Dark Territory
Page 35
MIT (Massachusetts Institute of Technology), 9, 61, 73
Mitchell, Andrea, 232
Money, Art, 105, 122, 153, 279, 296n
as assistant secretary of defense, 119, 120, 124–25
MonkeyCalendar, 136
Moonlight Maze Coordination Group, 86–88
Moonlight Maze cyber attack, 78–79, 81–88, 98, 119, 123, 187, 212–13, 241, 276
Russia and, 86–88, 213, 223
Morell, Michael:
CIA career of, 238–39, 252
NSA case files reviewed by, 252–53
in Review Group, 238–39, 252–54, 256
Morris, Robert, Sr., 60
Morris, Robert T., Jr., 60
Morris Worm, 60, 62
Moscow, U.S. embassy in, 12, 289n
Mossad, 207
Mudge, see Zatko, Peiter
Mullen, Mike, 183
Murtha, Jack, 193
Nagasaki, atomic bombing of, 215
Napolitano, Janet, 186–89
NASDAQ, North Korean cyber attack on, 213
Natanz, Iran, 203–4, 304n
cyber attack on, see Stuxnet
National Bureau of Standards, 34, 36
National Geospatial-Intelligence Agency, 152
National Infrastructure Protection Center, 166
National Institute of Standards and Technology, 34, 36
National Intelligence Directorate, 176, 242–43
National Military Command Center, Eligible Receiver hacking of, 68–69
National Military Strategy for Cyber Operations, 211
National Plan for Information Systems Protection, 100–105, 139, 141–42
“National Policy on Telecommunications and Automated Information Systems Security” (NSDD-145), 2–3, 7, 19–20, 27, 34, 54, 67, 72, 100, 188, 195, 241
National Research Council, 54
National Security Agency (NSA), 6–7, 12–13, 18–19, 27, 30–37, 54, 74, 78, 100, 110, 119, 122, 123–40, 147, 158, 176, 195, 219, 269, 288n
Alexander as director of, 152, 155–56, 174, 178–81, 182–84, 185–86, 187, 189, 204, 211, 214, 231, 244, 247, 252, 253, 256
anti-Milosevic campaign and, 114–15
Army’s relations with, 151
Bauded Signals Upgrade program in, 14, 22, 28
broken personnel system of, 129–30
budget cuts and, 123, 127
CIA interaction with, 133–34
civil liberties and, 3, 20, 188, 192, 194–96, 231, 239, 244–52, 264
Clarke’s visit to, 90
CNCI and, 178
Cold War and, 12
communication service providers and, 194
computer crash at, 130, 131
Computer Security Center of, 18–19, 34, 60
Congress and, 3, 20, 27, 195–96
counter-C2 campaign of, 16
Data Network Technologies Branch of, 136
digital communications data collected by, 196–97, 228–29, 230–35, 237–64
domestic surveillance by, 230–35
in Eligible Receiver 97 cyber attack exercise, see Eligible Receiver 97 cyber attack exercise
executives’ report on shortcomings of, 127–28, 129–33
as falling behind in digital technology, 126–27, 128, 129
Flame virus of, 213
fusion of Cyber Command and, 243, 260
“Global Access Study” of, 28–29, 30
Hayden as director of, 122, 125–26, 127–33, 135, 138, 151, 157–59
Information Warfare Directorate of, 32, 40
infrastructure security and, 280
IOTC of, 124–26
Iraq teams of, 159–60
McConnell as director of, 29, 30–37, 128, 133, 172, 173, 193
metadata collection and storage by, 64, 194–97, 230–35, 238, 245–47, 252–54, 261–62, 263
Minihan as director of, 57, 58, 64, 122, 123–24, 125–26, 127, 128, 129, 131, 157, 179–80
Mission Infrastructure Technologies Branch of, 136
Moonlight Maze attack and, 79
mystique of, 124, 184
NSDD-145 and, 3, 20, 188, 195
“One Hundred Days of Change” at, 130
origins of, 11–12
potential for abuse by, 251–52, 254, 264
PRISM program of, 247–52
and protection of civilian infrastructure, 186–89
Red Team of, 57, 66, 67–68, 69–71, 72, 75, 76, 80, 182, 275
Review Group briefings by, 244–52
Review Group recommendations on, 256–57
Rogers as director of, 282
RTRG program of, 158–60
Scientific Advisory Board of, 11
secrecy of, 3, 178, 214–15, 234
security complacency at, 17, 34
Snowden leaks and, 64, 194, 228–30, 234, 242, 244, 245, 251, 257–59, 262, 282, 285, 298n
Stellar Wind program of, 155n
Stone’s speech to, 264
Studeman as director of, 126–27, 275–76
Telecommunications Network Technologies Branch of, 136
Trailblazer program of, 132, 156–57
Turbulence program of, 157–58
National Security Agency (NSA), SIGINT Directorate of, 4–5, 18, 22, 29, 30, 33, 34, 90, 93, 125, 128, 130–31, 133, 172, 181, 204, 205, 207, 257
A Group of, 124, 129
changing role of, 214–15
“Global Network” operations of, 131
“Global Response” operations of, 131
ground commanders and, 156, 185
Tailored Access Operations of, see TAO
National Security Council (NSC), 40, 97, 140, 150, 187, 188, 227
National Security Directive 42, 66
National Security Letters, 254–55, 260
Review Group recommendations for, 256
National Strategy to Secure Cyberspace, The, 141–42, 174, 199
Naval Postgraduate School, 148
Navy, U.S., 70, 79
black programs of, 40, 44
cryptology labs of, 7
intelligence operations of, 14, 26–27
Naval Information Warfare Activity of, 32, 123
Nellis Air Force Base, 107
Netscape Matrix, 35
Network Security Monitoring, 60–63
Neumann, John von, 8
Neuromancer (Gibson), 45–46
New York, N.Y., telecommunication switches in, 45
New York Stock Exchange, North Korean cyber attack on, 213
New York Times, 101
Chinese hacking of, 223
New Zealand, see five eyes
NightStand, 136
9/11 Commission, 171, 240
Nixon, Richard, 251–52
Noonan, Robert, 153–54
North American Aerospace Defense Command (NORAD), 1, 10
North Atlantic Treaty, Article 5 of, 163
North Atlantic Treaty Organization (NATO), 110, 163, 273
North Korea, 160, 198, 269
cyber warfare and, 4, 213, 216, 268–71, 272n
Internet shutdown in, 271–72
Sony cyber attack by, 268–71, 272n
Northrop Grumman Corporation, 127, 132
NSDD-145 (“National Policy on Telecommunications and Automated Information Systems Security”), 2–3, 7, 19–20, 27, 34, 54, 67, 72, 100, 188, 195, 241
NSPD-54, 178, 199
nuclear weapons, 277, 278
cyber warfare vs., 215–16
Nunn, Sam, 46–47, 51, 59, 199
critical infrastructure hearings of, 47–48
Obama, Barack, 186, 187, 197–98, 201, 249, 259, 304n–5n
Bush’s Stuxnet briefing of, 203
Chinese cyber attacks and, 221–28, 235
and cyber attack on Sony, 270–71
cyber security as priority of, 200–201
drone strikes supported by, 208
“Improving Critical Infrastructure Cybersecurity” executive order of, 274
intelligence review pa
nel appointed by, see President’s Review Group on Intelligence and Communication Technologies
PPD-20 of, 217–20, 228, 314n–15n
Stuxnet and, 203, 208–9, 210, 212
terrorism as priority of, 197–98
Xi’s summits with, 228–29, 308n
Obama administration:
cyber warfare and, 3–4
metadata “white paper” of, 238
Odom, William, 26, 28
Office of Technology Assessment, U.S., 43
Oklahoma City bombing, 39, 40, 89, 175
Olympic Games, Operation, see Stuxnet
Orchard, Operation, 161
Pace, Peter, 211
Pacific Command, U.S., 67, 80
Pacific Gas & Electric, 52–53
Pakistan, U.S. drone strikes in, 201, 208
Paladin Capital Group, 233
Paltalk, PRISM and, 247
Panetta, Leon, as defense secretary, 220
Parkes, Walter, 9–10, 32
passwords, 82, 136
Patriot Act (2001), 192
Section 215 of, 245–46, 252–53, 261–63
Section 505 of, 254
sunset clause in, 261–63
Paulson, Henry, 174, 175
PDD-39 (“U.S. Policy on Counterterrorism”), 39–40, 46, 89
PDD-63, see “Critical Infrastructure Protection” (PDD-63)
Pentagon, 9/11 attack on, 141
People’s Liberation Army, Unit 61398 of, 222–23, 225, 226, 242, 269
Perry, William, 14–15, 67, 76, 124, 184, 220
as secretary of defense, 57–58, 59, 66–67, 120
Persian Gulf, 74
Petraeus, David, 158–59, 160, 173
phishing, 136
Physical Vulnerability of Electric Systems to Natural Disasters and Sabotage (U.S. Office of Technology Assessment), 43–44
PlayStation network, hacking of, 268
Poitras, Laura, 229
Polaris missile, 120
Pollard, Neal, 75
Powell, Colin, 23, 30, 32, 59, 64
Power, Samantha, 239
PPD-20 (“U.S. Cyber Operations Policy”), 217–20, 228, 314n–15n
President Reagan: The Role of a Lifetime (Cannon), 287n–88n
President’s Commission on Critical Infrastructure Protection, 49–55, 74
Marsh as chairman of, 50
members of, 49–50
Minihan’s Eligible Receiver briefing to, 72
report of, see Marsh Report (Critical Foundations)
President’s Review Group on Intelligence and Communication Technologies (Review Group), 235, 238–40, 242–60, 264
cyber security prioritized by, 257–58
deadline of, 242
FBI’s briefings of, 254–55
K Street SCIF of, 243, 252
NSA metadata collecting examined by, 245–47, 252–54, 262
Obama’s meetings with, 242, 259
and potential for abuse by intelligence agencies, 251–52, 259, 260
PRISM and, 247–48
public trust as priority of, 237–38, 258
report of, see Liberty and Security in a Changing World
staff of, 243, 258
PRISM, 228, 247–52
FISA Court and, 248, 249–50
programmable logic controllers (PLCs), 204–5
Protect America Act (2007), 193–95
civil liberties and, 194–95
Section 702 of, 248–49
Putin, Vladimir, 162
RageMaster, 136
RAND Corporation, 8, 10, 51, 278, 316n
RATs (Remote Access Trojans), 225–26
Rattray, Gregory, 225
RCA, 19
Reagan, Ronald, 7, 19, 27, 67, 72, 183, 287n
counter-C2 warfare and, 15–16
Executive Order 12333 of, 288n
NSDD-145 of, 2–3, 7, 19–20, 27, 34, 54, 67, 72, 100, 188, 195, 241
“Star Wars” program and, 2
WarGames and, 1–3, 6, 10, 19, 175
Reagan administration, 54
cyber warfare and, 1–3, 6–7
Redford, Robert, 31
regulation, corporate fear of, 98–99, 101, 176, 200, 274–75
Remote Access Trojans (RATs), 225–26
Reno, Janet, 39–40
resilience, as goal of cyber security, 277
Review Group, see President’s Review Group on Intelligence and Communication Technologies
Rhoads, Walter “Dusty,” 107–8, 120, 121
Rice, Condoleezza, 140–41, 150, 174
Rice, Susan, 238, 239
Riedel, Bruce, 199
Rogen, Seth, 269, 270
Rogers, Michael, 282, 285
Ronfeldt, David, 291n
RTRG (Real Time Regional Gateway), 158–60, 195
Rumsfeld, Donald, 150–51, 155, 173
Iraq insurgency downplayed by, 148, 150
Russian Federation:
CentCom hacking and, 182
and cyber attack on Georgia, 164–66
cyber attacks by, 4, 42, 164–66, 224
Estonian cyber attack and, 163–64, 165
Georgia invaded by, 164–66
Moonlight Maze and, 86–88, 213, 223
Sandia Laboratories, 111
Sare, Michael, 71
Saudi Aramco, Iranian cyber attack on, 213, 216
SCADA (Supervisory Control and Data Acquisition) systems, 45
Schaeffer, Richard, 181–82, 276
Schell, Roger, 293n
Schmidt, Howard, 188
Schoomaker, Peter, 150–51
Schwarzkopf, Norman, 23, 25, 151
Science Applications International Corporation (SAIC), 132
Scowcroft, Brent, 44
2nd Circuit Court of Appeals, U.S., Section 215 ruling of, 262–63
Secret Service, North Korean cyber attack on, 213
“Security and Privacy in Computer Systems” (Ware), 8–9
Senate, U.S.:
Armed Services Committee of, 46, 71, 283
Church Committee of, 37, 230, 252
Foreign Relations Committee of, 197
Governmental Affairs Committee of, 48, 94
Intelligence Committee of, 35–36
Select Committee on Intelligence of, 126, 127, 231–33, 256
sensitive compartmented information facilities (SCIFs), 243
September 11, 2001, terrorist attacks, 3, 140–41, 155, 171, 174, 192, 195, 241, 244, 261
Serbia, U.S. hacking of phone systems in, 113, 132
Shady RAT, Operation, 226
Shalikashvili, John, 67, 68, 146
Shamoon computer virus, 213–14
Shaw Air Force Base, 7, 108–9
Shiite Muslims, 147, 160
Shinseki, Eric, 111, 112
Siemens, logic controllers of, 204–5, 206, 211
Signal Security Agency, 11
609th Information Warfare Squadron, 7, 108–10, 120
60 Minutes (TV program), 240
Skype, PRISM and, 247
Slocombe, Walter, 44
Sneakers (film), 31–32, 33
Snowden, Edward, 194
NSA programs leaked by, 63–64, 228–30, 231, 234, 242, 244, 245, 251, 257–59, 262, 282, 285, 298n
Social Security, 99
Social Security numbers, hacking of, 265, 268
Solar Sunrise cyber attack, 74–78, 80, 81, 98, 101, 119, 120, 123, 183, 187, 241
Sonic.net, 77
Sony Online Entertainment, hacking of, 268
Sony Pictures Entertainment, North Korean cyber attack on, 268–71, 272n
South China Morning Post, 229
South Korea, North Korean cyber attacks on, 213, 269
South Ossetia, 164–65, 241
Soviet Union, 12, 13
collapse of, 162
Space Command, U.S., 122, 146
Spiegel, Der 228, 229, 298n
Sputnik II, 119
Stabilization Force (SFOR), 110–12
“Star Wars” program, 2
Stasi, 235
Stellar Wind, 155n
Stimpy (pseudonym), 77–78
Stimson, Henry, 11
Stoll, Cliff, 61–62, 82–83
Stone, Geoffrey:
civil liberties expertise of, 239, 244, 251, 259, 264
in Review Group, 239, 244, 246, 250–52, 253, 254, 264
Strategic Command, U.S., 183
Studeman, William, 21–22, 26, 27, 28, 30, 42, 84, 128
as acting CIA director, 45
as CIA deputy director, 41
information warfare as focus of, 41
as NSA director, 126–27, 275–76
Stuxnet, 201, 213, 216, 217, 218–19, 228, 242, 304n–5n
Alexander and, 204–5, 206
Bush and, 203, 205, 206, 208, 209, 212, 215
centrifuges speed manipulated by, 209
exposure of, 210–11
false data sent to monitors in, 208, 209
Gates and, 206
Iranian confidence as target of, 208
Israel and, 207
Natanz centrifuges targeted by, 203
Obama and, 203, 208–9, 210, 212
Siemens logic controllers infected by, 204–5, 211
successes of, 209–10
TAO and, 205–7
valve controls overridden by, 207–20
Summers, Lawrence, 200
Sunni Muslims, 147, 160
Sunstein, Cass, 239, 253
Suter, 161
Swire, Peter, 239–40, 243–44, 251, 253, 255
Sylvania Labs, 14–15
Symantec, 210, 211
Syria:
cyber attacks by, 4
Israeli bombing of reactor in, 160–61, 198, 301n
Taiwan, 224
Taliban, 149, 229
Tallinn, Estonia, 165
cyber attack on, 162–64
Tango, Operation, 111
TAO (Office of Tailored Access Operations), 135–37, 156, 158, 182, 195, 273n
hacking software of, 136
Hayden and, 135
Minihan and, 134–35
Snowden leaks and, 229–30
Stuxnet and, 205–7
tools and techniques of, 298n
Technical Advisory Group, 126
telecom companies:
metadata collection and, 194, 247, 248, 253, 263
Snowden leaks and, 234
telecommunication networks, switches in, 44–45
Tenenbaum, Ehud (The Analyzer), 77, 78
Tenet, George, 113, 140
terrorism, terrorists:
Bush (G.W.) administration complacency about, 140–41
CNE and, 139
cyber attacks by, 98
FISA and, 192
infrastructure as targets of, 39, 41, 42, 53
Internet and, 35
Obama’s focus on, 197–98
post-9/11 fear of, 195
Thompson, Fred, 95
thumb drives, malware on, 182, 207, 304n
Thurman, Max, 145
Titan Rain, 224
Toyota Prius, hacking of, 273n