A quintessential hallmark of an authoritarian regime, particularly one that operates within highly-militarized, though nominally democratic states such as ours, is the maintenance of a system of internal control; a seamless panopticon where dissent is equated with criminality and the rule of law derided as a luxury ill-afforded "during a time of war."
In this context, the deployment of new offensive technologies which can wreck havoc on human populations deemed expendable by the state, are always couched in a defensive rhetoric by militarist aggressors and their apologists.
While the al-Qaeda brand may no longer elicit a compelling response in terms of mobilizing the population for new imperial adventures, novel threats--and panics--are required to marshal public support for the upward transfer of wealth into the corporate trough. Today, "cyber terror" functions as the "new Osama."
And with Congress poised to pass the Cybersecurity Act of 2009, an Orwellian bill that would give the president the power to "declare a cybersecurity emergency" and shut down or limit Internet traffic in any "critical" information network "in the interest of national security" of course, the spaces left for the free flow of information--and meaningful dissent--slowly contract.
DARPA--and Cybersecurity Grifters--to the Rescue
But protecting critical infrastructure from hackers, criminals and terrorists isn't the only game in town. The Pentagon is planning to kick-start a new office, Cyber Command, armed with the capacity to launch devastating attacks against any nation or group deemed an official enemy by Washington.
As Antifascist Calling reported last year, the Defense Advanced Research Projects Agency (DARPA), the Pentagon's "geek squad," is building a National Cyber Range (NCR). As Cyber Command's research arm, the agency's Strategic Technology Office (STO) describes NCR as
DARPA's contribution to the new federal Comprehensive National Cyber Initiative (CNCI), providing a "test bed" to produce qualitative and quantitative assessments of the Nation's cyber research and development technologies. Leveraging DARPA's history of cutting-edge research, the NCR will revolutionize the state of the art for large-scale cyber testing. Ultimately, the NCR will provide a revolutionary, safe, fully automated and instrumented environment for our national cyber security research organizations to evaluate leap-ahead research, accelerate technology transition, and enable a place for experimentation of iterative and new research directions. ("National Cyber Range," Defense Advanced Research Projects Agency, Strategic Technology Office, no date)According to a January 2009 press release, the agency announced that NCR "will accelerate government research and development in high-risk, high-return areas and work in close cooperation with private-sector partners to jump-start technical cyber transformation."
Given the Pentagon's proclivity to frame debates over defense and security-related issues as one of "dominating the adversary" and discovering vulnerabilities that can be "exploited" by war planners, one can hypothesize that NCR is a testing range for the creation of new offensive weapons.
Amongst the "private-sector partners" chosen by the agency to "develop, field, and test new 'leap ahead' concepts and capabilities" are:
BAE Systems, Information and Electronic Systems Integration Inc., Wayne, N.J. ($3,279,634); General Dynamics, Advanced Information Systems, San Antonio, Texas ($1,944,094); Johns Hopkins University Applied Physics Laboratory, Laurel Md. ($7,336,805); Lockheed Martin Corp., Simulation, Training and Support, Orlando, Fla. ($5,369,656); Northrop Grumman, Intelligence, Surveillance and Reconnaissance Systems Division, Columbia, Md. ($344,097); Science Applications International Corp., San Diego, Calif. ($2,821,725); SPARTA, Columbia, Md. ($8,603,617).
While little-known outside the defense and intelligence establishment, SPARTA describes its "core business areas" as "strategic defense and offense systems, tactical weapons systems, space systems." Its security and intelligence brief includes "intelligence production, computer network operations, and information assurance."
Investigative journalist James Bamford wrote in The Shadow Factory that SPARTA "hired Maureen Baginski, the NSA's powerful signals intelligence director, in October 2006, as president of its National Security Systems Sector." According to Bamford, the firm, like others in the netherworld of corporate spying are always on the prowl for intelligence analysts "to pursue access and exploitation of targets of interest."
Given their spooky résumé, information on SPARTA's contracts are hard to come by. Indeed, the firm claims that under Section 508 of the Rehabilitation Act they are exempt from providing the public with information because their products involve "the operation, or use of... intelligence activities... related to national security, command and control of military forces, equipment that is an integral part of a weapon or weapons system, or systems which are critical to the direct fulfillment of military or intelligence missions." How's that for openness and transparency! One can only hazard a guess as to the firm's role in devising DARPA's "leap-ahead" National Cyber Range.
While the initial outlay of defense funds for NCR may appear to be a substantial amount of boodle for enterprising contractors, it is merely a down payment on Phase I of the project. Melissa Hathaway, the Obama administration's director of the Joint Interagency Cyber Task Force said, "I don't believe that this is a single-year or even a multi-year investment--it's a multi-decade approach." Hathaway, a former consultant at the spooky Booz Allen Hamilton corporation, told the Intelligence and National Security Alliance (INSA) in April,
Building toward the architecture of the future requires research and development that focuses on game-changing technologies that could enhance the security, reliability, resilience and trustworthiness of our digital infrastructure. We need to be mindful of how we, government and industry together, can optimize our collective research and development dollars and work together to improve market incentives for secure and resilient hardware and software products, new security innovation, and secure managed services. ("Remarks by Melissa E. Hathaway, Acting Senior Director for Cyberspace for the National Security and Homeland Security Councils," INSA, April 30, 2009)That Hathaway chose INSA as a forum is hardly surprising. Describing itself as a "non-profit professional association created to improve our nation's security through an alliance of intelligence and national security leaders in the private and public sectors," INSA was created by and for contractors in the heavily-outsourced shadow world of U.S. intelligence. Founded by BAE Systems, Booz Allen Hamilton, Computer Sciences Corporation, General Dynamics, Hewlett-Packard, Lockheed Martin, ManTech International, Microsoft, the Potomac Institute and Science Applications International Corporation, The Washington Post characterized INSA as "a gathering place for spies and their business associates."
"Partners" who benefit directly from the launch of DARPA's National Cyber Range. No doubt, Hathaway's remarks are music to the ears of "beltway bandits" who reap hundreds of billions annually to fund taxpayer-fueled "national security priorities." That the Pentagon is richly rewarding INSA-connected firms with documented track records of "misconduct such as contract fraud and environmental, ethics, and labor violations," according to the Project on Government Oversight's (POGO) Federal Contractor Misconduct Database (FCMD) hardly elicits a yawn from Congress.
Among the corporations selected by the agency to construct the National Cyber Range, Lockheed Martin leads the pack in "Misconduct $ since 1995" according to POGO, having been fined $577.2 million (No. 1); Northrop Grumman, $790.4 million (No. 3); General Dynamics, $63.2 million (No. 4); BAE Systems, $1.3 million (No. 6); Science Applications International Corporation (SAIC), $14.5 million (No. 9); Johns Hopkins University, $4.6 million, (No. 81)
But as disturbing as these figures are, representing corporate grifting on a massive scale, equally troubling is the nature of the project itself. As Aviation Week reports, "Devices to launch and control cyber, electronic and information attacks are being tested and refined by the U.S. military and industry in preparation for moving out of the laboratory and into the warfighter's backpack."
High-Tech Tools for Aggressive War
The American defense establishment is devising tools that can wreck havoc with a keystroke. DARPA is currently designing "future attack devices" that can be deployed across the imperialist "battlespace" by the "non-expert," that is by America's army of robosoldiers. According to Aviation Week, one such device "combines cybersleuthing, technology analysis and tracking of information flow. It then offers suggestions to the operator on how best to mount an attack and, finally, reports on success of the effort."
The heart of this attack device is its ability to tap into satellite communications, voice over Internet, proprietary Scada networks--virtually any wireless network. Scada (supervisory control and data acquisition) is of particular interest since it is used to automatically control processes at high-value targets for terrorists such as nuclear facilities, power grids, waterworks, chemical plants and pipelines. The cyberattack device would test these supposedly inviolate networks for vulnerabilities to wireless penetration. (David A. Fulghum, "Network Attack Weapons Emerge," Aviation Week, May 21, 2009)As can be expected, the Pentagon's rhetorical mise-en-scène is always a purely "defensive" response to future depredations by nefarious and shadowy forces threatening the heimat. In fact, the United States has systematically employed battlefield tactics that target civilian infrastructure as a means of breaking the enemy's will to fight. Stretching across the decades, from Southeast Asia to Iraq to Yugoslavia, imperialist strategists have committed war crimes by targeting the electrical grid, water supply and transportation- and manufacturing infrastructure of their adversaries.
The NCR will potentially serve as a new and improved means to bring America's rivals to their knees. Imagine the capacity for death and destruction implicit in a tool that can, for example, at the push of a button cause an adversary's chemical plant to suddenly release methyl isocynate (the Bhopal effect) on a sleeping city, or a nuclear power plant to go supercritical, releasing tens of billions of curies of radioactive death into the atmosphere?
During NATO's 1999 "liberation" of the narco-state Kosovo from the former Yugoslavia, American warplanes dropped what was described as a graphite "blackout bomb," the BLU-114/B "soft bomb" on Belgrade and other Serbian cities during its war of aggression. As the World Socialist Web Site reported at the time,
A particularly dangerous consequence of the long-term power blackout is the damage to the water systems in many Yugoslav cities, which are dependent on pumping stations run by electrical power. Novi Sad, a city of 300,000 which is the capital of the Vojvodina province of Serbia, has been without running water for eight days, according to residents. Families have been compelled to get water from the Danube river to wash and operate the toilet, and a handful of wells to provide drinking water.With technological advances courtesy of DARPA's National Cyber Range and their "private-sector partners," the potential for utterly devastating societies ripe for resource extraction by American corporatist war criminals will increase exponentially. As Wired reported,
Sewage treatment plants have also been shut down, with the result that raw, untreated sewage has begun to flow into the network of rivers that feed into the Danube, central Europe's most important waterway. (Marty McLaughlin, "Wall Street celebrates stepped-up bombing of Serbia," World Socialist Web Site, May 5, 1999)
Comparisons between nuclear and cyberweapons might seem strained, but there's at least one commonality. Scholars exploring the ethics of wielding logic bombs, Trojan horses, worms and bots in wartime often find themselves treading on ground tilled by an earlier generation of Cold War nuclear gamesmen.Initiatives such as the National Cyber Range are fully theorized as one facet of "network-centric warfare," the Rumsfeldian "Revolution in Military Affairs." Durham University geographer Stephen Graham describes the Pentagon notion that dominance can be achieved through "increasingly omnipotent surveillance and 'situational awareness', devastating and precisely-targeted aerial firepower, and the suppression and degradation of the communications and fighting ability of any opposing forces."
"There are lots of unknowns with a cyberattack," says Neil Rowe, a professor at the Center for Information Security Research at the U.S. Naval Postgraduate School, who rejects cyberattacks as a legitimate tool of war. "The potential for collateral damage is worse than nuclear technology.... With cyber, it can spread through the civilian infrastructure and affect far more civilians." (Marty Graham, "Welcome to Cyberwar Country, USA," Wired, February 11, 2008)
Indeed, these are integrated approaches that draw from corporate management theory to create "continuous, always-on support for military operations in urban terrain," an imperialist battlespace where Wal-Mart seamlessly morphs into The Terminator.
According to Aviation Week, the device currently being field tested will "capture expert knowledge but keep humans in the loop." As a battlefield weapon, simplicity and ease of operation is the key to successfully deploying this monstrous suite of tools. And Pentagon "experts" are designing a console that will "quantify results so that the operator can put a number against a choice," "enhance execution by creating a tool for the nonexpert that puts material together and keeps track of it" and finally, "create great visuals so missions can be executed more intuitively."
Additionally, DARPA sorcerers are combining "digital tools that even an inexperienced operator can bring into play. In the unclassified arena there are algorithms dubbed Mad WiFi, Air Crack and Beach. For classified work, industry developers also have a toolbox of proprietary cyberexploitation algorithms."
What has been dubbed "Air Crack" deploys "open source tools to crack the encryption key for a wireless network." Cryptoattacks on the other hand, "use more sophisticated techniques to cut through the password hash."
A touch-screen dashboard beneath the network schematic display looks like the sound mixing console at a recording studio. The left side lists cyberattack mission attributes such as speed, covertness, attribution and collateral damage. Next to each attribute is the image of a sliding lever on a long scale. These can be moved, for example, to increase the speed of attack or decrease collateral damage. (Aviation Week, op. cit.)A tunable device for increased destructive capabilities; what are these if not a prescription for mass murder on a post-industrial scale?
Additionally, DARPA sorcerers are combining "digital tools that even an inexperienced operator can bring into play. In the unclassified arena there are algorithms dubbed Mad WiFi, Air Crack and Beach. For classified work, industry developers also have a toolbox of proprietary cyberexploitation algorithms."
What has been dubbed "Air Crack" deploys "open source tools to crack the encryption key for a wireless network." Cryptoattacks on the other hand, "use more sophisticated techniques to cut through the password hash."
One means to "penetrate" an adversary's protective cyber locks is referred to as a "de-authorization capability." According to Aviation Week, the attack operator "can kick all the nodes off a network temporarily so that the attack system can watch them reconnect. This provides information needed to quickly penetrate the network." As The Register reported in January when the ink on the DARPA contracts had barely dried,
Is it any wonder then, that the Russian revolutionary Lenin wrote nearly a century ago that "the civilized nations have driven themselves into the position of barbarians"?
Thus the planned Cyber Range must be able to simulate not just large computer networks teeming with nodes, but also the people operating and using these interlocked networks. These software sim-people--users, sysadmins, innocent network bystanders and passers-by--are referred to in the Range plans as "replicants". It seems clear that they won't know that they are merely simulated pawns in a virtual network wargame designed to test the efficiency of America's new cyber arsenal. They will merely have to live in a terrible Groundhog Day electronic armageddon, where the weapons and players change but destruction and suffering remain eternal. (Lewis Page, "Deals inked on DARPA's Matrix cyber VR," The Register, January 5, 2009)Rance Walleston, the head of BAE's cyber warfare division told Aviation Week in late 2008, "We want to change cyber attack from an art to a science." And as The Register averred, the Pentagon's "simulated cyber warzone" should be up and running next year, "ready to pass under the harrow of BAE's new electronic pestilences, digital megabombs and tailored computer plagues."
Is it any wonder then, that the Russian revolutionary Lenin wrote nearly a century ago that "the civilized nations have driven themselves into the position of barbarians"?
Author retains copyright.
Obama Cyber-scared
Obama wants a Cyber Czar
Rockefeller shutting down Internet - Bills 773 & 778
http://antifascist-calling.blogspot.com/2009/05/national-cyber-range-building-attack.html
by David E. Sanger and Thom Shanker via gan 2009-05-31 02:12:09
WASHINGTON — The Pentagon plans to create a new military command for cyberspace, administration officials said Thursday, stepping up preparations by the armed forces to conduct both offensive and defensive computer warfare.
The military command would complement a civilian effort to be announced by President Obama on Friday that would overhaul the way the United States safeguards its computer networks.
Mr. Obama, officials said, will announce the creation of a White House office — reporting to both the National Security Council and the National Economic Council — that will coordinate a multibillion-dollar effort to restrict access to government computers and protect systems that run the stock exchanges, clear global banking transactions and manage the air traffic control system.
White House officials say Mr. Obama has not yet been formally presented with the Pentagon plan. They said he would not discuss it Friday when he announced the creation of a White House office responsible for coordinating private-sector and government defenses against the thousands of cyberattacks mounted against the United States — largely by hackers but sometimes by foreign governments — every day.
But he is expected to sign a classified order in coming weeks that will create the military cybercommand, officials said. It is a recognition that the United States already has a growing number of computer weapons in its arsenal and must prepare strategies for their use — as a deterrent or alongside conventional weapons — in a wide variety of possible future conflicts.
The White House office will be run by a “cyberczar,” but because the position will not have direct access to the president, some experts said it was not high-level enough to end a series of bureaucratic wars that have broken out as billions of dollars have suddenly been allocated to protect against the computer threats.
The main dispute has been over whether the Pentagon or the National Security Agency should take the lead in preparing for and fighting cyberbattles. Under one proposal still being debated, parts of the N.S.A. would be integrated into the military command so they could operate jointly.
Officials said that in addition to the unclassified strategy paper to be released by Mr. Obama on Friday, a classified set of presidential directives is expected to lay out the military’s new responsibilities and how it coordinates its mission with that of the N.S.A., where most of the expertise on digital warfare resides today.
The decision to create a cybercommand is a major step beyond the actions taken by the Bush administration, which authorized several computer-based attacks but never resolved the question of how the government would prepare for a new era of warfare fought over digital networks.
It is still unclear whether the military’s new command or the N.S.A. — or both — will actually conduct this new kind of offensive cyberoperations.
The White House has never said whether Mr. Obama embraces the idea that the United States should use cyberweapons, and the public announcement on Friday is expected to focus solely on defensive steps and the government’s acknowledgment that it needs to be better organized to face the threat from foes attacking military, government and commercial online systems.
Defense Secretary Robert M. Gates has pushed for the Pentagon to become better organized to address the security threat.
Initially at least, the new command would focus on organizing the various components and capabilities now scattered across the four armed services.
Officials declined to describe potential offensive operations, but said they now viewed cyberspace as comparable to more traditional battlefields.
“We are not comfortable discussing the question of offensive cyberoperations, but we consider cyberspace a war-fighting domain,“ said Bryan Whitman, a Pentagon spokesman. “We need to be able to operate within that domain just like on any battlefield, which includes protecting our freedom of movement and preserving our capability to perform in that environment.”
Although Pentagon civilian officials and military officers said the new command was expected to initially be a subordinate headquarters under the military’s Strategic Command, which controls nuclear operations as well as cyberdefenses, it could eventually become an independent command.
“No decision has been made,” said Lt. Col. Eric Butterbaugh, a Pentagon spokesman. “Just as the White House has completed its 60-day review of cyberspace policy, likewise, we are looking at how the department can best organize itself to fill our role in implementing the administration’s cyberpolicy.”
The creation of the cyberczar’s office inside the White House appears to be part of a significant expansion of the role of the national security apparatus there. A separate group overseeing domestic security, created by President George W. Bush after the Sept. 11 attacks, now resides within the National Security Council. A senior White House official responsible for countering the proliferation of nuclear and unconventional weapons has been given broader authority. Now, cybersecurity will also rank as one of the key threats that Mr. Obama is seeking to coordinate from the White House.
The strategy review Mr. Obama will discuss on Friday was completed weeks ago, but delayed because of continuing arguments over the authority of the White House office, and the budgets for the entire effort.
It was kept separate from the military debate over whether the Pentagon or the N.S.A. is best equipped to engage in offensive operations. Part of that debate hinges on the question of how much control should be given to American spy agencies, since they are prohibited from acting on American soil.
“It’s the domestic spying problem writ large,” one senior intelligence official said recently. “These attacks start in other countries, but they know no borders. So how do you fight them if you can’t act both inside and outside the United States?”
(John Markoff contributed reporting from San Francisco)
© 2009 The New York Times Company
http://www.nytimes.com/2009/05/29/us/politics/29cyber.html