Walrus has already started an engaging conversation on this subject. As someone deeply involved in the early development of DoD cyber operations, I wanted to add my two cents from a different angle. I am not as horrified by this development as many here are. But I am very uneasy with the apparent involvement of Bonkers Bolton. That creature is as dangerous as a malfunctioning Dalek. I'm pretty sure he doesn't understand these things. Even if he did, he wouldn't care.
—————
The U.S. is stepping up digital incursions into Russia’s electric power grid in a warning to President Vladimir Putin, the New York Times reported, citing current and former government officials. While the U.S. has probed the Russian grid since at least 2012 and there’s no evidence it has turned off power, the Trump administration’s strategy has shifted more toward offense with the deployment of U.S. computer code inside the grid and other targets, the newspaper said. The effort has gotten far more aggressive over the past year, the Times quoted an unidentified senior intelligence official as saying.
The administration declined to disclose specifics, according to the report. However, National Security Adviser John Bolton said publicly on Tuesday that the U.S. is taking a broader view “to say to Russia, or anybody else that’s engaged in cyberoperations against us, ‘You will pay a price,”’ the Times said. (Bloomberg)
—————
This is a far cry from our early attempts at preparing to conduct offensive cyber operations. I remember attending several briefings at one of these early organizations at the NSA. The control of offensive tools was as restrictive as the control of nuclear weapons. It was obvious these things scared the crap out of DoD and NSA back then. It’s equally obvious DoD and now CYBERCOM have learned to stop worrying and love the “Cyber-Bomb.” Our use of the Stuxnet worm to sabotage Iranian centrifuges was proof of our growing comfort with these things.
However, Stuxnet was used against Iran. We’re comfortable with raining all kinds of death and destruction throughout the Middle East. Now we’re taking actions to disrupt Russia’s power grid. That’s playing with raining death and destruction upon a nuclear capable peer competitor. Hacking the grid is one thing. We’ve all done that for many years. That’s just part of the intelligence preparation of the battlespace (IPB). Implanting weapons to disable the Russian grid is a leap beyond that. Seems CYBERCOM has embraced the concept of operational preparation of the battlespace (OPB), a concept widely practiced in JSOC and in other parts of the special operations community. MG Michael Repass, a former 10th Group Commander, wrote a paper in 2003 describing these things.
"Advanced Force Operations consists of US SecDef-approved military operations such as clandestine operations. It is logically part of Operational Preparation of the Battlespace (OPB), which follows the Intelligence Preparation of the Battlespace, a concept well-known in U.S. and NATO doctrine, OPB is seldom used outside of SOF channels. OPB is defined by the U.S. Special Operations Command as "Non-intelligence activities conducted prior to D-Day, H-Hour, in likely or potential areas of employment, to train and prepare for follow-on military operations.”
I don’t think this was ever official policy, but OPB was widely viewed as a powerful tool to break the CIA’s stranglehold on covert action, at least on the operational level. Given that CYBERCOM is a unified combatant command finally gaining independence from NSA and the IC in general, this embrace of OPB is a natural progression. What else CYBERCOM copies from JSOC’s authorities and tactics, techniques and procedures (TTP) will be interesting. It could also be quite dangerous. Cyber operations are here to stay. They are becoming more effective for reconnaissance and attribution, for disrupting a target’s networks and infrastructure and for perception management. The inhibitions against engaging in these operations are relaxing.
An interesting point in the NYT story is that it appears Trump has not been briefed on this stuff. Perhaps CYBERCOM and DoD don’t consider this level of OPB rising to the level of Presidential decision making. Pulling the trigger on grid disruption certainly should. Why wouldn’t they brief the President? Is it to keep him in the dark out of a lack of trust? That’s disheartening. Now with the story published all over the world, DoD should feel impelled to fully brief the President. The best outcome would be Trump pushing for negotiations with Russia, China and maybe others to develop a de-escalation/non-proliferation treaty on cyber operations with the same vigor and earnestness that we once approached nuclear weapons.
TTG
TTG
I recall from the 'Zero days' documentary one section is which the composite interviewee said that Stuxnet was the tip of the iceberg and proudly stated that they were into everything and could basically shut Iran down whenever they wanted to as they already had dormant code in place. I recall thinking if that is true for Iran then it seems unlikely not to be true for everyone else.
Posted by: JJackson | 17 June 2019 at 05:06 PM
According to RIA Novosti, a source within the leadership of one of the Russian law enforcement agencies (FSB?) said foreign intelligence services' efforts to penetrate into the transport, banking and energy management systems of Russia have increased over the last few years. The source continued, "However, we manage to neutralize these actions."
Rather than getting overly excited about the NYT claim, we should accept that this tit for tat cyber activity is now as normal a part of our world as espionage. At the same time we should stop the silly talk of Russian IO to influence our elections being an act of war. It isn't. It's another way of nations competing with each other. We still need to negotiate and establish some kind of international protocol governing this activity, perhaps something along the lines of UNCLOS III.
Posted by: The Twisted Genius | 17 June 2019 at 11:18 PM
Pirate,
Saddam Hussein and his government are gone and the social order overturned. You can't prevail much better than that.
Posted by: Fred | 18 June 2019 at 12:25 AM
TTG,
I'd say the NYTimes article is bogus propaganda, the Russian grid is non-computer control systems which makes virus/hacking a non-player. Russians have been hard at work replacing the western Windows software with Russian Astra Linux . Russian MOD has also been fast at work canning any all western software for Russian made. Astra Linux recently received the go ahead to handle Russian government information of the highest degree of secrecy. The exception is certain Russian Intelligence operate/still use typewriters to preclude compromises.
J
Posted by: J | 18 June 2019 at 03:50 AM
I got a twitch that j.assange worked for the svr along with chapman.wonder if they ever met.trump and co have flushed a few out but the key is still out there.twitch is a bitch.could be wrong.
Posted by: Anonymous | 18 June 2019 at 06:20 AM
I think this is pretty dangerous.
The thing with these "battlefield preparations" is that they are quite hard to distinguish from actual attacks by the other side. A Russian tit for tat response could easily be interpreted as an active attack by the US. The Russians are pretty professional about this, but all this talk of "nerds and geeks wanting vengeance" kind of scares me. Vengance is a luxury item. It must never be the motivation to do something, especially not against a nation state. This is highly unprofessional.
Another issue is that the Russians can probably reverse engineer and use the codes/exploits themselfs. I would not be surprised if the cause of the Argentinian shutdown was a US worm initially used against Venezuela placed there by non US actors.
Posted by: Mightypeon | 18 June 2019 at 06:28 PM
This is no more dangerous than recruiting each others intelligence officers and bureaucrats as spies. The reaction of the Russian security official in the RIA Novosti story shows how professionals view these things. It's nothing to get overly excited about. None of us will stop recruiting spies or stop breaking into each other's networks. If you don't believe this, you're hopelessly naive.
Posted by: The Twisted Genius | 18 June 2019 at 08:24 PM
I'm buying a copy of 'Cuckoo's Egg.
What is your opinion on J. Menn's 'Fatal System Error' and his new one 'Dead Cow Cult'? Should I spend the bucks? I don't trust the reviews online as I've heard that some reviewers get recompense.
Posted by: Eugene Owens | 18 June 2019 at 09:47 PM
I can't vouch for any of Menn's work. I'd check out the local library for one of his books first. If you have some time on your hands, I suggest researching the Dark Avenger and Vesselin Bontchev. This was in the first days of computer hacking much like Cliff Stoll's Cuckoo's Egg. I started in those early days teaching myself assembler programming to support a cover of mine. I even wrote a couple of early viruses. I met Bontchev when he was doing research in Hamburg.
https://www.wired.com/1997/11/heartof/
https://www.leonardomiliani.com/en/2013/dark-avenger-visto-da-sarah-gordon-1992/
https://malicious.life/episode/episode-2/
Posted by: The Twisted Genius | 18 June 2019 at 11:14 PM
I dont doubt that the Russians will be professional about it.
The thing is, if such battlefield preparation misfire (to my knowledge, there are some which activate if you attempt to remove them) they can kill people, and this would move the thing from everyday spying to assasination. Assasination is serious business.
What I am afraid of is an unprofessional US response to Russian tit for tat measures. Given the current climate in the US, and that far to many US IC members appear to believe their own propaganda about the oh so virtous USA and the oh so nefarious Russians that is hardly and unreasonable fear.
And My point concerning vengeance against nation states being unprofessional stands.
Posted by: Mightypeon | 19 June 2019 at 06:19 AM
I agree with your point about vengeance not being a proper basis for nation states to deal with each other. I doubt hot blooded desires for vengeance play into these cyber activities at all... on either side. Sure there are CYBERCOM analysts and operators muttering "them damned Russkies" as I mentioned a few comments ago. I have no doubt those same emotions are felt in Moscow. The bottom line is that professionals are on both sides and those professionals are all unapologetically patriotic. That has little to do with nefariousness or virtuousness.
Posted by: The Twisted Genius | 19 June 2019 at 11:21 AM
thanks
Posted by: Eugene Owens | 19 June 2019 at 11:26 AM
TTG
The neocon fanatics pushing Trump toward war are not professionals.
Posted by: turcopolier | 19 June 2019 at 12:45 PM