever since modern life (including the military) became reliant upon computers, people (Hollywood included) have pondered doomsday scenarios, from War Games to The Terminator (Skynet) to The Matrix. Two of those movies came out in the 1980s -- Hollywood's been having fun with this theme for a while, now. But nobody's ever really accurately defined what does and what does not constitute an act of war delivered through computer networks.

Does hacking into a private entertainment corporation's computer files constitute an act of war? Against whom, exactly? Japan, or the United States (remember: we are talking about Sony)? The very idea seems kind of silly. Or maybe not. Replace "entertainment" in that first question with "nuclear power" and it starts seeming a whole lot less silly and a whole lot more warlike. The nuclear power industry is run by private energy corporations, after all. The fallout from an attack on a private corporation could change from "being forced not to release a movie" to "actual, literal nuclear fallout" -- a much different level of societal danger.

An attack on America's power grid delivered through computer networks -- even without bringing nuclear power plants into it -- would likely be seen as an act of war by most Americans. If a blackout suddenly struck the East Coast at rush hour, many lives would be endangered and doubtlessly some deaths would occur as a direct result (just picture all those intersections without stoplights, for starters). If this were traced to a foreign malicious actor, my guess is that John McCain wouldn't be the only one talking about cyberwar. If it involved screwing up the controls of a nuclear power plant that resulted, somehow, in a meltdown or release of radioactive material, there would be few who wouldn't label it an act of war.

President Obama chided Sony for not releasing the movie anyway. It was fairly safe for him to do so, since the actual risk of a North Korean terrorist attack in U.S. theaters is fairly low. But what if the bad actors involved in this story had been Islamic terrorists? Would it have been so easy a call in that case? Many agreed with Obama in denouncing Sony's cowardly behavior, but a few years back, very few American newspapers printed the cartoons mocking Islam that caused such a furor from Denmark. In that instance, seeing what the reaction had been, almost no American publication stood in solidarity for the rights of free speech and the right to publish material which offends religious sensibilities. So while it's easy to denounce Sony today, when circumstances were a little different, fear ruled the editorial and corporate decisions. Sony gave in to terrorists out of their own fear, but when the fear was a lot more realistic and plausible, the American press -- en masse -- also gave in to fear of terrorism.

The Sony hack itself was not an act of war or terrorism. Neither was leaking embarrassing emails a terrorist act. The threats against the theaters were unequivocally terrorism, however. Threatening a civilian population to achieve military or political ends is one workable definition of what constitutes terrorism, and threatening violence on the opening day of a movie certainly seems to fit the bill.

But what if there had been no violence threatened at the theaters? When you separate out that part of what happened, you are left with an attack against a corporation. This attack wasn't carried out for industrial espionage reasons -- a whole category of computer mischief that most big companies have to protect themselves against. North Korea wasn't trying to copy or profit off the files they stole, to put it another way. They were trying to inflict damage on Sony in order to pressure them to kill a particular movie. Some might describe that as corporate terrorism (terrorism against a corporation instead of a nation, in other words), but it doesn't really fit the classic definitions of either terrorism or warfare. Again, this is an entertainment company and the email leaks were designed to embarrass them. Which succeeded, in fact. It might be seen differently if the company involved was building warplanes, or ships for the Navy. Or maintaining the electrical grid.

What I wonder, in all the debate, is how America would react if a foreign actor decided to introduce havoc into our production of nuclear weapons. My guess is that we wouldn't be dithering over which term to use if that ever happened -- if a virus were introduced which screwed up our uranium processing plants, for instance. The only debate, then, might be between calling it "cyberwarfare" or just a plain-vanilla "act of war." Either way, we would agree that we had been attacked. We would probably seek revenge or retribution for such an action. We might even march our troops off to wage war against such a foreign country.

I bring all this up because there is one word that has been noticeably missing from this entire debate. The word is "Stuxnet," and it is the name of a computer virus. In secret -- with no public debate or discussion in Congress -- America (and possibly Israel) may have developed this virus for a very specific reason, and then unleashed it on the internet to do its damage. The virus attacked one country in particular, and it targeted the machinery for refining uranium. The country was Iran.

Are we at war with Iran? No, not really. We certainly haven't declared war or anything, and we have no "police action" or other warlike euphemism going on at the moment. And yet, if it is true that America had a part in creating Stuxnet (our involvement has never been officially confirmed, I should point out in all fairness), then we did all we could to destroy their centrifuges. If the same thing had happened to us, we would definitely call it an act of war. We might even go to war against the country that launched such an attack.

Defining new terms like cyberwarfare isn't really the only issue at hand. America, once again, can really only hypocritically take the moral high road on cyberwar. Sure, we all like to get indignant over North Korea deciding what movies we are able to watch here in our free society, but we may have already done far worse to other countries. Mind you, I'm not saying that what Stuxnet did to Iran was or wasn't the right thing to do -- that's a much larger argument than what I'm saying here. All I'm pointing out is that our hands might not be squeaky clean when it comes to cyberwar. The media and the politicians really don't want to bring Stuxnet up in the midst of all our high dudgeon on North Korea, but just because we don't want to talk about it doesn't make it go away: we may have already done worse things than stop a foreign movie's release. We'll probably do so again in the future, if we think it'll be effective.

No matter what you call it -- cyberwar, cyberterrorism, or cybervandalism -- it's not going to go away any time soon. It's a reality of modern computerized life. We should all get used to the whole range of such attacks, because from multinational corporations to national armies to extortionists to greedy thieves, this mischievous genie is never going back into the bottle. Our enemies will continue to use it, and so will we, when we think it's worth the risk.

-- Chris Weigant

 

Cross-posted at The Huffington Post

Follow Chris on Twitter: @ChrisWeigant

 

31 Comments on “Cyberwar Or Cybervandalism?”

  1. [1] 
    Michale wrote:

    Very good commentary. And I agree with it, for the most part..

    The Sony hack was really nothing more than CyberVandalism.. The threats to attack theaters was threats of terrorism as you say..

    My only nitpick:

    The word is "Stuxnet," and it is the name of a computer virus. In secret -- with no public debate or discussion in Congress -- America (and possibly Israel) may have developed this virus for a very specific reason, and then unleashed it on the internet to do its damage.

    Since when do we have public debate in Congress over intelligence operations before the fact??

    And that is what the cyber-attack on Iran was. An intelligence operation..

    No, we are not in a declared war with Iran. But we are certainly in a cold war with Iran..

    And with very good reason. Iran must simply NOT be allowed to possess nuclear weapons.. And practically ANY steps taken to prevent this from occurring is justifiable given the enormity of the threat that it represents..

    It all boils down to one true concept in any war, cyber or otherwise...

    The ends justifies the means...

    Michale
    313

  2. [2] 
    Michale wrote:

    OK, people.. I am throwing another donation into the kitty to see the bar move.. :D

    Keep the donations coming in!!

    No Ads and less Michale! How can you go wrong!!?? :D

    Michale
    315

  3. [3] 
    Michale wrote:

    Cyber Command investment ensures hackers targeting U.S. face retribution
    http://www.washingtontimes.com/news/2014/dec/22/us-cyber-command-investment-ensures-hackers-target/

    By there very nature, these activities must be done in secret..

    A country that can't have secrets will not last the day....

    Michale
    316

  4. [4] 
    Michale wrote:

    From the above article..

    President Obama recently depicted the attack on Sony Pictures Entertainment as “cybervandalism.” The company responded to foreign threats of terrorism on movie theaters showing “The Interview” by pulling the film.

    Mr. Henry, the FBI’s former cybersecurity chief, said he believes policy leaders need to regard the North Korean hack as an act of war and not vandalism. Equating North Korea’s actions as “the equivalent of graffiti” is misleading, he said.

    “Call it what it is, so that the American public understands what the real risks are that we face,” he said.

    While this makes a case for calling the Sony hack an act of (cyber) war, consider this..

    Say that some country sent a group of commandos into the US as a prelude to an invasion.. Their goal was to attack a military headquarters but they first had to test defenses...

    So, they send in one guy to spray graffiti all over the building as a way of testing whether or not the area can be infiltrated..

    So, while the act itself is simple vandalism it could STILL be considered an act of war because of the ultimate intent..

    It could be this way with the Sony hack.. Those who might be interested in initiating a full scale cyber war with the US might be sending "one guy" in to see how easy/hard it's going to be...

    So, this one act of cyber vandalism could be, in the larger context, the opening salvo in a coming cyber war..

    Michale
    317

  5. [5] 
    Michale wrote:

    If ya'all want to know the official DoD definition of Cyber Warfare..

    Creation of effects in and through cyberspace in support of a combatant commander's military objectives, to ensure friendly forces freedom of action in cyberspace while denying adversaries these same freedoms. Composed of cyber attack (CA), cyber defense (CD), and cyber exploitation (CE).

    Which dovetails nicely with what I said above..

    A single act against a non-military target cannot, by definition, be an act of cyber war..

    So McCain and Graham are off their rocker with their statements...

    There! That's for those of you who say I never slam Republicans. :D

    The key point is "military" objectives..

    As CW points out in his commentary, an attack against an entertainment company has no military value whatsoever..

    A cyber attack against a power grid is a whole 'nother story...

    That WOULD be considered an act of cyber war..

    Michale
    318

  6. [6] 
    goode trickle wrote:

    Of course all of this assumes that North Korea a country with limited global internet connections that are ,I am sure, closely monitored, actually committed the actions.

  7. [7] 
    goode trickle wrote:

    As I was saying, it would not be the first time our governemnt has played the look over here game.

  8. [8] 
    TheStig wrote:

    Expanding a bit on Goode Trickle:

    Roughly month after the Sony story broke, it's still unclear who pulled off the hack, and what their motivation was/is. False flag covert ops are not exactly unknown, and Russia or China might prefer to give us a dope slap and assign credit elsewhere. Our our own government might prefer to play along: it's one thing to retaliate against isolated, economically insignificant NK, quite another to go all proportional on China or Russia.

    I'm no expert in cyber security or internet forensics, but quite a few of the big names in both fields are skeptical it was NK - and they give convincing, if not air tight alternatives. Internet forensics can be tricky (so it's said) and hacktivists, extortionists, with perhaps a bit of help from within SONY itself can't be entirely ruled out to my satisfaction. North Korea's internet may not need external help to crash, coincidences happen.

    Multiple actors plausibly have both motivation and means to carry this sort of thing out. North Korea is certainly the prime suspect, but perhaps we should hold of on assigning a name for what to call this attack is until we are more certain about who did it.

  9. [9] 
    Michale wrote:

    Roughly month after the Sony story broke, it's still unclear who pulled off the hack, and what their motivation was/is. False flag covert ops are not exactly unknown, and Russia or China might prefer to give us a dope slap and assign credit elsewhere.

    While I am sure Russia and China would love to dope slap the US, their choice of a target makes little to no impact in US foreign policy or it's affairs..

    I doubt Russia or China would give two farts for Sony.

    As with most things, the first question to ask is "Who Has Motive"...

    Russia and China have no motive..

    Multiple actors plausibly have both motivation

    Such as...???

    GT,

    As I was saying, it would not be the first time our governemnt has played the look over here game.

    To what end??

    Michale
    334

  10. [10] 
    Michale wrote:

    Especially since it appears Sony is going to release the Interview as as scheduled...

    Michale
    335

  11. [11] 
    TheStig wrote:

    M - 9

    Motivation? The U.S. dominatrs the motion picture industry. Entertainment is a huge plus in our world trade balance. Sony Pix is a huge player.

    Russia is being hurt by U.S. lead sanctions. Payback from Putin. Means and motive

    China has a growing entertainment industry that is trying to compete in foreign markets.competitor. Make your competitor blink and gain some market share. Means and motive.

    Using NK as cover? Nice plus.

  12. [12] 
    Michale wrote:

    Is it just me or is cw.com really screwy?? No background and no nothing???

    Michale

  13. [13] 
    Michale wrote:

    Motivation? The U.S. dominatrs the motion picture industry. Entertainment is a huge plus in our world trade balance. Sony Pix is a huge player.

    Sony hasn't had a hit since The Walkman....

    Baa daa daa....

    There are much more lucrative targets if one wants to put the screws to US Motion Picture dominance..

    Twentieth Century Fox for one...

    Michale
    338

  14. [14] 
    Michale wrote:

    Russia is being hurt by U.S. lead sanctions. Payback from Putin. Means and motive

    And there are much better targets if Putin wants to make a statement about sanctions...

    Banks that are actually PART of the sanctions for one...

    I understand you are playing Lucifer's Advocate with this, but any motive that you can apply to China or Russia is frail and pale in comparison to the motive of North Korea....

    Michale
    341

  15. [15] 
    goode trickle wrote:

    To what end?

    I think The Stig covers many of the state sponsored angles nicely enough for the moment, digital forensics is still somewhat still in a position of having to play catch up to emerging technologies and tends to be a very competitive field resulting in not always having the most recent information on new techniques or attacks.

    Given the closed off nature of the NK global internet connections and the fact that they have so few of them kind of makes them an easy target for "digital forgery".

    Let us assume for a moment that enough digital evidence has been uncovered to determine a private actor was the instigator but that is all they are able to determine at this time, they have no other clue to use whatsoever. It has got to be troubling for the government to have a mischief maker that can pull off some digital forgery of this nature without leaving a data trail. So....why not go with the "evidence" of NK to goad the actor into more actions, more actions means more traces, more traces means more opportunity to catch the perpetrator and "offer" them the deal of a lifetime.

    All of the above assumes that Sony does not have anything to do with this. Hollywood has a history of "ginning " up news and controversy around a title in order to generate more buzz/revenue from what would otherwise be a mediocre product.

    At this point I do not think enough information has been allowed in to the public realm for any of us on the outside to form a clear picture of what happened. I would suggest that it pays to be a skeptic when it comes to these kinds of attacks. Digital warfare of this type is vastly different than "stuxnet" and can be far more costly for the wrong party.

  16. [16] 
    Michale wrote:

    All of the above assumes that Sony does not have anything to do with this. Hollywood has a history of "ginning " up news and controversy around a title in order to generate more buzz/revenue from what would otherwise be a mediocre product.

    I thought about that as well.. Right up to the point that the racist emails were exposed and the head of Sony Pictures Amy Pascal will likely lose her job over that..

    Doesn't seem like a PR stunt to me... Too much live ammo in use..

    Michale
    343

  17. [17] 
    goode trickle wrote:

    Too much live ammo in use..

    In my journey getting to where I am now I spent some time working in Hollywood. While there are some great people to work with and know, there are also some of the most toxic, egotistical and competitive people to know.

    It is not beyond the pale to see someone going for the two fer on this one.

    You alienate talent and your own against the old regime booting them out, you gain power by manipulating everyone into your camp and you increased revenue for the studio on a product that may not have been testing well no matter the tweaks that were done. Studios are just as secret and as paranoid as our government until they choose not to be.

    In this case it would not surprise me if Sony participated, but then someone got stiffed, which with lots of information is bad, and decided to teach them a lesson for not coming through on the deal as was struck and released some goodies that should not have been released....

  18. [18] 
    Michale wrote:

    I see your point and what a convoluted mini-series THAT would make, eh??

    I am not saying yer wrong.. But employing Occam's Razor it would seem to me that the simplest explanation is the most likely...

    Michale
    344

  19. [19] 
    Michale wrote:

    And now the downside of the Sony debacle..

    We all complained and bitched and moaned when Sony gave in to terrorism and said they weren't going to release the movie..

    Now that Sony has reversed course now we all GOT to go see the movie!! :D

    Personally, I am not a Rogen/Franco fan.. Wife and I tried to sit thru THIS IS THE END... Got 10 mins into it and shut it off.... Not our cup of tea...

    Michale
    346

  20. [20] 
    Michale wrote:

    On a totally unrelated note..

    What is the correlation in dollars between Per Barrel Oil Prices and Per Gallon Gas Prices??

    For example.. If oil drops to $20 a barrel, what would that mean in per gallon cost at the pump??

    Michale
    348

  21. [21] 
    TheStig wrote:

    CW -

    I don't know how, but you've OBVIOUSLY cheesed off the N Koreans big time!

    M - I prefer the term "red team" to Lucifer's Advocate. In the short time since CW.com went black, the U.S. gov has backed way off on the FBI's. fingering of NK. Most likely because other gov. agencies and independent cyber security experts have red teamed the weak FBI evidence. The US press has actually done a rather good job of bringing the uncertainties out in the open.

    NK is a plausible culprit, but there are many others. Including the obvious Inside Job.

  22. [22] 
    TheStig wrote:

    M - 13

    Sony is 4th in the top five, with 12% of a 10 B$ market, compared to 17% for top dog 20th Century Fox. If your object is intimidation, you don't necessarily smack the alpha dog to get the attention of the whole pack. Go for a careless beta. Hmmm...Sony was hacked in 2011... Weak link?

  23. [23] 
    TheStig wrote:

    M-18

    Occam's Razor? In what sense is the NK theory simpler than Ru than China than inside job than hacktivists than extortionists.......etc?

    The razor only comes into play when you've tested some of the competing hypotheses and narrowed the field.

  24. [24] 
    Michale wrote:

    In my mind, it's the terrorist threats that argue against an inside job..

    Once those threats were made, it was a major escalation that would be a LOT more US LEO AND military forces to bear on the cyber attack..

    To refer back to CW's commentary, it was those threats that pushed the incident closer to the realm of cyber warfare..

    As far as the Russian/China I have no doubt that there is culpability, probably more so on the part of China, rather than Russia..

    This sort of thing doesn't strike me as Putin's style... He is an old school Cold Warrior...

    But China controls NK's Net presence and NK's Cyber Squad, Bureau 121 is actually based in China, so yes. There would have to be Chinese involvement..

    But not to the point that anyone can point to China as the culprit..

    Michale
    355

  25. [25] 
    Michale wrote:

    Once those threats were made, it was a major escalation that would be a LOT more US LEO AND military forces to bear on the cyber attack

    Once those threats were made, it was a major escalation that would BRING a LOT more US LEO AND military forces to bear on the cyber attack.

    Grrrrrrr

    Michale
    356

  26. [26] 
    Michale wrote:

    And also keep in mind that any of the information we're getting from the FBI has likely been vetted and authorized by the Obama inner circle...

    Why would the administration want totally bogus info released??

    Why would Obama want to protect a Sony Insider??

    ESPECIALLY when one considers the kinds of things that is being leaked..

    It makes no sense..

    Michale
    358

  27. [27] 
    Michale wrote:

    Another point to consider...

    It appears that the US has retaliated against North Korea for the Sony hack...

    Did the US target an innocent country???

    Michale
    384

  28. [28] 
    TheStig wrote:

    M-26

    I would hope the President authorized the FBI release, but I very much doubt the Obama inner circle has the technical expertise to required to vet the FBI assessment...and to compare its methods and conclusions to independent assessments from other government, academic and private sectors.

    M -27 Did the US target an innocent country? Innocent isn't the word I would use in regard to anything NK. Did the US target the entity responsible for the SONY hack? That's more to the mark.

  29. [29] 
    Michale wrote:

    I would hope the President authorized the FBI release, but I very much doubt the Obama inner circle has the technical expertise to required to vet the FBI assessment...and to compare its methods and conclusions to independent assessments from other government, academic and private sectors.

    That doesn't say much for Obama's inner circle, now does it??

    I mean, the "I" word just HAS to come to mind, right???

    M -27 Did the US target an innocent country? Innocent isn't the word I would use in regard to anything NK. Did the US target the entity responsible for the SONY hack? That's more to the mark.

    I meant "innocent" in the context of innocent of doing this particular crime..

    Don't get me wrong. I am all for punishing bad actors even if they are not guilty of the specific issue under discussion.. If they are guilty of ANYTHING, then frak 'em up!! I always say...

    I just never expected to get agreement on that from fellow Weigantians. :D

    Michale
    388

  30. [30] 
    TheStig wrote:

    M-29

    In your wildest, eggnog fueled dreams, how many hackers, analysts with an intimate knowledge of operating system weaknesses, malware traders and such like work at the White House?

    The people Obama needs to hear from work at DOD, NSA, CIA and yes, FBI, plus academia and the commercial security firms. Get them all in a room, appoint a chair, order take out, have all parties present their evidence and theories, poke each other's evidence and theories, see what theories remain standing and report back to the Oval Office. This is what you do if you actually want to get a reliable take on what happened and who did it. It might not be a definitive answer.

    Anything else is basically hot air which will eventually form a fluffy cloud of conspiracy theories.

    How many internet messages to N Korea make a denial of service attack? From what I'm reading, about five. :-)

    Happy New Year

  31. [31] 
    Michale wrote:

    <I.In your wildest, eggnog fueled dreams, how many hackers, analysts with an intimate knowledge of operating system weaknesses, malware traders and such like work at the White House?

    The people Obama needs to hear from work at DOD, NSA, CIA and yes, FBI, plus academia and the commercial security firms. Get them all in a room, appoint a chair, order take out, have all parties present their evidence and theories, poke each other's evidence and theories, see what theories remain standing and report back to the Oval Office. This is what you do if you actually want to get a reliable take on what happened and who did it. It might not be a definitive answer.

    Anything else is basically hot air which will eventually form a fluffy cloud of conspiracy theories.

    Yer preaching to the choir here.. I have been saying for 5 years now that Obama's inner circle are completely ignorant of the real world.. :D

    How many internet messages to N Korea make a denial of service attack? From what I'm reading, about five. :-)

    "Ouch!!! And the ref takes a point away!!!"
    -Jim Carrey, LIAR LIAR

    :D

    Happy New Year.. :D

    Michale
    397

Comments for this article are closed.