Cyberstrike
Page 38
Accordingly, in 2003 a squadron from the SAS was sent out to join a combined US/UK force to conduct operations against senior figures in al-Qaeda. Originally called Task Force 145 (TF-145), it was briefly renamed Task Force Knight and later TF-88. It included Task Force Black, a Sabre squadron from the SAS that was rotated every six months, supported by Task Force Maroon, a company from the Special Forces Support Group (SFSG), men drawn from the 1st Battalion, Parachute Regiment (1 PARA), the Royal Marines and the RAF Regiment. Task Force Black operated from the so-called ‘Green Zone’ in Baghdad at a base known simply as ‘the Station’.
The three other units in TF-88 were Task Force Green, a contingent from the American 1st Special Forces Operational Detachment (Delta Force); Task Force Blue, US Navy SEALs from the Naval Special Warfare Development Group (DEVGRU), more commonly known as SEAL Team 6, and Task Force Orange, a team of signal intelligence analysts from the United States Army Intelligence Support Activity (USAISA or just ISA), part of the Joint Special Operations Command (JSOC).
TF-88 had air support provided by the American 24th Special Tactics Squadron, the 160th Special Operations Aviation Regiment (SOAR) and UK aircraft from both 7 and 47 Royal Air Force Squadrons. Intelligence collection was the responsibility of the American military, working with the British Joint Support Group (JSG – see Cyberstrike: London), the Secret Intelligence Service (SIS or MI6) and the Special Reconnaissance Regiment (SRR – see Cyberstrike: London) as well as specialist operators from 18 UK Special Forces Signals Regiment.
Task Force Black left Iraq in 2009 when British forces withdrew from the country and was later redeployed to Afghanistan.
Anonymous
This loose but highly coordinated hacker collective – for want of a better term – has been around for about two decades, but first came to public attention in 2007 when the Canadian media announced that a fifty-three-year-old suspected paedophile had been arrested by the police after having been identified and located by a so-called ‘Internet vigilante group’ named Anonymous.
The group is unusual in that it is both unstructured and decentralised but highly coordinated. It is also very open and public about its plans and uses social media to invite anybody interested to join in and help carry them out. There is no leader or central control, just a widely dispersed collective of people who jointly decide what to do and how and when to do it, and then get on with the job. One of the members of Anonymous described what they did in the pithy – but undeniably accurate – phrase ‘ultra-coordinated motherfuckery’. Anonymous tends to pick targets that it sees as acting against the interests of the general public, of repressing freedom of speech, of trying to control the Internet and, especially more recently, of political ‘Big Brother’ measures.
This is far from a comprehensive list, but since 2007 the group has been involved in attacks on, in no particular order, the Church of Scientology, the Motion Picture Association of America, the Recording Industry Association of America, the Bank of America, PayPal, Mastercard, Visa, the Government of Zimbabwe, the Government of Tunisia, the Los Zetas drug cartel and an American computer security firm named HBGary Federal.
In February 2011 a man named Aaron Barr, the CEO of HBGary Federal, made a catastrophic mistake. He told the media that his company had successfully infiltrated the loose collective of hackers known as Anonymous and would publicly promulgate the information that had been obtained. He had absolutely no idea what he was getting himself into.
In response, Anonymous very quickly hacked into and took over the HBGary Federal website, posting an explicit message that refuted Barr’s claims of infiltration and mocked the ability and professionalism of the alleged ‘computer security’ experts the firm claimed to employ.
That’s the polite way of putting it. Anonymous actually described them as a ‘pathetic gathering of media-whoring money-grabbing sycophants’, which seemed to express the group’s opinion clearly enough. And then Anonymous used the Internet to publish almost 70,000 messages, memoranda and other private and sensitive material from the company files.
This caused more than just severe embarrassment, because the information included offers by HBGary Federal to illegally target journalists and other people for the firm’s clients and, most embarrassing of all, Aaron Barr’s suggestion that he might log into various teen-centric Internet chat rooms while posing as ‘Naughty Vicky’, a highly sexed sixteen-year-old girl. Anonymous also hacked into Barr’s Twitter account, which allowed them to publish his home address and Social Security number.
Within a month, HBGary Federal’s credibility had been utterly destroyed, a congressional committee had been tasked with mounting an investigation into what were seen as inappropriate and potentially illegal contracts entered into by the company, and Barr himself had been forced to resign.
The final message from Anonymous on the hacked company website seemed a reasonable summary of what had happened. It said: ‘It would seem the security experts are not expertly secured. We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.’
Donald Trump and the US Federal Depository Library website
In January 2020 the home page of the website of the US Federal Depository Library Program was defaced by a face. In this case, it was the bloodied face of Donald Trump being punched by a fist emerging from the green sleeve of a jacket that bore what looked like the insignia of the Islamic Revolutionary Guards. The image also included two gold-coloured missiles, each marked with the Iranian flag, and photographs of Ayatollah Ali Khamenei, the country’s supreme leader. Text left on the site claimed that the ‘Iran Cyber Security Group Hackers’ had been responsible for the hack and stated that what they had achieved was ‘only a small part of Iran’s cyber ability’.
This hack occurred after an important Iranian military figure and leader of the Islamic Revolutionary Guards, Major General Qasem Soleimani, had been killed in Baghdad by an American drone strike. The defaced site also warned that ‘severe revenge awaits those criminals who have tainted their filthy hands with (Soleimani’s) blood and the blood of the other martyrs’.
In hacking terms, this website was a soft target as it allowed free and unrestricted access for the American public to view federal government information, so getting inside wouldn’t have been difficult, though breaching the internal security systems to access the code running the site certainly should have been.
According to an official statement from the Cybersecurity and Infrastructure Security Agency, a part of the Department of Homeland Security, ‘a misconfiguration with the content management system allowed a malicious actor to deface the website’, the short version of which would read ‘we were hacked’. The website was taken offline for about twenty-four hours while the damage was repaired and, hopefully and presumably, better security protocols were put in place.
Nanotechnology
Three events – a talk in 1959 by physicist Richard Feynman, the invention in 1981 of the STM, the scanning tunnelling microscope, and the discovery of fullerenes, an unusual allotrope of carbon that formed a closed or semi-closed mesh, in 1985 – sparked the creation of an entirely new kind of technology: the manipulation of matter at the molecular level. In fact, nanotechnology already existed in nature and in certain manufactured substances like colloids, combinations of chemicals where one substance is evenly dispersed throughout another, although the nanotechnology element wasn’t understood.
There are millions of examples of nanotechnology in nature, like the feet of a gecko, a kind of lizard, which can hang upside down without using any kind of chemical adhesive to maintain its grip, and the colours on the wings of some butterflies and beetles. These colours aren’t pigments but are caused by the spaces in an arrangement of microscopically tiny pillars made from sugars or proteins. These gaps actually manipulate the light that falls on them to produce certain colours or iridescent sheens.
Panhandler/panhandling
This is a unique Americanism used to describe a beggar or begging,
and there are two possible derivations of the word. It could be a reference to the typical stance of a beggar standing with his or her hand held horizontally away from their body and hoping for somebody to put money on their palm. Using a bit of poetic licence, this stance could be considered to look something like a saucepan with a handle.
Perhaps the more likely explanation is that it comes from the days of the American gold rushes, when miners would sift through pebbles and stones in a pan looking for gold nuggets, because these days many panhandlers hold out pans or cups rather than their bare hand.
Security clearances and SCI – Special Compartmented Intelligence/Information
Most officers in the British Armed Forces hold a basic security clearance which allows them to occasionally see documents classified up to and including Secret. Until fairly recently, this was known as ‘Negative Vetting’ or NV and was intended to weed out obvious security risks like card-carrying members of the Communist Party or people who walked around with photographs of Stalin or Hitler or, these days, some radical Islamic preacher, in their wallets. To be allowed access to higher classification documents, individuals were subjected to a much more thorough and invasive procedure known as ‘Positive Vetting’ (PV), which essentially began at the moment of conception and finished the day before the vetting started.
This was a simple and in most cases an effective system, as long as you ignored the obvious anomalies like Kim Philby, Anthony Blunt, Guy Burgess, Donald Maclean and John Cairncross, all of whom should have been detected well before they entered British – rather than Russian – government service. Burgess, for example, actually joined the British Communist Party while he was a student at Cambridge, which should have raised something of a red flag to any halfway competent checker. But in those days there was a peculiar belief that as long as a man had been to the ‘right’ school and the ‘right’ university and came from the ‘right’ family background, that somehow outweighed any completely obvious and totally unambiguous indications that he might be described as less than entirely patriotic.
These days, the security clearance system is much more complicated but the changes were not, oddly enough, sparked by the damage done by groups such as the ‘Cambridge Five’ but far more likely by the inevitable need for the British government to complicate everything it touches. What they have managed to do, reduced to its most basic level, is replace the simple and obvious NV and PV system with something that’s virtually the same thing but much more difficult to understand.
Negative Vetting has been supplanted by an almost identical procedure with the clumsy and cumbersome title of Baseline Personnel Security Standard, or BPSS.
Then they’ve added a couple of extra checks, the Counter Terrorist Check or CTC, intended for people appointed to certain posts, and the Security Check or SC, which allows the holder access to Secret material and occasionally to Top Secret documents. Just in case you thought that was all a bit too simple, there’s also a check called the ‘enhanced Security Check’ or eSC, which means they also want to see how much money you’ve got in the bank and where it came from.
At the top of the tree is Developed Vetting (DV), which is by far the most comprehensive check and is intended for people whose jobs require them to have regular and uncontrolled access to documents classified Top Secret. It’s also exactly the same as the old and much easier to understand Positive Vetting. Oh, and there’s also ‘enhanced Developed Vetting’ or eDV, which, just like eSC, allows a bunch of nosy bureaucrats to root about in your various bank accounts and ask impertinent questions.
Special Compartmented Intelligence or Information (SCI) is a kind of refinement and embodies the need to know principle. Just because somebody holds a DV clearance, for example, does not mean that they are entitled to see any Top Secret document that they want. Specific operations or documents are frequently restricted to that small number of people who have an absolute and obvious need to know the contents, which may not even be classified as Top Secret but which are so sensitive that a restricted clearance list is essential. To gain access to that particular material, somebody with a DV clearance would also need to be on the approved SCI list.
There are also several established restricted access categories, such as ATOMAL (meaning UK atomic data released to NATO) and Cosmic Top Secret or CTS, which again have restricted access even to people holding a DV clearance. ‘Cosmic’ in this instance has nothing to do with space or anything of that sort and is simply a sexy sounding acronym that decodes as ‘Control of Secret Material in an International Command’. There’s more than a sneaking suspicion that the bureaucrat who thought up that one decided that somehow he simply had to use the word ‘COSMIC’ because it sounded so steely and James Bond-y, and then spent hours or days trying to work out what the letters might stand for to justify his choice.
Independence Day and the Declaration of Independence
On 4 July 1776 the Declaration of Independence was adopted by the Second Continental Congress, the fledgling government of the thirteen colonies that made up the fledgling nation. In what was then legally an act of treason, the Declaration permanently broke the ties between America and Great Britain and established the country as a free and independent nation, no longer subordinate to or a subject of the British monarch.
The American Revolutionary War, also known as the American War of Independence, had started in April the previous year, and the preparation and signing of the Declaration did nothing to end the hostilities: the tide only turned decisively against the British with their defeat at the end of the Siege of Yorktown in October 1781, and the final peace accord, the Treaty of Paris, wasn’t signed until September 1783.
In point of fact, Americans actually celebrate the wrong date: the decision to declare independence had been voted on and passed by Congress two days earlier, on 2 July, but the Declaration itself was not made until 4 July 1776. And it’s almost certain that not all the members of Congress signed the document on 4 July, or indeed at any time that month: it’s far more likely that many of the fifty-six delegates only put pen to paper as much as a month later, on 2 August.
The morning of 4 July 1777 was marked by a thirteen-gun salute – one for each of the thirteen colonies – at Bristol in Rhode Island, a celebration repeated as dusk fell that evening. Ever since then Independence Day has been celebrated across America. Interestingly, it wasn’t until 1870, almost a century after the Declaration of Independence, that the date became a holiday for federal employees – unpaid, of course. They had to wait for another sixty-eight years, until 1938, for it to become a paid holiday.
Unmanned Aerial Vehicles (UAVs) or drones
One of the defining characteristics of warfare in the first two decades of the twenty-first century has been the increasing reliance upon RPAs and UAVs – remotely piloted aircraft and unmanned aerial vehicles – of various types, ranging from intelligence-gathering platforms to armed devices the size of a small aircraft, all types now universally known as drones. And it’s not difficult to see why.
Drones cost much less than a military aircraft designed to do the same job and can be both lighter and have a far longer endurance than a conventional aircraft, largely because they’re not having to lug around the deadweight of the pilot or pilots in the cockpit. And, if something catastrophic happens in the air or the drone is hit by a missile or anti-aircraft fire, the end result is a smallish crater on the ground filled with torn and twisted aluminium but, crucially, no living pilot to be captured and paraded in front of the world’s press. Or, if the ground troops are a part of ISIS, to be doused in petrol and then burnt alive in front of a flock of video cameras and a crowd of radical Islamic thugs baying for blood.
These days, people are familiar with the occasional image on the evening news showing the aftermath of a drone strike – a new word that has now entered the vocabulary of the English language – that has targeted a wanted terrorist in a remote area of the Middle East where conventional forces would find it extremely
difficult or impossible to operate. Such attacks typically involve a Hellfire missile fired from a drone known as a Reaper, an extremely efficient airborne killing machine that frankly does its job much more effectively than any pilot in a manned aircraft could ever do.
What many people don’t realise is that although drones like the MQ-1 Predator and the MQ-9 Reaper are unmanned, they do have a man at the controls, a trained military pilot usually sitting in an air-conditioned bunker on an air base in Nevada or Montana, half a world away from the scene of the action, who communicates with the UAV through satellite links and who can see what is in front of or below the drone through high-resolution camera systems. It is almost as if the pilot is actually in the aircraft, but without the inherent danger that his physical presence would pose.
The figures are unambiguous. How long a UAV can remain in the air is largely determined by its weapons fit, and the Reaper can carry a maximum payload of 3,750 pounds of munitions, primarily a mix of Hellfire missiles and GBU-12 and GBU-30 bombs. With a full fuel load and that payload the Reaper’s radius of action is 1,150 miles and it can stay aloft for between sixteen and twenty hours. Some drones are now achieving airborne endurance times in excess of forty hours. To manage anything like the same endurance with a typical fighter or ground attack aircraft would require multiple air-to-air refuelling missions and exactly how sharp any fighter pilot would be after sitting in a cramped cockpit at the controls for sixteen hours, desperate for a drink and a visit to the loo, is something of a moot point. But the pilot of a Reaper can hand over control to another pilot whenever he feels in need of a coffee, something to eat, a lavatory break or some sleep. It’s undeniably a safer, cheaper, more effective, and much more efficient way of going to war.
And the pilot in America doesn’t even get involved with arguably the two most difficult phases of any flight – take-off and landing. Because both of these require instant responses to potential obstacles, the ability to steer the drone along a particular sequence of taxiways, to take account of the prevailing wind and to obtain clearance from the local controlling authority, these two parts of the operation are handled by a local pilot at whatever airfield or air base the drone is operating from. The pilot in America only takes over control once the aircraft is clear of the airfield and at altitude, and he hands back control well before the drone approaches the runway for landing.