by Fred Kaplan
network security of, 280, 283
Solar Sunrise attack on, 74–78, 80, 81, 101, 119, 120, 123
Special Technological Operations Division of, 7
Strategic Leveraging Project of, 43
Defense Information Systems Agency (DISA), 65, 74, 75, 78, 80, 82
Defense Intelligence Agency, 57
Defense Science Board:
cyber deterrence task force of, 279
cyber security report of, 275–79
“Information Warfare-Defense” task force of, 54
demon-dialing, 9–10, 59, 64, 112, 113, 161
denial-of-service attacks, 102–3, 162–63, 213, 216
Department of Defense Cyber Strategy, The (Carter), 283, 316n–17n
Depression, Great, 199
Desert Storm, Operation, 21–25, 29, 32, 74, 132–33, 149, 290n
civilian casualties in, 24–25
deterrence:
in cyber warfare, see cyber deterrence
nuclear, 277, 278, 284–85
Deutch, John, 49
Devost, Matt, 65, 66, 80–81, 273, 293n
digital communications:
data packets in, 5–6, 17–18, 131, 156, 192–93, 194, 248, 249–50
GCHQ’s collection of data from, 228–29
global switch from analog to, 25, 28–29, 30, 35, 126–27, 275–76
metadata in, see metadata
NSA’s collection of data from, 196–97, 228–29, 230–35, 237–64
PRISM and, 247–52
U.S. as hub of, 191–92, 193, 248
see also telecom companies
Donilon, Thomas, 187, 228, 238
Asia Society speech of, 221–22, 226–27
Earnest, Josh, 272n
East Germany, 235
cyber attacks by, 61–62, 83
eBay, 102
e-commerce, 102
Einstein (IDS project), 177, 179
elections, U.S.:
of 2000, 103, 139–40
of 2008, 197, 198
Electromagnetic Systems Laboratory, see ESL, Inc.
electronic counter measures, 14–15
Eligible Receiver 97 cyber attack exercise, 55, 57–58, 65–72, 75, 81, 90, 110, 119, 241, 275
Army’s refusal to participate in, 70
hacking of military communication and computer networks in, 57, 67, 68–69
Minihan and, 57, 65, 66, 71
as “no-notice” exercise, 67, 68
NSA Red Team in, 57, 66, 67–68, 69–71, 72, 76, 80, 182
postmortem briefing on, 70–71
Ellis, James, 117
Emirnet, 75, 76
Energy Department, U.S., 166
cyber security as low priority of, 172–73
ESL, Inc., 7, 15, 58, 120
espionage, 138–39
microwave technology and, 12–13, 16–17, 22, 132–33, 289n
Estonia, cyber attack on, 162–64, 165, 241
European Command, U.S., 19
Executive Order 13010, 47, 48–49, 74
F-35 Joint Strike Fighter aircraft, 224–25
Facebook, PRISM and, 247
FANEX, 18, 66
Faurer, Lincoln, 26, 28
Federal Bureau of Investigation (FBI), 63, 74, 77–78, 98, 269, 288n
National Infrastructure Protection Center of, 166
National Security Letters of, 254–55, 256, 260
Review Group briefings by, 254–55
Review Group recommendations for, 256
Federal Intrusion Detection Network (FIDNET), 100–102
Federal Trade Commission, North Korean cyber attack on, 213
fiber-optic cables, 132–33
global spread of, 30–31
Saddam’s use of, 22, 24
FIDNET (Federal Intrusion Detection Network), 100–102
FireEye, 269
1st Armored Division, 149
FISA Court, 155, 192, 194, 195, 196, 197, 238, 244
metadata collection and, 245, 246, 253, 256, 261, 262, 263
PRISM and, 248, 249–50
Review Group’s recommendations for, 256–57
secrecy of, 233
five eyes (U.S., Great Britain, Canada, Australia, New Zealand):
command-control systems hacking exercises of, 65–66, 235
intelligence sharing by, 65
Flame computer virus, 205–6, 213
Ford Escape, hacking of, 273n
Foreign Assistance Act, 96
Foreign Intelligence Surveillance Act (1978), 196–97
revisions to, 192–95, 248
Foreign Intelligence Surveillance Court, see FISA Court
Fort Meade, Md., 6, 18, 26
Fourth Amendment, 192, 250
Franco, James, 269
Freeh, Louis, 96
Gandy, Charles, 16
Gates, Robert, 4, 171, 174, 271, 304n–5n, 317n
cyber warfare as concern of, 272–73
“dark territory” metaphor of, 272
as defense secretary, 173, 184–89, 204, 209, 214
infrastructure security and, 280
Obama’s replacing of, 220
and plan for protection of civilian infrastructure, 186–89
Stuxnet and, 206
GEDA (Gain, Exploit, Defend, Attack) concept, 123
Gellman, Barton, 229
General Accounting Office, 47
General Services Administration, 97
Georgia, Republic of:
cyber attack on, 164–66, 241
Russian invasion of, 164–66
Giambastiani, Edmund, 174
Gibson, William, 45–46
Glenn, John, 44, 95
“Global Access Study” (NSA paper), 28–29, 30
Golan Heights, 161
Good Harbor, 241
Google:
Chinese cyber attack on, 234
PRISM and, 247
Gorbachev, Mikhail, 16, 162
Gore, Al, 40, 103
in 2000 election, 103, 139–40
Gorelick, Jamie, 40–41, 45, 46, 48, 50, 51
cyber crime and, 41–42
Gourley, Robert, 84, 88, 276
Government Communications Headquarters (GCHQ), British, 116–17, 213
communications data collected by, 228
Gravell, William, 291n
Great Britain, 235
see also five eyes
Great Depression, 199
Great Recession, 199, 200
Greene, Brenton, 43–44, 51
Greenwald, Glenn, 229
Grenada, U.S. invasion of, 145
Growing Vulnerability of the Public Switched Networks (National Research Council), 54
GRU, 84
Guardian, 228, 229
“Guardians of Peace,” 268
Gulf War, see Desert Storm, Operation
Gunman (Soviet spy device), 16
hacking, hackers, 5, 8, 33, 41, 47, 123, 136, 227–28, 229, 235
L0pht and, 90–91
of military sites, 42
Network Security Monitoring and, 60–61
of Social Security numbers and personal data, 265, 268
software patches and, 136–37
university computers as entry points for, 61, 73, 82
white-hat, 163
zero-day vulnerabilities and, 137
see also cyber attacks, cyber warfare
Hadley, Stephen, 174
Haiti, planned U.S. invasion of, 58–59, 64, 107–8, 112, 161
Hamre, John, 71, 74, 77–78, 80, 81, 86, 113, 120, 121, 122, 125, 153–54, 183, 296n
Clarke and, 95–96
Hanscom Air Force Base, 50–51
Hathaway, Melissa, 176–77, 279
CNCI plan of, 177–78, 198–99
Cyberspace Policy Review issued by, 199–200
Haver, Richard, 26, 27, 28, 32, 84
Hayden, Michael, 178, 245
as Air Force Information Warfare Center commander, 122–23, 126
Alexande
r’s conflicts with, 152–53, 154–55
as CIA director, 215
CNE and, 138
“Director’s Work Plan for Change” of, 128–29
GEDA concept of, 123
as NSA director, 122, 125–26, 127–33, 135, 138, 151, 157–59
TAO and, 135
Trailblazer and, 132
Heath, James, 154
Heberlein, Todd, 60–61, 62
Hiroshima, atomic bombing of, 215
Homeland Security Department, U.S., 18, 142, 167, 179
CNCI and, 178
North Korean cyber attack on, 213
and protection of civilian infrastructure, 186
shortcomings of, 177, 186, 280, 281
Hoover, J. Edgar, 251–52
HowlerMonkey, 136
Hussein, Saddam, 21, 22–23, 25, 74, 110, 132, 143, 145, 241
IBM Selectric typewriters, 16
Idaho National Laboratory, 167, 204
Information Assurance Directorate (NSA), 18, 34, 66, 68, 92–93, 128, 133, 181, 201, 234, 257, 260, 276, 293n
Information Operations Center (IOC), 113, 134, 161
Information Operations Technology Center (IOTC), 124–26
information security, see cyber security
“Information Security: Computer Attacks at Department of Defense Pose Increasing Risks” (GAO report), 47
Information Security Directorate (NSA), 177
Information Sharing and Analysis Centers (ISACs), 97, 104, 139, 176, 274
“Information Terrorism: Can You Trust Your Toaster?” (Devost), 273
information warfare, 41, 58, 119, 161, 169, 208, 289n
and anti-Milosevic campaign, 112–18
China and, 224
command-control systems and, see counter command-control (counter-C2) warfare
history of, 4, 219–20
and hunt for Serbian war criminals, 110–12
McConnell’s focus on, 31–32, 34–37
U.S. offensive operations in, 108–10; see also specific operations
see also cyber attacks, cyber warfare
infrastructure, 67
computer networks and, 41, 45, 52–55
cyber attacks on, 166–69, 174, 198, 212, 214, 215
as cyber attack targets, 104, 212
cyber security and, 186–89, 278, 280–84
Gates-Napolitano plan for protection of, 186–89
as targets of terrorist attacks, 39, 41, 42, 53
Infrastructure Protection Task Force:
Moonlight Maze investigation of, 86
Solar Sunrise investigation of, 74–75
Inglis, John C. “Chris,” 244–48, 252, 279
Inman, Bobby Ray, 21–22, 84, 128, 132
as CIA deputy director, 27
as naval intelligence director, 14, 26–27, 28
as NSA director, 12–13, 14, 17, 18–19, 27, 29, 133
in retirement from government service, 27–28
Institute for Advanced Studies (Princeton), 8
intelligence agencies:
civil liberties and, 251–52, 259, 260
lack of communication between, 171
public-private revolving door in, 172
International Atomic Energy Agency, 301n
Internet, 47, 58, 100, 164, 181, 188, 193, 207, 212
commercial encryption on, 35
cyber security and, 52–53
data packets on, 5–6, 131, 156, 157–58
discontinued NSA metadata program for, 253
domain name system of, 191
Estonia and, 162–63
North Korea disconnected from, 271–72
terrorism and, 35
vulnerability of, 93–94, 176–77
see also computer networks; World Wide Web
Internet of Things, 6, 273
Internet Security Systems, 80
Interview, The (film), 269
intrusion-detection systems (IDS), 80, 81, 101, 120, 176, 177, 278, 281
Iran:
attack on, see Stuxnet
cyber attack on Las Vegas Sands by, 265–68
cyber warfare and, 4, 213, 265–68
nuclear weapons program of, 198, 201, 203–4, 212
Saudi Aramco attacked by, 213, 216
Shamoon computer virus developed by, 213
Iranian National Oil Company, 213
Iraq:
command-control network of, 22
insurgency in, 143, 147, 150, 156, 173, 180, 208, 216, 241
Kurds in, 160
lack of U.S. intelligence about, 22
NSA teams in, 159–60
Operation Desert Storm, 21–23, 29, 32, 74, 149, 151
Sunni-Shiite conflict in, 147, 160
U.S. invasion of, 142–43, 145, 147, 240
U.S. troop surge in, 158, 173
WMD inspectors expelled by, 74
Islam, Sunni-Shiite split in, 147, 160
Israel, 216
Iranian nuclear program and, 203–4
Stuxnet and, 207
Syrian reactor bombed by, 160–61, 198
Unit 8200 of, 161, 205, 207, 213
J-39, 7, 70, 81, 110–12, 120
anti-Milosevic campaign of, 114–18, 119
and 1999 Balkans bombing campaign, 112–14, 119, 161
Jeep Cherokee, hacking of, 273n–74n
Johnson, Jeh, 270
Joint Chiefs of Staff, 32, 74, 146, 183
Information Operations Response Cell of, 76, 78
intelligence directorate (J-2) of, 22, 69
J-39 bureau of, see J-39
Joint Computer Conference, 8
Joint Intelligence Center, 22–23, 24, 29, 32, 132
Joint Special Operations Command (JSOC), 150, 151–52, 156
Joint Task Force-Computer Network Defense (JTF-CND), 81–82, 83–84, 88, 105, 120–21, 183, 187, 276, 296n
Joint Task Force-Computer Network Operations (JTF-CNO), 122, 136
bureaucratic obstructions to, 146–47
Joint Task Force-Global Network Operations, 183
Justice Department, U.S., 63, 155
cyber crime and, 41–42
Information Infrastructure Task Force Coordinating Committee of, 42
Infrastructure Protection Task Force of, see Infrastructure Protection Task Force
Section 215 case and, 262
Kaspersky Lab, 210
Kelly Air Force Base, see Air Force Information Warfare Center
KGB, 12, 16, 84
Khamenei, Ayatollah Ali, 266
Kim Jong-un, 269
Kingsley, Ben, 31
Kuwait, 21
Kuwait City, 22
L0pht, 90–91, 94, 95, 98, 103
L0phtCrack, 92
Lacombe, Phillip, 52–53
Lake, Anthony, 40
Lane, Charles, 44
Langley, Va., 6
Langner, Ralph, 210, 211
Lasker, Lawrence, 9–10, 32, 287n
Las Vegas Sands Corporation, cyber attack on, 265–68
Latham, Donald, 6, 19, 20, 54
Law of Armed Conflict, 25
Lawrence Berkeley National Laboratory, 61–62
Lawrence Livermore National Laboratory, 62
Levitt, Karl, 62
Lewinsky, Monica, 103, 115
Liberty and Security in a Changing World (Review Group report), 255, 258–59, 285
Lieberman, Joe, 95
Lockheed Martin, 120
Chinese cyber attack on, 224–25
LoudAuto, 136
Lukasik, Stephen, 9
Lute, Jane Holl, 188, 189, 302n–3n
McAfee, Chinese cyber attacks tracked by, 226
McCain, John, 197, 198, 283
McCarthy, John, 97
McChrystal, Stanley, 159, 173
as JSOC commander, 150, 151–52
McConnell, John “Mike,” 57, 169, 183, 194, 248
Bush briefed on cyber warfare by, 173–75, 187
Clipper Chip and, 36–37, 40, 58, 12
8
CNCI plan of, 177–78, 198–99, 278
Cyber Command proposed by, 185
cyber deterrence and, 278
cyber security as priority of, 172, 198, 278
as director of national intelligence, 171–78, 191–92, 216
FISA and, 192–93
information warfare as priority of, 31–32, 34–37
as Joint Intelligence Center head, 22–23, 29
as NSA director, 29, 30–37, 128, 133, 172, 173, 193
Obama’s replacing of, 200
in pre-election briefing of Obama, 197–98
Sneakers as epiphany for, 33
McDermott, Thomas, 68
McDonough, Denis, 238
McVeigh, Timothy, 39
MAE East, 191n
MAE West, 191n
Makaveli (pseudonym), 77–78
Maliki, Nouri al-, 160
malware, 182, 205–6, 207–8, 266
Mandia, Kevin, 85, 87, 223, 225, 269, 292n–93n
Mandiant, 85n, 222–23, 225, 226, 269, 292n
Marine Corps, Computer Network Defense unit of, 123
Marsh, Robert T. “Tom,” 50, 51, 52, 72
Marshall, Richard H. L., 24–25, 68
Marsh Commission, 98–99
Marsh Report (Critical Foundations), 53–55, 72, 80, 89, 94, 100, 139, 142, 166, 199, 241
Mellon, Christopher, 35
Merkel, Angela, NSA hacking of, 235, 260
metadata, 61, 154
Alexander and, 230, 231, 233, 253, 256
FISA Court and, 245, 246, 253, 256, 261, 262, 263
NSA’s collection and storage of, 64, 194–97, 230–35, 238, 245–47, 252–54, 261–62, 263
Obama “white paper” on, 238
telecom companies and, 194, 247, 248, 253, 263
USA Freedom Act and, 263
Microsoft, 234, 247
Microsoft Windows, 92, 93
microwave technology, espionage and, 12–13, 16–17, 22, 132–33, 289n
military, U.S., 121
classified networks of, 276
cyber security as low priority of, 64, 105, 119, 120
cyber warfare resisted by, 117–18, 119, 120
Solar Sunrise cyber attack on, 74–78, 183
Military Intelligence Branch 8 (MI-8), 11
military networks, limited Internet connectivity to, 212
Miller, Charlie, 273n–74n
Miller, James, 279
Milosevic, Slobodan, 110, 207
information warfare campaign against, 112–18
Mimikatz, 266
Minihan, Kenneth, 74, 75, 90, 107, 108, 161, 184, 205, 233, 245
as Air Force Information Warfare Center commander, 58–59, 126
as Air Force intelligence chief, 64
as Defense assistant chief of staff for intelligence, 108
as Defense Intelligence Agency director, 57
Eligible Receiver 97 and, 57, 65, 66, 71
as NSA director, 57, 58, 64, 122, 123–24, 125–26, 127, 128, 129, 131, 157, 179–80
TAO and, 134–35
Misawa Air Base, Japan, 32