by Shane Harris
[>] The banks’ Internet service providers: Author interview with Mark Weatherford, August 2013.
[>] “For the first two or three weeks”: Ibid.
[>] Reportedly, the Iranian regime: Yaakov Katz, “Iran Embarks on $1b. Cyber-Warfare Program,” Jerusalem Post, December 18, 2011, http://www.jpost.com/Defense/Iran-embarks-on-1b-cyber-warfare-program.
[>] A group of financial executives: Author interview with senior financial services executive who participated in the meeting, November 2013.
13. The Business of Defense
[>] It occurred to Hutchins: Author interview with Eric Hutchins, January 2014.
[>] Using the kill chain model, Lockheed: Author interview with Charlie Croom, January 2014.
[>] “Within a couple of years”: Author interview with former military intelligence officer, July 2013.
[>] A security expert with close ties: Author interview with cyber security expert, December 2013.
[>] “We’ve already got”: Author interview with Mark Weatherford, August 2013.
[>] On February 18, 2013: Mandiant, APT1: Exposing One of China’s Cyber Espionage Units, http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf.
[>] Less than a month later: Donilon’s full speech, before the Asia Society on March 11, 2013, can be seen at http://asiasociety.org/video/policy/national-security-advisor-thomas-donilon-complete.
[>] “We decided it was”: Author interview with Dan McWhorter, February 2013.
[>] Mandiant’s forensic analysts: Nicole Perlroth, “Hackers in China Attacked the Times for Last 4 Months,” New York Times, January 30, 2013, http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html?pagewanted=all&_r=0.
[>] Reportedly, more than a third: Hannah Kuchler and Richard Waters, “Cyber Security Deal Highlights Threats from Spying,” Financial Times, January 3, 2014, http://www.ft.com/intl/cms/s/0/e69ebfdc-73d0-11e3-beeb-00144feabdc0.html?siteedition=intl#axzz2pM7S3G9e.
[>] “A lot of companies, organizations”: Ibid.
[>] While working as an NSA contractor: Author interviews with school officials and individuals familiar with the details of Snowden’s trip, January 2014.
[>] They came back with a three-hundred-plus-page report: President’s Review Group on Intelligence and Communications Technologies, Liberty and Security in a Changing World, December 12, 2013, http://www.whitehouse.gov/sites/default/files/docs/2013-12-12_rg_final_report.pdf.
[>] In September 2013 a senior air force: John Reed, “The Air Force Still Has No Idea How Vulnerable It Is to Cyber Attack,” Foreign Policy, September 20, 2013, http://killerapps.foreignpolicy.com/posts/2013/09/20/the_air_force_still_has_no_idea_how_vulnerable_it_is_to_cyber_attack.
[>] And this more than four years: Siobhan Gorman, August Cole, and Yochi Dreazen, “Computer Spies Breach Fighter-Jet Project,” Wall Street Journal, April 21, 2009, http://online.wsj.com/article/SB124027491029837401.html.
[>] A month after the air force’s admission: Aliya Sternstein, “IG: Government Has No Digital Cyber Warning System,” Nextgov, November 5, 2013, http://www.nextgov.com/cybersecurity/2013/11/ig-government-has-no-digital-cyber-warning-system/73199/.
[>] Earlier in the year a pair: Nicole Perlroth, “Electrical Grid Is Called Vulnerable to Power Shutdown,” Bits, New York Times, October 18, 2013, http://bits.blogs.nytimes.com/2013/10/18/electrical-grid-called-vulnerable-to-power-shutdown/.
[>] “There isn’t a computer system”: McConnell spoke at a cyber security conference sponsored by Bloomberg in Washington, DC, October 30, 2013.
[>] Investigators concluded that the hackers: Brian Krebs, “Target Hackers Broke in Via HVAC Company,” KrebsonSecurity, February 5, 2014, http://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/.
[>] In February 2014 a Senate committee report: Craig Timberg and Lisa Rein, “Senate Cybersecurity Report Finds Agencies Often Fail to Take Basic Preventative Measures,” Washington Post, February 4, 2013, http://www.washingtonpost.com/business/technology/senate-cybersecurity-report-finds-agencies-often-fail-to-take-basic-preventive-measures/2014/02/03/493390c2-8ab6-11e3-833c-33098f9e5267_story.html.
[>] At a security conference in Washington, DC: Alexander spoke in Washington, DC, at the Newsuem on October 8, 2013, http://www.youtube.com/watch?v=7huYYic_Yis.
14. At the Dawn
[>] A senior administration official: Author interview with senior administration official, January 2014.
[>] The timing of Obama’s speech: Olivier Knox, “Obama NSA Speech on Anniversary of Eisenhower Warning,” Yahoo News, January 16, 2014, http://news.yahoo.com/obama-nsa-speech-on-anniversary-of-eisenhower-warning-025532326.html. White House aides told Knox that the timing was a coincidence.
[>] In December 2013, Ernest Moniz: “Moniz Cyber Warning,” EnergyBiz, January 5, 2014, http://www.energybiz.com/article/14/01/moniz-cyber-warning.
[>] The government is well aware: General Keith Alexander disclosed the number during a speech at Georgetown University on March 4, 2014.
[>] “At the end of the day”: Press briefing by senior administration officials, February 12, 2014.
[>] Once those liability protections are in place, the government: For a thorough examination of how Internet service providers may be tapped to better secure cyberspace, see Noah Shachtman, “Pirates of the ISPs: Tactics for Turning Online Crooks into International Pariahs,” Brookings Institution, July 2011, http://www.brookings.edu/~/media/research/files/papers/2011/7/25%20cybersecurity%20shachtman/0725_cybersecurity_shachtman.pdf.
[>] Some observers have likened: Ibid. See also Jordan Chandler Hirsch and Sam Adelsberg, “An Elizabethan Cyberwar,” New York Times, May 31, 2013, http://www.nytimes.com/2013/06/01/opinion/an-elizabethan-cyberwar.html.
[>] But unlike other clouds: Brandon Butler, “Amazon Hints at Details on Its CIA Franken-cloud,” Network World, November 14, 2013, http://www.networkworld.com/news/2013/111413-amazon-franken-cloud-275960.html.
Index
Accumulo software, [>]
activists, political, [>], [>]–[>], [>]–[>], [>], [>], [>], [>], [>]
Adobe, [>], [>]–[>]
advanced persistent threat (APT), [>], [>], [>]–[>], [>]
Afghanistan, [>], [>]–[>], [>], [>]–[>]
agent, malware, [>]–[>]
Agent.btz, [>]–[>], [>]–[>]
aircraft, military, [>]–[>], [>], [>], [>], [>], [>] n. [>]
air gap, [>], [>], [>]–[>], [>], [>], [>]
air traffic control, [>], [>], [>], [>], [>]–[>]
Alexander, Gen. Keith: bid for NSA’s authority by, [>], [>], [>]–[>], [>]–[>], [>], [>]–[>]; as director of NSA, [>], [>], [>], [>]–[>], [>], [>]; lobbying, [>], [>], [>]; military cyber breach, [>]–[>]; national cyber defense plan, [>], [>], [>], [>]–[>]; recruitment by, [>], [>], [>]
algorithm, encryption, [>]–[>], [>]
Allen & Company, [>]
al-Qaeda: campaign in Iraq, [>], [>], [>]; conference call information, [>]; corporate intranet of, sabotage, [>], [>]; NSA cyber warfare against, [>], [>], [>]–[>], [>], [>]–[>], [>]–[>], [>]; recruitment by, [>]; sanctuary in Afghanistan, [>]; Sunni Awakening denouncement of, [>]; US cell phone monitoring, [>], [>], [>], [>]
Amazon, [>], [>]
American Express, [>], [>]–[>]
anonymity issues, [>], [>], [>], [>]–[>], [>]
Anonymous (hacker group), [>], [>], [>], [>], [>]–[>]
Apple, [>], [>], [>]–[>], [>], [>]
APT. See advanced persistent threat
APT1. See Unit 61398/APT1
Aramco, [>]
Ashcroft, John, [>]
AT&T, [>], [>], [>], [>], [>], [>]
attribution problem, [>]
Aurora. See China, cyber campaign against the US
Australia, [>]
authority for cyber warfare: conference call cabinet, [>]; covert operations vs. military operations, [>]; critical infrastructures and legal issues, [>], [>
], [>]; Cyber Command for cyber attack, [>]–[>]; and definition of “hostile act,” [>]; FBI for domestic attack, [>], [>]; government action campaign for private sector, [>]; president, [>], [>]–[>], [>], [>], [>], [>], [>]; Strategic Command for coordinated military attack, [>]
backdoors, [>], [>], [>], [>]–[>], [>], [>], [>], [>]
Bahrain, [>], [>]
Bank of America, [>]–[>], [>], [>], [>]–[>]
banks. See financial and banking data systems
Barr, Aaron, [>]–[>]
Basla, Lt. Gen. Michael, [>], [>], [>]
beacons, [>]–[>]
Beckstrom, Rod, [>]–[>]
Berico Technologies, [>], [>]
Berlin, Charles, [>]
big ass graph, [>]
bin Laden, Osama, [>], [>], [>]–[>]
black-bag operations, [>], [>], [>]
Black Hat conference, [>], [>], [>], [>]
blackout (electrical), [>], [>], [>]–[>], [>]
blackout (media), [>]
Bonesaw software, [>]
Booz Allen Hamilton, [>], [>], [>]
Bosnia, [>]
botnets, [>], [>], [>], [>]
Boys & Girls Clubs of America, [>]
Brazil, [>]–[>], [>] n. [>]
Britain, [>], [>], [>], [>], [>]
bSafe toolkit, [>]
Buckshot Yankee, [>]–[>], [>]
Bush, George W.: cyber warfare authorization, [>], [>], [>]–[>], [>], [>]; national cyber defense plan, [>]–[>], [>], [>], [>], [>]; NSA authorizations, [>], [>], [>], [>]–[>], [>]
businesses. See contractors, defense; private sector
Calderón, Felipe, [>]–[>]
camera/video data, [>], [>], [>], [>]
Canada, [>], [>]–[>], [>]
Carnivore software, [>]
cell phones: in Afghanistan, [>], [>]; al-Qaeda, [>], [>], [>], [>]; contact chaining, [>], [>], [>]–[>]; disruption tactics, [>], [>]–[>]; iPhone, [>], [>], [>]; in Iraq, [>], [>], [>], [>], [>]–[>], [>]–[>], [>]; tracking of owner, [>], [>]
censorship, [>], [>], [>]
Central Command for the Middle East, [>], [>]–[>]
Central Intelligence Agency (CIA): al-Qaeda, [>], [>], [>], [>]; cloud built for, [>]; drone technology, [>], [>]; and Endgame, [>], [>], [>]; human spies, [>], [>]; Information Operations Center, [>]; Iraq War, [>]; partnerships, [>]–[>], [>], [>]–[>], [>], [>], [>]; Technology Management Office, [>]; venture capital group of, [>], [>]
CenturyLink, [>], [>], [>], [>]
Chabinsky, Steve, [>], [>]
Cheney, Dick, [>], [>], [>]–[>], [>], [>]
Chertoff, Michael, [>]–[>]
children’s issues, [>]–[>]
China: activists, [>], [>], [>], [>]; growth, [>]–[>]; as lender to the US, [>]–[>]; NSA cyber espionage on university, [>]–[>]; People’s Liberation Army, [>]–[>], [>], [>], [>], [>]–[>]; trade with US, [>], [>], [>], [>]; US bombing of embassy, [>]; US cyber espionage against, [>]–[>], [>], [>], [>], [>]–[>], [>]–[>], [>]; US foreign relations, [>]–[>], [>]–[>]; war with US, consequences, [>], [>], [>]
China, cyber campaign against the US (Aurora): as an APT, [>], [>], [>]–[>], [>]; Chinese government position on, [>], [>], [>], [>]; context, [>]–[>]; energy/power systems, [>]–[>], [>], [>], [>]–[>]; extent, [>]–[>], [>], [>], [>]–[>], [>]; F-35 jet, [>]–[>], [>], [>], [>]; intellectual property (see intellectual property, cyber theft, by China); Mandiant report on, [>]–[>], [>], [>]–[>]; Obama administration on, [>]; recruitment, [>]–[>], [>]; tracking by the US, [>]–[>], [>], [>]; Unit 61398/APT1, [>], [>]–[>], [>], [>]; US government sites, [>], [>], [>], [>]–[>]; US media, [>]–[>]
CIA. See Central Intelligence Agency
Cisco, [>]–[>], [>]–[>], [>]–[>], [>]
Citadel, [>]–[>]
civil rights, [>], [>], [>], [>], [>]
classified information. See documents/information, classified
clearinghouse network, [>]
Clinton, Hillary, [>], [>], [>], [>]
clock skew, [>]
cloud storage service, [>], [>], [>]
Coca-Cola, [>]
Cold War, [>], [>], [>]–[>], [>], [>], [>], [>], [>]–[>]
Comey, James, [>], [>]
command-and-control servers, [>]–[>], [>], [>], [>], [>]
Computer Associates, [>]
computers: cameras in, [>], [>], [>]; captured laptops, [>], [>]; hijacked, [>]; internal clocks, [>]; tagging specific, [>]
conferences, hacker, [>], [>], [>], [>]
Conlon, Brendan, [>]
Constitution, US, [>], [>], [>], [>], [>]
contact chaining/call chains, [>], [>], [>]–[>]
contractors, defense: cyber breaches, [>]–[>], [>], [>], [>], [>] n. [>]; cyber security firms, [>], [>], [>], [>], [>]; major, [>], [>]; role in US military, [>], [>], [>], [>], [>], [>], [>]; use of zero day market, [>], [>]. See also Defense Industrial Base; military-industrial complex
counterterrorism, [>]–[>], [>], [>]–[>], [>], [>], [>]
crashes, computer, [>]–[>], [>]–[>], [>], [>], [>], [>]
credit/debit cards, [>], [>]–[>], [>]–[>], [>], [>], [>], [>]–[>]
critical infrastructures: cyber attacks, annual, [>], [>]; cyber attack threat, [>], [>], [>], [>], [>], [>], [>]–[>]; declaration of war issues, [>], [>], [>]; definition, [>], [>], [>]–[>]; executive orders, [>]–[>], [>]–[>], [>]
Croom, Charlie, [>], [>], [>], [>]
crowdsourcing, [>], [>]
CrowdStrike Services, [>]–[>], [>], [>], [>]
cryptologists, [>], [>], [>], [>]
Cyber Command. See US Cyber Command
cybercrime, [>], [>]–[>], [>]–[>], [>]–[>], [>], [>], [>]. See also intellectual property; network forensics
cyber espionage, [>], [>], [>], [>], [>], [>]–[>], [>]–[>], [>]. See also China, cyber campaign against the US; spyware
cyber espionage by the US: of Americans, [>]–[>], [>], [>], [>]–[>], [>], [>] (see also Fourth Amendment; legal issues, monitoring by the NSA; privacy issues); by companies (see under private sector); by the FBI, [>]–[>]; of foreigners, [>], [>]–[>], [>]–[>], [>], [>], [>], [>]; global telecommunications, [>], [>]–[>], [>], [>], [>] (see also Tailored Access Operations); by Mandiant, [>]–[>]; propaganda, [>], [>], [>], [>], [>]–[>]; of individuals vs. groups of people, [>]–[>]; two reasons for, [>]
cyber kill chain, [>]–[>]
cyber security: companies (see under private sector); cyber hygiene, [>]; cyber sentry model, [>]; defense tactics, [>], [>]–[>], [>], [>]–[>], [>], [>]–[>], [>]–[>]; enemy among us, [>]–[>]; federal guidelines, [>]; future innovations, [>]–[>]; log-in and password, [>], [>], [>], [>], [>]; as a national priority, [>], [>], [>], [>], [>]; patent rights, [>]; shift from counterterrorism to, [>], [>], [>], [>]; standards development, [>]–[>], [>]–[>], [>]–[>]; used in marketing, [>]–[>]. See also National Security Agency, national cyber defense activities
cyberspace: characteristics, [>], [>], [>]; as civilian space vs. militarized zone, [>]–[>], [>], [>]–[>]; as the fifth domain of warfare, [>], [>], [>], [>], [>]; future scenario for, [>]–[>]; as the new domain of warfare, [>]–[>], [>]–[>]; US policy to dominate, [>], [>]–[>], [>]
cyber warfare: authority to begin (see authority for cyber warfare); with China, effects on the US, [>], [>], [>]; collateral damage, [>], [>] (see also critical infrastructures); cyber arms market, [>]–[>], [>]–[>], [>]–[>], [>]; cyber arms race, [>], [>], [>], [>]; defense plan, national, [>]–[>]; defense vs. offense, [>]–[>], [>]–[>] (see also cyber warfare, blurred distinction between defense and offense); early development, [>]–[>], [>]–[>], [>], [>], [>]–[>]; enemy among us, [>]–[>]; the first cyber war, [>]–[>]; identification of targets, [>]–[>], [>], [>], [>]–[>], [>]; Internet as a battlefield, [>]–[>]; international agreements, [>], [>]; mercenaries, [>]–[>], [>]; by private companies (see hack-backs; private sector, retaliation); privatization, [>], [>]–[>]; recruitment/training, [>]–[>], [>], [>], [>], [>]–[>
], [>], [>]–[>], [>], [>]; rules of combat, [>]–[>], [>] n. [>]; tactics (see tactics); target data, [>], [>], [>], [>], [>], [>]; three missions of, [>]–[>], [>]–[>]; use of term, [>], [>]–[>]
cyber warfare, blurred distinction between defense and offense: “active defense,” [>], [>]; “defense” easier to sell, [>]–[>]; need to combine capability, [>], [>]–[>]; and NSA–Cyber Command relationship, [>], [>], [>]; by private companies, [>], [>], [>], [>], [>], [>]; pure information vs. military operations, [>], [>]; with zero day information, [>]–[>], [>]–[>]
data collection and storage: CIA-NSA metadata, [>]–[>], [>]–[>]; cloud, [>], [>], [>]; hacker history by Lockheed, [>]; phone data by NSA, [>]; Prism system, [>], [>], [>], [>], [>]; targeting data, [>], [>], [>]
Data Intercept Technology Unit (DITU), [>], [>]–[>]
data management, [>], [>]
data mining, [>], [>], [>], [>], [>], [>]–[>], [>]
Davis, Maj. Gen. John, [>], [>], [>]–[>]
Def Con conference, [>], [>], [>]
Defense Cyber Crime Center, [>]
Defense Industrial Base (DIB): creation, [>], [>], [>]; and DHS, [>]; expansion, [>], [>], [>], [>]–[>]; function, [>]–[>]; ISP test without NSA aid, [>]–[>]; Lockheed sharing data with, [>]; number of members, [>]–[>]
Defense Information Systems Agency, [>], [>], [>]
Defense Intelligence Agency, [>], [>]
denial-of-service attacks, [>], [>], [>], [>], [>]
DHS. See US Department of Homeland Security
DIB. See Defense Industrial Base
distributed computing vs. centralized supercomputers, [>], [>]
DITU. See Data Intercept Technology Unit
documents/information: classified, [>], [>], [>]–[>], [>], [>], [>], [>]; classified threat intelligence sharing, [>], [>], [>]–[>], [>], [>]; declassified, [>], [>]; pdf, [>]–[>]; unclassified, [>]–[>], [>], [>]
DOD. See US Department of Defense