White House Didn't Ask New York Times Not to Publish Classified Information

[thinbl...@gmail.com]

White House Didn't Ask New York Times Not to Publish Classified Information
John Cook 6/01/12
http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information



When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.

Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program—dubbed "Olympic Games" by the CIA—including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting—one man's hard-won scoop is another man's "official leak"—but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.



-----------------------------------------------------------------------------



Obama Order Sped Up Wave of Cyberattacks Against Iran
By DAVID E. SANGER June 1, 2012
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html


WASHINGTON — From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.

Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

At a tense meeting in the White House Situation Room within days of the worm’s “escape,” Mr. Obama, Vice President Joseph R. Biden Jr. and the director of the Central Intelligence Agency at the time, Leon E. Panetta, considered whether America’s most ambitious attempt to slow the progress of Iran’s nuclear efforts had been fatally compromised.

“Should we shut this thing down?” Mr. Obama asked, according to members of the president’s national security team who were in the room.

Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.

This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts. None would allow their names to be used because the effort remains highly classified, and parts of it continue to this day.

These officials gave differing assessments of how successful the sabotage program was in slowing Iran’s progress toward developing the ability to build nuclear weapons. Internal Obama administration estimates say the effort was set back by 18 months to two years, but some experts inside and outside the government are more skeptical, noting that Iran’s enrichment levels have steadily recovered, giving the country enough fuel today for five or more weapons, with additional enrichment.

Whether Iran is still trying to design and build a weapon is in dispute. The most recent United States intelligence estimate concludes that Iran suspended major parts of its weaponization effort after 2003, though there is evidence that some remnants of it continue.

Iran initially denied that its enrichment facilities had been hit by Stuxnet, then said it had found the worm and contained it. Last year, the nation announced that it had begun its own military cyberunit, and Brig. Gen. Gholamreza Jalali, the head of Iran’s Passive Defense Organization, said that the Iranian military was prepared “to fight our enemies” in “cyberspace and Internet warfare.” But there has been scant evidence that it has begun to strike back.

The United States government only recently acknowledged developing cyberweapons, and it has never admitted using them. There have been reports of one-time attacks against personal computers used by members of Al Qaeda, and of contemplated attacks against the computers that run air defense systems, including during the NATO-led air attack on Libya last year. But Olympic Games was of an entirely different type and sophistication.

It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country’s infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives. The code itself is 50 times as big as the typical computer worm, Carey Nachenberg, a vice president of Symantec, one of the many groups that have dissected the code, said at a symposium at Stanford University in April. Those forensic investigations into the inner workings of the code, while picking apart how it worked, came to no conclusions about who was responsible.

A similar process is now under way to figure out the origins of another cyberweapon called Flame that was recently discovered to have attacked the computers of Iranian officials, sweeping up information from those machines. But the computer code appears to be at least five years old, and American officials say that it was not part of Olympic Games. They have declined to say whether the United States was responsible for the Flame attack.

Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade. He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons — even under the most careful and limited circumstances — could enable other countries, terrorists or hackers to justify their own attacks.

“We discussed the irony, more than once,” one of his aides said. Another said that the administration was resistant to developing a “grand theory for a weapon whose possibilities they were still discovering.” Yet Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.

If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work. Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.

A Bush Initiative

The impetus for Olympic Games dates from 2006, when President George W. Bush saw few good options in dealing with Iran. At the time, America’s European allies were divided about the cost that imposing sanctions on Iran would have on their own economies. Having falsely accused Saddam Hussein of reconstituting his nuclear program in Iraq, Mr. Bush had little credibility in publicly discussing another nation’s nuclear ambitions. The Iranians seemed to sense his vulnerability, and, frustrated by negotiations, they resumed enriching uranium at an underground site at Natanz, one whose existence had been exposed just three years before.

Iran’s president, Mahmoud Ahmadinejad, took reporters on a tour of the plant and described grand ambitions to install upward of 50,000 centrifuges. For a country with only one nuclear power reactor — whose fuel comes from Russia — to say that it needed fuel for its civilian nuclear program seemed dubious to Bush administration officials. They feared that the fuel could be used in another way besides providing power: to create a stockpile that could later be enriched to bomb-grade material if the Iranians made a political decision to do so.

Hawks in the Bush administration like Vice President Dick Cheney urged Mr. Bush to consider a military strike against the Iranian nuclear facilities before they could produce fuel suitable for a weapon. Several times, the administration reviewed military options and concluded that they would only further inflame a region already at war, and would have uncertain results.

For years the C.I.A. had introduced faulty parts and designs into Iran’s systems — even tinkering with imported power supplies so that they would blow up — but the sabotage had had relatively little effect. General James E. Cartwright, who had established a small cyberoperation inside the United States Strategic Command, which is responsible for many of America’s nuclear forces, joined intelligence officials in presenting a radical new idea to Mr. Bush and his national security team. It involved a far more sophisticated cyberweapon than the United States had designed before.

The goal was to gain access to the Natanz plant’s industrial computer controls. That required leaping the electronic moat that cut the Natanz plant off from the Internet — called the air gap, because it physically separates the facility from the outside world. The computer code would invade the specialized computers that command the centrifuges.

The first stage in the effort was to develop a bit of computer code called a beacon that could be inserted into the computers, which were made by the German company Siemens and an Iranian manufacturer, to map their operations. The idea was to draw the equivalent of an electrical blueprint of the Natanz plant, to understand how the computers control the giant silvery centrifuges that spin at tremendous speeds. The connections were complex, and unless every circuit was understood, efforts to seize control of the centrifuges could fail.

Eventually the beacon would have to “phone home” — literally send a message back to the headquarters of the National Security Agency that would describe the structure and daily rhythms of the enrichment plant. Expectations for the plan were low; one participant said the goal was simply to “throw a little sand in the gears” and buy some time. Mr. Bush was skeptical, but lacking other options, he authorized the effort.

Breakthrough, Aided by Israel

It took months for the beacons to do their work and report home, complete with maps of the electronic directories of the controllers and what amounted to blueprints of how they were connected to the centrifuges deep underground.

Then the N.S.A. and a secret Israeli unit respected by American intelligence officials for its cyberskills set to work developing the enormously complex computer worm that would become the attacker from within.

The unusually tight collaboration with Israel was driven by two imperatives. Israel’s Unit 8200, a part of its military, had technical expertise that rivaled the N.S.A.’s, and the Israelis had deep intelligence about operations at Natanz that would be vital to making the cyberattack a success. But American officials had another interest, to dissuade the Israelis from carrying out their own pre-emptive strike against the Iranian nuclear facilities. To do that, the Israelis would have to be convinced that the new line of attack was working. The only way to convince them, several officials said in interviews, was to have them deeply involved in every aspect of the program.

Soon the two countries had developed a complex worm that the Americans called “the bug.” But the bug needed to be tested. So, under enormous secrecy, the United States began building replicas of Iran’s P-1 centrifuges, an aging, unreliable design that Iran purchased from Abdul Qadeer Khan, the Pakistani nuclear chief who had begun selling fuel-making technology on the black market. Fortunately for the United States, it already owned some P-1s, thanks to the Libyan dictator, Col. Muammar el-Qaddafi.

When Colonel Qaddafi gave up his nuclear weapons program in 2003, he turned over the centrifuges he had bought from the Pakistani nuclear ring, and they were placed in storage at a weapons laboratory in Tennessee. The military and intelligence officials overseeing Olympic Games borrowed some for what they termed “destructive testing,” essentially building a virtual replica of Natanz, but spreading the test over several of the Energy Department’s national laboratories to keep even the most trusted nuclear workers from figuring out what was afoot.

Those first small-scale tests were surprisingly successful: the bug invaded the computers, lurking for days or weeks, before sending instructions to speed them up or slow them down so suddenly that their delicate parts, spinning at supersonic speeds, self-destructed. After several false starts, it worked. One day, toward the end of Mr. Bush’s term, the rubble of a centrifuge was spread out on the conference table in the Situation Room, proof of the potential power of a cyberweapon. The worm was declared ready to test against the real target: Iran’s underground enrichment plant.

“Previous cyberattacks had effects limited to other computers,” Michael V. Hayden, the former chief of the C.I.A., said, declining to describe what he knew of these attacks when he was in office. “This is the first attack of a major nature in which a cyberattack was used to effect physical destruction,” rather than just slow another computer, or hack into it to steal data.

“Somebody crossed the Rubicon,” he said.

Getting the worm into Natanz, however, was no easy trick. The United States and Israel would have to rely on engineers, maintenance workers and others — both spies and unwitting accomplices — with physical access to the plant. “That was our holy grail,” one of the architects of the plan said. “It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand.”

In fact, thumb drives turned out to be critical in spreading the first variants of the computer worm; later, more sophisticated methods were developed to deliver the malicious code.

The first attacks were small, and when the centrifuges began spinning out of control in 2008, the Iranians were mystified about the cause, according to intercepts that the United States later picked up. “The thinking was that the Iranians would blame bad parts, or bad engineering, or just incompetence,” one of the architects of the early attack said.

The Iranians were confused partly because no two attacks were exactly alike. Moreover, the code would lurk inside the plant for weeks, recording normal operations; when it attacked, it sent signals to the Natanz control room indicating that everything downstairs was operating normally. “This may have been the most brilliant part of the code,” one American official said.

Later, word circulated through the International Atomic Energy Agency, the Vienna-based nuclear watchdog, that the Iranians had grown so distrustful of their own instruments that they had assigned people to sit in the plant and radio back what they saw.

“The intent was that the failures should make them feel they were stupid, which is what happened,” the participant in the attacks said. When a few centrifuges failed, the Iranians would close down whole “stands” that linked 164 machines, looking for signs of sabotage in all of them. “They overreacted,” one official said. “We soon discovered they fired people.”

Imagery recovered by nuclear inspectors from cameras at Natanz — which the nuclear agency uses to keep track of what happens between visits — showed the results. There was some evidence of wreckage, but it was clear that the Iranians had also carted away centrifuges that had previously appeared to be working well.

But by the time Mr. Bush left office, no wholesale destruction had been accomplished. Meeting with Mr. Obama in the White House days before his inauguration, Mr. Bush urged him to preserve two classified programs, Olympic Games and the drone program in Pakistan. Mr. Obama took Mr. Bush’s advice.

The Stuxnet Surprise

Mr. Obama came to office with an interest in cyberissues, but he had discussed them during the campaign mostly in terms of threats to personal privacy and the risks to infrastructure like the electrical grid and the air traffic control system. He commissioned a major study on how to improve America’s defenses and announced it with great fanfare in the East Room.

What he did not say then was that he was also learning the arts of cyberwar. The architects of Olympic Games would meet him in the Situation Room, often with what they called the “horse blanket,” a giant foldout schematic diagram of Iran’s nuclear production facilities. Mr. Obama authorized the attacks to continue, and every few weeks — certainly after a major attack — he would get updates and authorize the next step. Sometimes it was a strike riskier and bolder than what had been tried previously.

“From his first days in office, he was deep into every step in slowing the Iranian program — the diplomacy, the sanctions, every major decision,” a senior administration official said. “And it’s safe to say that whatever other activity might have been under way was no exception to that rule.”

But the good luck did not last. In the summer of 2010, shortly after a new variant of the worm had been sent into Natanz, it became clear that the worm, which was never supposed to leave the Natanz machines, had broken free, like a zoo animal that found the keys to the cage. It fell to Mr. Panetta and two other crucial players in Olympic Games — General Cartwright, the vice chairman of the Joint Chiefs of Staff, and Michael J. Morell, the deputy director of the C.I.A. — to break the news to Mr. Obama and Mr. Biden.

An error in the code, they said, had led it to spread to an engineer’s computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world. Suddenly, the code was exposed, though its intent would not be clear, at least to ordinary computer users.

“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”

Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”

In fact, both the Israelis and the Americans had been aiming for a particular part of the centrifuge plant, a critical area whose loss, they had concluded, would set the Iranians back considerably. It is unclear who introduced the programming error.

The question facing Mr. Obama was whether the rest of Olympic Games was in jeopardy, now that a variant of the bug was replicating itself “in the wild,” where computer security experts can dissect it and figure out its purpose.

“I don’t think we have enough information,” Mr. Obama told the group that day, according to the officials. But in the meantime, he ordered that the cyberattacks continue. They were his best hope of disrupting the Iranian nuclear program unless economic sanctions began to bite harder and reduced Iran’s oil revenues.

Within a week, another version of the bug brought down just under 1,000 centrifuges. Olympic Games was still on.

A Weapon’s Uncertain Future

American cyberattacks are not limited to Iran, but the focus of attention, as one administration official put it, “has been overwhelmingly on one country.” There is no reason to believe that will remain the case for long. Some officials question why the same techniques have not been used more aggressively against North Korea. Others see chances to disrupt Chinese military plans, forces in Syria on the way to suppress the uprising there, and Qaeda operations around the world. “We’ve considered a lot more attacks than we have gone ahead with,” one former intelligence official said.

Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.

This article is adapted from “Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power,”

[thinbl...@gmail.com]

On Monday, July 8, 2013 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information
>
>
>
> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.
>

> Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program--dubbed "Olympic Games" by the CIA--including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting--one man's hard-won scoop is another man's "official leak"--but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.

>
>
>
> -----------------------------------------------------------------------------
>
>
>
> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.
>
> Mr. Obama decided to accelerate the attacks -- begun in the Bush administration and code-named Olympic Games -- even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran's Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

>
> At a tense meeting in the White House Situation Room within days of the worm's "escape," Mr. Obama, Vice President Joseph R. Biden Jr. and the director of the Central Intelligence Agency at the time, Leon E. Panetta, considered whether America's most ambitious attempt to slow the progress of Iran's nuclear efforts had been fatally compromised.
>
> "Should we shut this thing down?" Mr. Obama asked, according to members of the president's national security team who were in the room.
>
> Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.
>
> This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts. None would allow their names to be used because the effort remains highly classified, and parts of it continue to this day.
>
> These officials gave differing assessments of how successful the sabotage program was in slowing Iran's progress toward developing the ability to build nuclear weapons. Internal Obama administration estimates say the effort was set back by 18 months to two years, but some experts inside and outside the government are more skeptical, noting that Iran's enrichment levels have steadily recovered, giving the country enough fuel today for five or more weapons, with additional enrichment.
>
> Whether Iran is still trying to design and build a weapon is in dispute. The most recent United States intelligence estimate concludes that Iran suspended major parts of its weaponization effort after 2003, though there is evidence that some remnants of it continue.
>
> Iran initially denied that its enrichment facilities had been hit by Stuxnet, then said it had found the worm and contained it. Last year, the nation announced that it had begun its own military cyberunit, and Brig. Gen. Gholamreza Jalali, the head of Iran's Passive Defense Organization, said that the Iranian military was prepared "to fight our enemies" in "cyberspace and Internet warfare." But there has been scant evidence that it has begun to strike back.
>
> The United States government only recently acknowledged developing cyberweapons, and it has never admitted using them. There have been reports of one-time attacks against personal computers used by members of Al Qaeda, and of contemplated attacks against the computers that run air defense systems, including during the NATO-led air attack on Libya last year. But Olympic Games was of an entirely different type and sophistication.
>
> It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country's infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives. The code itself is 50 times as big as the typical computer worm, Carey Nachenberg, a vice president of Symantec, one of the many groups that have dissected the code, said at a symposium at Stanford University in April. Those forensic investigations into the inner workings of the code, while picking apart how it worked, came to no conclusions about who was responsible.
>
> A similar process is now under way to figure out the origins of another cyberweapon called Flame that was recently discovered to have attacked the computers of Iranian officials, sweeping up information from those machines. But the computer code appears to be at least five years old, and American officials say that it was not part of Olympic Games. They have declined to say whether the United States was responsible for the Flame attack.
>

> Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade. He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons -- even under the most careful and limited circumstances -- could enable other countries, terrorists or hackers to justify their own attacks.

>
> "We discussed the irony, more than once," one of his aides said. Another said that the administration was resistant to developing a "grand theory for a weapon whose possibilities they were still discovering." Yet Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.
>
> If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work. Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.
>
> A Bush Initiative
>
> The impetus for Olympic Games dates from 2006, when President George W. Bush saw few good options in dealing with Iran. At the time, America's European allies were divided about the cost that imposing sanctions on Iran would have on their own economies. Having falsely accused Saddam Hussein of reconstituting his nuclear program in Iraq, Mr. Bush had little credibility in publicly discussing another nation's nuclear ambitions. The Iranians seemed to sense his vulnerability, and, frustrated by negotiations, they resumed enriching uranium at an underground site at Natanz, one whose existence had been exposed just three years before.
>

> Iran's president, Mahmoud Ahmadinejad, took reporters on a tour of the plant and described grand ambitions to install upward of 50,000 centrifuges. For a country with only one nuclear power reactor -- whose fuel comes from Russia -- to say that it needed fuel for its civilian nuclear program seemed dubious to Bush administration officials. They feared that the fuel could be used in another way besides providing power: to create a stockpile that could later be enriched to bomb-grade material if the Iranians made a political decision to do so.

>
> Hawks in the Bush administration like Vice President Dick Cheney urged Mr. Bush to consider a military strike against the Iranian nuclear facilities before they could produce fuel suitable for a weapon. Several times, the administration reviewed military options and concluded that they would only further inflame a region already at war, and would have uncertain results.
>

> For years the C.I.A. had introduced faulty parts and designs into Iran's systems -- even tinkering with imported power supplies so that they would blow up -- but the sabotage had had relatively little effect. General James E. Cartwright, who had established a small cyberoperation inside the United States Strategic Command, which is responsible for many of America's nuclear forces, joined intelligence officials in presenting a radical new idea to Mr. Bush and his national security team. It involved a far more sophisticated cyberweapon than the United States had designed before.
>
> The goal was to gain access to the Natanz plant's industrial computer controls. That required leaping the electronic moat that cut the Natanz plant off from the Internet -- called the air gap, because it physically separates the facility from the outside world. The computer code would invade the specialized computers that command the centrifuges.

>
> The first stage in the effort was to develop a bit of computer code called a beacon that could be inserted into the computers, which were made by the German company Siemens and an Iranian manufacturer, to map their operations. The idea was to draw the equivalent of an electrical blueprint of the Natanz plant, to understand how the computers control the giant silvery centrifuges that spin at tremendous speeds. The connections were complex, and unless every circuit was understood, efforts to seize control of the centrifuges could fail.
>

> Eventually the beacon would have to "phone home" -- literally send a message back to the headquarters of the National Security Agency that would describe the structure and daily rhythms of the enrichment plant. Expectations for the plan were low; one participant said the goal was simply to "throw a little sand in the gears" and buy some time. Mr. Bush was skeptical, but lacking other options, he authorized the effort.

>
> Breakthrough, Aided by Israel
>
> It took months for the beacons to do their work and report home, complete with maps of the electronic directories of the controllers and what amounted to blueprints of how they were connected to the centrifuges deep underground.
>
> Then the N.S.A. and a secret Israeli unit respected by American intelligence officials for its cyberskills set to work developing the enormously complex computer worm that would become the attacker from within.
>
> The unusually tight collaboration with Israel was driven by two imperatives. Israel's Unit 8200, a part of its military, had technical expertise that rivaled the N.S.A.'s, and the Israelis had deep intelligence about operations at Natanz that would be vital to making the cyberattack a success. But American officials had another interest, to dissuade the Israelis from carrying out their own pre-emptive strike against the Iranian nuclear facilities. To do that, the Israelis would have to be convinced that the new line of attack was working. The only way to convince them, several officials said in interviews, was to have them deeply involved in every aspect of the program.
>
> Soon the two countries had developed a complex worm that the Americans called "the bug." But the bug needed to be tested. So, under enormous secrecy, the United States began building replicas of Iran's P-1 centrifuges, an aging, unreliable design that Iran purchased from Abdul Qadeer Khan, the Pakistani nuclear chief who had begun selling fuel-making technology on the black market. Fortunately for the United States, it already owned some P-1s, thanks to the Libyan dictator, Col. Muammar el-Qaddafi.
>
> When Colonel Qaddafi gave up his nuclear weapons program in 2003, he turned over the centrifuges he had bought from the Pakistani nuclear ring, and they were placed in storage at a weapons laboratory in Tennessee. The military and intelligence officials overseeing Olympic Games borrowed some for what they termed "destructive testing," essentially building a virtual replica of Natanz, but spreading the test over several of the Energy Department's national laboratories to keep even the most trusted nuclear workers from figuring out what was afoot.
>
> Those first small-scale tests were surprisingly successful: the bug invaded the computers, lurking for days or weeks, before sending instructions to speed them up or slow them down so suddenly that their delicate parts, spinning at supersonic speeds, self-destructed. After several false starts, it worked. One day, toward the end of Mr. Bush's term, the rubble of a centrifuge was spread out on the conference table in the Situation Room, proof of the potential power of a cyberweapon. The worm was declared ready to test against the real target: Iran's underground enrichment plant.
>
> "Previous cyberattacks had effects limited to other computers," Michael V. Hayden, the former chief of the C.I.A., said, declining to describe what he knew of these attacks when he was in office. "This is the first attack of a major nature in which a cyberattack was used to effect physical destruction," rather than just slow another computer, or hack into it to steal data.
>
> "Somebody crossed the Rubicon," he said.
>

> Getting the worm into Natanz, however, was no easy trick. The United States and Israel would have to rely on engineers, maintenance workers and others -- both spies and unwitting accomplices -- with physical access to the plant. "That was our holy grail," one of the architects of the plan said. "It turns out there is always an idiot around who doesn't think much about the thumb drive in their hand."

>
> In fact, thumb drives turned out to be critical in spreading the first variants of the computer worm; later, more sophisticated methods were developed to deliver the malicious code.
>
> The first attacks were small, and when the centrifuges began spinning out of control in 2008, the Iranians were mystified about the cause, according to intercepts that the United States later picked up. "The thinking was that the Iranians would blame bad parts, or bad engineering, or just incompetence," one of the architects of the early attack said.
>
> The Iranians were confused partly because no two attacks were exactly alike. Moreover, the code would lurk inside the plant for weeks, recording normal operations; when it attacked, it sent signals to the Natanz control room indicating that everything downstairs was operating normally. "This may have been the most brilliant part of the code," one American official said.
>
> Later, word circulated through the International Atomic Energy Agency, the Vienna-based nuclear watchdog, that the Iranians had grown so distrustful of their own instruments that they had assigned people to sit in the plant and radio back what they saw.
>
> "The intent was that the failures should make them feel they were stupid, which is what happened," the participant in the attacks said. When a few centrifuges failed, the Iranians would close down whole "stands" that linked 164 machines, looking for signs of sabotage in all of them. "They overreacted," one official said. "We soon discovered they fired people."
>

> Imagery recovered by nuclear inspectors from cameras at Natanz -- which the nuclear agency uses to keep track of what happens between visits -- showed the results. There was some evidence of wreckage, but it was clear that the Iranians had also carted away centrifuges that had previously appeared to be working well.

>
> But by the time Mr. Bush left office, no wholesale destruction had been accomplished. Meeting with Mr. Obama in the White House days before his inauguration, Mr. Bush urged him to preserve two classified programs, Olympic Games and the drone program in Pakistan. Mr. Obama took Mr. Bush's advice.
>
> The Stuxnet Surprise
>
> Mr. Obama came to office with an interest in cyberissues, but he had discussed them during the campaign mostly in terms of threats to personal privacy and the risks to infrastructure like the electrical grid and the air traffic control system. He commissioned a major study on how to improve America's defenses and announced it with great fanfare in the East Room.
>

> What he did not say then was that he was also learning the arts of cyberwar. The architects of Olympic Games would meet him in the Situation Room, often with what they called the "horse blanket," a giant foldout schematic diagram of Iran's nuclear production facilities. Mr. Obama authorized the attacks to continue, and every few weeks -- certainly after a major attack -- he would get updates and authorize the next step. Sometimes it was a strike riskier and bolder than what had been tried previously.
>
> "From his first days in office, he was deep into every step in slowing the Iranian program -- the diplomacy, the sanctions, every major decision," a senior administration official said. "And it's safe to say that whatever other activity might have been under way was no exception to that rule."
>
> But the good luck did not last. In the summer of 2010, shortly after a new variant of the worm had been sent into Natanz, it became clear that the worm, which was never supposed to leave the Natanz machines, had broken free, like a zoo animal that found the keys to the cage. It fell to Mr. Panetta and two other crucial players in Olympic Games -- General Cartwright, the vice chairman of the Joint Chiefs of Staff, and Michael J. Morell, the deputy director of the C.I.A. -- to break the news to Mr. Obama and Mr. Biden.

>
> An error in the code, they said, had led it to spread to an engineer's computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world. Suddenly, the code was exposed, though its intent would not be clear, at least to ordinary computer users.
>
> "We think there was a modification done by the Israelis," one of the briefers told the president, "and we don't know if we were part of that activity."
>
> Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. "It's got to be the Israelis," he said. "They went too far."
>
> In fact, both the Israelis and the Americans had been aiming for a particular part of the centrifuge plant, a critical area whose loss, they had concluded, would set the Iranians back considerably. It is unclear who introduced the programming error.
>
> The question facing Mr. Obama was whether the rest of Olympic Games was in jeopardy, now that a variant of the bug was replicating itself "in the wild," where computer security experts can dissect it and figure out its purpose.
>
> "I don't think we have enough information," Mr. Obama told the group that day, according to the officials. But in the meantime, he ordered that the cyberattacks continue. They were his best hope of disrupting the Iranian nuclear program unless economic sanctions began to bite harder and reduced Iran's oil revenues.
>
> Within a week, another version of the bug brought down just under 1,000 centrifuges. Olympic Games was still on.
>
> A Weapon's Uncertain Future
>
> American cyberattacks are not limited to Iran, but the focus of attention, as one administration official put it, "has been overwhelmingly on one country." There is no reason to believe that will remain the case for long. Some officials question why the same techniques have not been used more aggressively against North Korea. Others see chances to disrupt Chinese military plans, forces in Syria on the way to suppress the uprising there, and Qaeda operations around the world. "We've considered a lot more attacks than we have gone ahead with," one former intelligence official said.
>

> Mr. Obama has repeatedly told his aides that there are risks to using -- and particularly to overusing -- the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.

>
> This article is adapted from "Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power,"

"Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon" by Kim Zetter


Prologue - The Case of the Centrifuges



It was January 2010 when officials with the International Atomic Energy Agency (IAEA), the United Nations body charged with monitoring Iran's nuclear program, first began to notice something unusual happening at the uranium enrichment plant outside Natanz in central Iran.

Inside the facility's large centrifuge hall, buried like a bunker more than fifty feet beneath the desert surface, thousands of gleaming aluminum centrifuges were spinning at supersonic speed, enriching uranium hexafluoride gas as they had been for nearly two years. But over the last weeks, workers at the plant had been removing batches of centrifuges and replacing them with new ones. And they were doing so at a startling rate.

At Natanz each centrifuge, known as an IR-1, has a life expectancy of about ten years. But the devices are fragile and prone to break easily. Even under normal conditions, Iran has to replace up to 10 percent of the centrifuges each year due to material defects, maintenance issues, and worker accidents.

In November 2009, Iran had about 8,700 centrifuges installed at Natanz, so it would have been perfectly normal to see technicians decommission about 800 of them over the course of the year as the devices failed for one reason or another. But as IAEA officials added up the centrifuges removed over several weeks in December 2009 and early January, they realized that Iran was plowing through them at an unusual rate.

Inspectors with the IAEA's Department of Safeguards visited Natanz an average of twice a month--sometimes by appointment, sometimes unannounced--to track Iran's enrichment activity and progress. Anytime workers at the plant decommissioned damaged or otherwise unusable centrifuges, they were required to line them up in a control area just inside the door of the centrifuge rooms until IAEA inspectors arrived at their next visit to examine them. The inspectors would run a handheld gamma spectrometer around each centrifuge to ensure that no nuclear material was being smuggled out in them, then approve the centrifuges for removal, making note in reports sent back to IAEA headquarters in Vienna of the number that were decommissioned each time.

IAEA digital surveillance cameras, installed outside the door of each centrifuge room to monitor Iran's enrichment activity, captured the technicians scurrying about in their white lab coats, blue plastic booties on their feet, as they trotted out the shiny cylinders one by one, each about six feet long and about half a foot in diameter. The workers, by agreement with the IAEA, had to cradle the delicate devices in their arms, wrapped in plastic sleeves or in open boxes, so the cameras could register each item as it was removed from the room.

The surveillance cameras, which weren't allowed inside the centrifuge rooms, stored the images for later perusal. Each time inspectors visited Natanz, they examined the recorded images to ensure that Iran hadn't removed additional centrifuges or done anything else prohibited during their absence. But as weeks passed and the inspectors sent their reports back to Vienna, officials there realized that the number of centrifuges being removed far exceeded what was normal.

Officially, the IAEA won't say how many centrifuges Iran replaced during this period. But news reports quoting European "diplomats" put the number at 900 to 1,000. A former top IAEA official, however, thinks the actual number was much higher. "My educated guess is that 2,000 were damaged," says Olli Heinonen, who was deputy director of the Safeguards Division until he resigned in October 2010.

Whatever the number, it was clear that something was wrong with the devices. Unfortunately, Iran wasn't required to tell inspectors why they had replaced them, and, officially, the IAEA inspectors had no right to ask. The agency's mandate was to monitor what happened to uranium at the enrichment plant, not keep track of failed equipment.

What the inspectors didn't know was that the answer to their question was right beneath their noses, buried in the bits and memory of the computers in Natanz's industrial control room. Months earlier, in June 2009, someone had quietly unleashed a destructive digital warhead on computers in Iran, where it had silently slithered its way into critical systems at Natanz, all with a single goal in mind--to sabotage Iran's uranium enrichment program and prevent President Mahmoud Ahmadinejad from building a nuclear bomb.

The answer was there at Natanz, but it would be nearly a year before the inspectors would obtain it, and even then it would come only after more than a dozen computer security experts around the world spent months deconstructing what would ultimately become known as one of the most sophisticated viruses ever discovered--a piece of software so unique it would make history as the world's first digital weapon and the first shot across the bow announcing the age of digital warfare.


http://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/077043617X
https://anonfiles.com/file/43dfd4b18d7f303bcc46a137356ea075

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information
>
>
>
> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.
>

> Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program--dubbed "Olympic Games" by the CIA--including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting--one man's hard-won scoop is another man's "official leak"--but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.

>
>
>
> -----------------------------------------------------------------------------
>
>
>
> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.



> Mr. Obama decided to accelerate the attacks -- begun in the Bush administration and code-named Olympic Games -- even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran's Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.


> Mr. Obama has repeatedly told his aides that there are risks to using -- and particularly to overusing -- the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.



The Digital Arms Race - NSA Preps America for Future Battle
Jacob Appelbaum, Aaron Gibson, Claudio Guarnieri, Andy Müller-Maguhn, Laura Poitras, Marcel Rosenbach, Leif Ryge, Hilmar Schmundt and Michael Sontheimer
01/17/2015
http://www.spiegel.de/international/world/new-snowden-docs-indicate-scope-of-nsa-preparations-for-cyber-battle-a-1013409.html



The NSA's mass surveillance is just the beginning. Documents from Edward Snowden show that the intelligence agency is arming America for future digital wars -- a struggle for control of the Internet that is already well underway.

Normally, internship applicants need to have polished resumes, with volunteer work on social projects considered a plus. But at Politerain, the job posting calls for candidates with significantly different skill sets. We are, the ad says, "looking for interns who want to break things."

Politerain is not a project associated with a conventional company. It is run by a US government intelligence organization, the National Security Agency (NSA). More precisely, it's operated by the NSA's digital snipers with Tailored Access Operations (TAO), the department responsible for breaking into computers.

Potential interns are also told that research into third party computers might include plans to "remotely degrade or destroy opponent computers, routers, servers and network enabled devices by attacking the hardware." Using a program called Passionatepolka, for example, they may be asked to "remotely brick network cards." With programs like Berserkr they would implant "persistent backdoors" and "parasitic drivers". Using another piece of software called Barnfire, they would "erase the BIOS on a brand of servers that act as a backbone to many rival governments."

An intern's tasks might also include remotely destroying the functionality of hard drives. Ultimately, the goal of the internship program was "developing an attacker's mindset."

The internship listing is eight years old, but the attacker's mindset has since become a kind of doctrine for the NSA's data spies. And the intelligence service isn't just trying to achieve mass surveillance of Internet communication, either. The digital spies of the Five Eyes alliance -- comprised of the United States, Britain, Canada, Australia and New Zealand -- want more.

The Birth of D Weapons

According to top secret documents from the archive of NSA whistleblower Edward Snowden seen exclusively by SPIEGEL, they are planning for wars of the future in which the Internet will play a critical role, with the aim of being able to use the net to paralyze computer networks and, by doing so, potentially all the infrastructure they control, including power and water supplies, factories, airports or the flow of money.

During the 20th century, scientists developed so-called ABC weapons -- atomic, biological and chemical. It took decades before their deployment could be regulated and, at least partly, outlawed. New digital weapons have now been developed for the war on the Internet. But there are almost no international conventions or supervisory authorities for these D weapons, and the only law that applies is the survival of the fittest.

Canadian media theorist Marshall McLuhan foresaw these developments decades ago. In 1970, he wrote, "World War III is a guerrilla information war with no division between military and civilian participation." That's precisely the reality that spies are preparing for today.

The US Army, Navy, Marines and Air Force have already established their own cyber forces, but it is the NSA, also officially a military agency, that is taking the lead. It's no coincidence that the director of the NSA also serves as the head of the US Cyber Command. The country's leading data spy, Admiral Michael Rogers, is also its chief cyber warrior and his close to 40,000 employees are responsible for both digital spying and destructive network attacks.

Surveillance only 'Phase 0'

From a military perspective, surveillance of the Internet is merely "Phase 0" in the US digital war strategy. Internal NSA documents indicate that it is the prerequisite for everything that follows. They show that the aim of the surveillance is to detect vulnerabilities in enemy systems. Once "stealthy implants" have been placed to infiltrate enemy systems, thus allowing "permanent accesses," then Phase Three has been achieved -- a phase headed by the word "dominate" in the documents. This enables them to "control/destroy critical systems & networks at will through pre-positioned accesses (laid in Phase 0)." Critical infrastructure is considered by the agency to be anything that is important in keeping a society running: energy, communications and transportation. The internal documents state that the ultimate goal is "real time controlled escalation".

One NSA presentation proclaims that "the next major conflict will start in cyberspace." To that end, the US government is currently undertaking a massive effort to digitally arm itself for network warfare. For the 2013 secret intelligence budget, the NSA projected it would need around $1 billion in order to increase the strength of its computer network attack operations. The budget included an increase of some $32 million for "unconventional solutions" alone.

In recent years, malware has emerged that experts have attributed to the NSA and its Five Eyes alliance based on a number of indicators. They include programs like Stuxnet, used to attack the Iranian nuclear program. Or Regin, a powerful spyware trojan that created a furor in Germany after it infected the USB stick of a high-ranking staffer to Chancellor Angela Merkel. Agents also used Regin in attacks against the European Commission, the EU's executive, and Belgian telecoms company Belgacom in 2011.

Given that spies can routinely break through just about any security software, virtually all Internet users are at risk of a data attack.

The new documents shed some new light on other revelations as well. Although an attack called Quantuminsert has been widely reported by SPIEGEL and others, documentation shows that in reality it has a low success rate and it has likely been replaced by more reliable attacks such as Quantumdirk, which injects malicious content into chat services provided by websites such as Facebook and Yahoo. And computers infected with Straitbizarre can be turned into disposable and non-attributable "shooter" nodes. These nodes can then receive messages from the NSA's Quantum network, which is used for "command and control for very large scale active exploitation and attack." The secret agents were also able to breach mobile phones by exploiting a vulnerability in the Safari browser in order to obtain sensitive data and remotely implant malicious code.

In this guerilla war over data, little differentiation is made between soldiers and civilians, the Snowden documents show. Any Internet user could suffer damage to his or her data or computer. It also has the potential to create perils in the offline world as well. If, for example, a D weapon like Barnfire were to destroy or "brick" the control center of a hospital as a result of a programming error, people who don't even own a mobile phone could be affected.

Intelligence agencies have adopted "plausible deniability" as their guiding principle for Internet operations. To ensure their ability to do so, they seek to make it impossible to trace the author of the attack.

It's a stunning approach with which the digital spies deliberately undermine the very foundations of the rule of law around the globe. This approach threatens to transform the Internet into a lawless zone in which superpowers and their secret services operate according to their own whims with very few ways to hold them accountable for their actions.

Attribution is difficult and requires considerable forensic effort. But in the new documents there are at least a few pointers. Querty, for example, is a keylogger that was part of the Snowden archive. It's a piece of software designed to surreptitiously intercept all keyboard keys pressed by the victim and record them for later inspection. It is an ordinary, indeed rather dated, keylogger. Similar software can already be found in numerous applications, so it doesn't seem to pose any acute danger -- but the sourcecode contained in it does reveal some interesting details. They suggest that this keylogger might be part of the large arsenal of modules that that belong to the Warriorpride program, a kind of universal Esperanto software used by all the Five Eyes partner agencies that at times was even able to break into iPhones, among other capabilities. The documents published by SPIEGEL include sample code from the keylogger to foster further research and enable the creation of appropriate defenses.

'Just a Bunch of Hackers'

The men and women working for the Remote Operations Center (ROC), which uses the codename S321, at the agency's headquarters in Fort Meade, Maryland, work on one of the NSA's most crucial teams, the unit responsible for covert operations. S321 employees are located on the third floor of one of the main buildings on the NSA's campus. In one report from the Snowden archive, an NSA man reminisces about how, when they got started, the ROC people were "just a bunch of hackers." Initially, people worked "in a more ad hoc manner," the report states. Nowadays, however, procedures are "more systematic". Even before NSA management massively expanded the ROC group during the summer of 2005, the department's motto was, "Your data is our data, your equipment is our equipment."

The agents sit in front of their monitors, working in shifts around the clock. Just how close the NSA has already gotten to its aim of "global network dominance" is illustrated particularly well by the work of department S31177, codenamed Transgression.

The department's task is to trace foreign cyber attacks, observe and analyze them and, in the best case scenario, to siphon off the insights of competing intelligence agencies. This form of "Cyber Counter Intelligence" counts among the most delicate forms of modern spying.


How the NSA Reads Over Shoulders of Other Spies
In addition to providing a view of the US's own ability to conduct digital attacks, Snowden's archive also reveals the capabilities of other countries. The Transgression team has access to years of preliminary field work and experience at its disposal, including databases in which malware and network attacks from other countries are cataloged.

The Snowden documents show that the NSA and its Five Eyes partners have put numerous network attacks waged by other countries to their own use in recent years. One 2009 document states that the department's remit is to "discover, understand (and) evaluate" foreign attacks. Another document reads: "Steal their tools, tradecraft, targets and take."

In 2009, an NSA unit took notice of a data breach affecting workers at the US Department of Defense. The department traced an IP address in Asia that functioned as the command center for the attack. By the end of their detective work, the Americans succeeded not only in tracing the attack's point of origin to China, but also in tapping intelligence information from other Chinese attacks -- including data that had been stolen from the United Nations. Afterwards, NSA workers in Fort Meade continued to read over their shoulders as the Chinese secretly collected further internal UN data. "NSA is able to tap into Chinese SIGINT collection," a report on the success in 2011 stated. SIGINT is short for signals intelligence.

The practice of letting other intelligence services do the dirty work and then tapping their results is so successful that the NSA even has a name for it: "Fourth Party Collection." And all countries that aren't part of the Five Eye alliance are considered potential targets for use of this "non-traditional" technique -- even Germany.

'Difficult To Track, Difficult To Target'

The Snowden documents show that, thanks to fourth party collection, the NSA succeeded in detecting numerous incidents of data spying over the past 10 years, with many attacks originating from China and Russia. It also enabled the Tailored Access Operations (TAO) to track down the IP address of the control server used by China and, from there, to detect the people responsible inside the Peoples' Liberation Army. It wasn't easy, the NSA spies noted. The Chinese had apparently used changing IP addresses, making them "difficult to track; difficult to target." In the end, though, the document states, they succeeded in exploiting a central router.

The document suggests that things got more challenging when the NSA sought to turn the tables and go after the attacker. Only after extensive "wading through uninteresting data" did they finally succeed in infiltrating the computer of a high-ranking Chinese military official and accessing information regarding targets in the US government and in other governments around the world. They also were able to access sourcecode for Chinese malware.

But there have also been successful Chinese operations. The Snowden documents include an internal NSA assessment from a few years ago of the damage caused. The report indicates that the US Defense Department alone registered more than 30,000 known incidents; more than 1,600 computers connected to its network had been hacked. Surprisingly high costs are listed for damage assessment and network repair: more than $100 million.

Among the data on "sensitive military technologies" hit in the attack were air refueling schedules, the military logistics planning system, missile navigation systems belonging to the Navy, information about nuclear submarines, missile defense and other top secret defense projects.

The desire to know everything isn't, of course, an affliction only suffered by the Chinese, Americans, Russians and British. Years ago, US agents discovered a hacking operation originating in Iran in a monitoring operation that was codenamed Voyeur. A different wave of attacks, known as Snowglobe, appears to have originated in France.

Transforming Defenses into Attacks

The search for foreign cyber attacks has long since been largely automated by the NSA and its Five Eyes partners. The Tutelage system can identify incursions and ensure that they do not reach their targets.

The examples given in the Snowden documents are not limited to attacks originating in China. The relatively primitive Low Orbit Ion Cannon (LOIC) is also mentioned. The name refers to malware used by the protest movement Anonymous to disable target websites. In that instance, one document notes, Tutelage was able to recognize and block the IP addresses being used to conduct the denial of service attack.

The NSA is also able to transform its defenses into an attack of its own. The method is described as "reverse engineer, repurpose software" and involves botnets, sometimes comprising millions of computers belonging to normal users onto which software has been covertly installed. They can thus be controlled remotely as part of a "zombie army" to paralyze companies or to extort them. If the infected hosts appear to be within the United States, the relevant information will be forwarded to the FBI Office of Victim Assistance. However, a host infected with an exploitable bot could be hijacked through a Quantumbot attack and redirected to the NSA. This program is identified in NSA documents as Defiantwarrior and it is said to provide advantages such as "pervasive network analysis vantage points" and "throw-away non-attributable CNA (eds: computer network attack) nodes". This system leaves people's computers vulnerable and covertly uses them for network operations that might be traced back to an innocent victim. Instead of providing protection to private Internet users, Quantumbot uses them as human shields in order to disguise its own attacks.

NSA specialists at the Remote Operations Center (ROC) have an entire palette of digital skeleton keys and crowbars enabling access to even the best protected computer networks. They give their tools aggressive-sounding names, as though they were operating an app-store for cyber criminals: The implant tool "Hammerchant" allows the recording of Internet-based phone calls (VoIP). Foxacid allows agents to continually add functions to small malware programs even after they have been installed in target computers. The project's logo is a fox that screams as it is dissolved in acid. The NSA has declined to comment on operational details but insists that it has not violated the law.

But as well developed as the weapons of digital war may be, there is a paradox lurking when it comes to breaking into and spying on third party networks: How can intelligence services be sure that they won't become victims of their own methods and be infiltrated by private hackers, criminals or other intelligence services, for example?

To control their malware, the Remote Operation Center operatives remain connected to them via their own shadow network, through which highly sensitive telephone recordings, malware programs and passwords travel.

The incentive to break into this network is enormous. Any collection of VPN keys, passwords and backdoors is obviously of very high value. Those who possess such passwords and keys could theoretically pillage bank accounts, thwart military deployments, clone fighter jets and shut down power plants. It means nothing less than "global network dominance".

But the intelligence world is a schizophrenic one. The NSA's job is to defend the Internet while at the same time exploiting its security holes. It is both cop and robber, consistent with the motto adhered to by spies everywhere: "Reveal their secrets, protect our own."

As a result, some hacked servers are like a bus during rush hour, with people constantly coming and going. The difference, though, is that the server's owner has no idea anyone is there. And the presumed authorities stand aside and do nothing.

'Unwitting Data Mules'

It's absurd: As they are busy spying, the spies are spied on by other spies. In response, they routinely seek to cover their tracks or to lay fake ones instead. In technical terms, the ROC lays false tracks as follows: After third-party computers are infiltrated, the process of exfiltration can begin -- the act of exporting the data that has been gleaned. But the loot isn't delivered directly to ROC's IP address. Rather, it is routed to a so-called Scapegoat Target. That means that stolen information could end up on someone else's servers, making it look as though they were the perpetrators.

Before the data ends up at the Scapegoat Target, of course, the NSA intercepts and copies it using its mass surveillance infrastructure and sends it on to the ROC. But such cover-up tactics increase the risk of a controlled or uncontrolled escalation between the agencies involved.

It's not just computers, of course, that can be systematically broken into, spied on or misused as part of a botnet. Mobile phones can also be used to steal information from the owner's employer. The unwitting victim, whose phone has been infected with a spy program, smuggles the information out of the office. The information is then retrieved remotely as the victim heads home after work. Digital spies have even adopted drug-dealer slang in referring to these unsuspecting accomplices. They are called "unwitting data mules."

NSA agents aren't concerned about being caught. That's partly because they work for such a powerful agency, but also because they don't leave behind any evidence that would hold up in court. And if there is no evidence of wrongdoing, there can be no legal penalty, no parliamentary control of intelligence agencies and no international agreement. Thus far, very little is known about the risks and side-effects inherent in these new D weapons and there is almost no government regulation.

Edward Snowden has revealed how intelligence agencies around the world, led by the NSA, are doing their best to ensure a legal vacuum in the Internet. In a recent interview with the US public broadcaster PBS, the whistleblower voiced his concerns that "defense is becoming less of a priority than offense."

Snowden finds that concerning. "What we need to do," he said, "is we need to create new international standards of behavior."

By Jacob Appelbaum, Aaron Gibson, Claudio Guarnieri, Andy Müller-Maguhn, Laura Poitras, Marcel Rosenbach, Leif Ryge, Hilmar Schmundt and Michael Sontheimer

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information


> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.

> Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program--dubbed "Olympic Games" by the CIA--including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting--one man's hard-won scoop is another man's "official leak"--but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.

> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.


> Mr. Obama decided to accelerate the attacks -- begun in the Bush administration and code-named Olympic Games -- even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran's Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

> Mr. Obama has repeatedly told his aides that there are risks to using -- and particularly to overusing -- the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.






U.S. tried Stuxnet-style campaign against North Korea but failed
JOSEPH MENN May 29, 2015
http://www.reuters.com/article/2015/05/29/us-usa-northkorea-stuxnet-idUSKBN0OE2DM20150529



The United States tried to deploy a version of the Stuxnet computer virus to attack North Korea's nuclear weapons program five years ago but ultimately failed, according to people familiar with the covert campaign.

The operation began in tandem with the now-famous Stuxnet attack that sabotaged Iran's nuclear program in 2009 and 2010 by destroying a thousand or more centrifuges that were enriching uranium. Reuters and others have reported that the Iran attack was a joint effort by U.S. and Israeli forces.

According to one U.S. intelligence source, Stuxnet's developers produced a related virus that would be activated when it encountered Korean-language settings on an infected machine.

But U.S. agents could not access the core machines that ran Pyongyang's nuclear weapons program, said another source, a former high-ranking intelligence official who was briefed on the program.

The official said the National Security Agency-led campaign was stymied by North Korea's utter secrecy, as well as the extreme isolation of its communications systems. A third source, also previously with U.S. intelligence, said he had heard about the failed cyber attack but did not know details.

North Korea has some of the most isolated communications networks in the world. Just owning a computer requires police permission, and the open Internet is unknown except to a tiny elite. The country has one main conduit for Internet connections to the outside world, through China.

In contrast, Iranians surfed the Net broadly and had interactions with companies from around the globe.

A spokeswoman for the NSA declined to comment for this story. The spy agency has previously declined to comment on the Stuxnet attack against Iran.

The United States has launched many cyber espionage campaigns, but North Korea is only the second country, after Iran, that the NSA is now known to have targeted with software designed to destroy equipment.

Washington has long expressed concerns about Pyongyang's nuclear program, which it says breaches international agreements. North Korea has been hit with sanctions because of its nuclear and missile tests, moves that Pyongyang sees as an attack on its sovereign right to defend itself.

U.S. Secretary of State John Kerry said last week that Washington and Beijing were discussing imposing further sanctions on North Korea, which he said was "not even close" to taking steps to end its nuclear program.

SIEMENS SOFTWARE

Experts in nuclear programs said there are similarities between North Korea and Iran's operations, and the two countries continue to collaborate on military technology.

Both countries use a system with P-2 centrifuges, obtained by Pakistani nuclear scientist A.Q. Khan, who is regarded as the father of Islamabad's nuclear bomb, they said.

Like Iran, North Korea probably directs its centrifuges with control software developed by Siemens AG that runs on Microsoft Corp's Windows operating system, the experts said. Stuxnet took advantage of vulnerabilities in both the Siemens and Microsoft programs.

Because of the overlap between North Korea and Iran's nuclear programs, the NSA would not have had to tinker much with Stuxnet to make it capable of destroying centrifuges in North Korea, if it could be deployed there.

Despite modest differences between the programs, "Stuxnet can deal with both of them. But you still need to get it in," said Olli Heinonen, senior fellow at Harvard University's Belfer Center for Science and International Affairs and former deputy director general of the International Atomic Energy Agency.

NSA Director Keith Alexander said North Korea's strict limitations on Internet access and human travel make it one of a few nations "who can race out and do damage with relative impunity" since reprisals in cyberspace are so challenging.

When asked about Stuxnet, Alexander said he could not comment on any offensive actions taken during his time at the spy agency.

David Albright, founder of the Institute for Science and International Security and an authority on North Korea's nuclear program, said U.S. cyber agents probably tried to get to North Korea by compromising technology suppliers from Iran, Pakistan or China.

"There was likely an attempt" to sabotage the North Korean program with software, said Albright, who has frequently written and testified on the country's nuclear ambitions.

OLYMPIC GAMES

The Stuxnet campaign against Iran, code-named Olympic Games, was discovered in 2010. It remains unclear how the virus was introduced to the Iranian nuclear facility in Natanz, which was not connected to the Internet.

According to cybersecurity experts, Stuxnet was found inside industrial companies in Iran that were tied to the nuclear effort. As for how Stuxnet got there, a leading theory is that it was deposited by a sophisticated espionage program developed by a team closely allied to Stuxnet's authors, dubbed the Equation Group by researchers at Kaspersky Lab.

The U.S. effort got that far in North Korea as well. Though no versions of Stuxnet have been reported as being discovered in local computers, Kaspersky Lab analyst Costin Raiu said that a piece of software related to Stuxnet had turned up in North Korea.

Kaspersky had previously reported that the software, digitally signed with one of the same stolen certificates that had been used to install Stuxnet, had been submitted to malware analysis site VirusTotal from an electronic address in China. But Raiu told Reuters his contacts had assured him that it originated in North Korea, where it infected a computer in March or April 2010.

Some experts said that even if a Stuxnet attack against North Korea had succeeded, it might not have had that big an impact on its nuclear weapons program. Iran's nuclear sites were well known, whereas North Korea probably has at least one other facility beyond the known Yongbyon nuclear complex, former officials and inspectors said.

In addition, North Korea likely has plutonium, which does not require a cumbersome enrichment process depending on the cascading centrifuges that were a fat target for Stuxnet, they said.

Jim Lewis, an advisor to the U.S. government on cybersecurity issues and a senior fellow at the Center for Strategic and International Studies, said there are limitations to cyber offense.

A cyber attack "is not something you can release and be sure of the results," Lewis said.

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:


https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.

> Mr. Obama has repeatedly told his aides that there are risks to using -- and particularly to overusing -- the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.


Cyberthreat Posed by China and Iran Confounds White House
By DAVID E. SANGER SEPT. 15, 2015
http://www.nytimes.com/2015/09/16/world/asia/cyberthreat-posed-by-china-and-iran-confounds-white-house.html




WASHINGTON -- A question from a member of the Pentagon's new cyberwarfare unit the other day prompted President Obama to voice his frustration about America's seeming inability to deter a growing wave of computer attacks, and to vow to confront the increasingly aggressive adversaries who are perpetrating them.

"Offense is moving a lot faster than defense," Mr. Obama told troops on Friday at Fort Meade, Md., home of the National Security Agency and the United States Cyber Command. "The Russians are good. The Chinese are good. The Iranians are good." The problem, he said, was that despite improvements in tracking down the sources of attacks, "we can't necessarily trace it directly to that state," making it hard to strike back.

Then he issued a warning: "There comes a point at which we consider this a core national security threat." If China and other nations cannot figure out the boundaries of what is acceptable, "we can choose to make this an area of competition, which I guarantee you we'll win if we have to."

If Mr. Obama sounded uncharacteristically combative on the topic, it is because finding a way to deter computer attacks is one of the most urgent and confounding problems he faces in his last 16 months in office. The problem is all the more pressing because it is where the high-tension diplomacy surrounding the state visit, in just 10 days, of President Xi Jinping of China merges with the challenge of containing Iran in the aftermath of the recently completed nuclear agreement with Tehran.

Mustering the leverage to deter attacks is exactly what Mr. Obama is struggling to accomplish in the days leading up to Mr. Xi's visit. For six weeks, American officials have warned that they are preparing sanctions against Chinese hackers, telling Chinese officials in private meetings that the combination of intellectual property theft and espionage on an unprecedented scale -- the theft of the 22 million security dossiers from the Office of Personnel Management, for example -- cannot go unanswered.

But an argument has broken out within the administration over whether to invoke those sanctions now and risk a blowup with Beijing before Mr. Xi's arrival, or use the threat of them to try to extract something from the Chinese.

The White House revealed late Saturday that a high-level Communist Party envoy sent by Mr. Xi, Meng Jianzhu, spent four days in Washington last week meeting with intelligence and law enforcement officials in an effort to create some "rules of the road" for Internet actions between the United States and China before they derail an already fraught relationship.

Josh Earnest, the White House press secretary, described the talks with the Chinese as "pretty blunt," and one of the officials who met with Mr. Meng, China's domestic security chief, was less diplomatic, calling the talks "pretty ugly."

The day Mr. Meng returned home, China's official state news media quoted him as saying that the Chinese government would crack down on criminal hackers, though the statement was vague about what would happen to those acting on behalf of the Chinese government.

In classified sessions, American intelligence agencies have told members of Congress that while computer attacks on the United States emanating from Iran decreased during the negotiations over the nuclear accord, they believe that an Iran stymied in developing a nuclear ability over the next 10 to 15 years is likely to pour more resources into cyberweapons. Such weapons have already been used against the Navy, American banks, a Las Vegas casino and Saudi Arabia's largest oil producer, without setting off significant retaliation.

The day before Mr. Obama spoke at Fort Meade, the director of national intelligence, James R. Clapper Jr., said at a congressional hearing that the United States lacked "both the substance and the mind-set of deterrence." But he went on to say that he was far less worried about a "large Armageddon strike" that would take out America's power systems than about the kind of smaller but persistent attacks that damaged Sony Pictures Entertainment.

With both Iran and China, Mr. Obama is struggling with variants of the same problem: How do you contain a rising power that has discovered the benefits of an anonymous, havoc-creating weapon that can also yield vast troves of secret data? And how do you convince them that actions for which "they have paid no price," as the director of the N.S.A. and the Cyber Command, Adm. Michael S. Rogers, put it the other day, will no longer be cost-free?

"We have a deterrence deficit," said David Rothkopf, the author of "National Insecurity: American Leadership in an Age of Fear."

"The U.S. is very good at dealing with the gravest global challenges, like global thermonuclear war, and also very good at empty gestures and rhetoric," he said. "The problem we have is with our middle game, and yet most of the challenges we face are, of course, in the middle."

With Iran and China, of course, cyberwarfare is only part of those middle-game challenges. Containing Iran's growing influence in Iraq, Syria, Yemen and throughout the region is central to the administration's post-accord challenge. And containing China's effort to reclaim islands in the South China Sea, a bet by Beijing that neither Washington nor Asian nations will stop it from developing a new base of operations and exclusive claims to air and sea territory, is the subtext of much of the tension with Mr. Xi's government.

But the escalating cyberconflict poses a particularly complex problem, because there is no equivalent of the Nuclear Nonproliferation Treaty for computer networks. That is exactly what makes the use of cybertechniques and weapons so attractive to the Russians, the Chinese, the Iranians and the North Koreans -- and, to some extent, the United States.

So far, the administration's response has seemed inconsistent, and to many incoherent.

When North Korea was identified as the country that attacked Sony, Mr. Obama -- in possession of evidence gleaned from the N.S.A.'s yearslong penetration of North Korean networks -- went to the White House press room, declared that the leadership in Pyongyang was responsible, and said the United States would retaliate at the time and in the manner of its choosing.

The public retaliation was a series of modest financial sanctions that did little additional damage to the most sanctioned country on earth. If there was a lasting response to the attack, only North Korea knows about it.

And when Unit 61398 of the People's Liberation Army in China was exposed as the force behind the theft of intellectual property from American companies, the Justice Department announced the indictment of five of the army's officers. Justice officials hailed that as a breakthrough. Inside the intelligence community and the White House, however, it was regarded as purely symbolic, and the strike on the Office of Personnel Management continued after the indictments were announced.

"The Chinese have discovered they can launch cyberattacks against us and that our officials seek to downplay them or offer up limp, ineffective responses, like indicting people behind them who will never ever see the inside of a U.S. court," Mr. Rothkopf said. "This has added to the perception that we are weak, which in turn is an incentive to more opportunistic bad actors."

Mr. Obama was determined to do more, his aides said. He issued an order in the spring, based on lessons learned in the Sony attack, enabling him to issue sanctions against individuals or organizations deemed responsible for computer attacks -- similar to his powers to deal with nuclear proliferators or terrorists. But they have never been used.

The administration made it clear that Chinese hackers would be in the first wave. And when Susan E. Rice, the national security adviser, went to Beijing recently to prepare for the visit of Mr. Xi, computer warfare was a major source of contention. "That's when they woke up and sent Meng," said one senior official who would discuss private diplomatic conversations only on the condition of anonymity.

No one is expecting a simple solution. In testimony last week, Mr. Clapper went out of his way to correct members of Congress who called the personnel office episode an "attack," noting that it was espionage, something the United States does often to the Chinese. And the intelligence agencies do not want any agreements that would limit their own ability to use cyberweapons for covert purposes, as the United States did against Iran in an operation aimed at disabling parts of its nuclear program.

And now Iran is part of the worry. Admiral Rogers told a House panel that while cyberattacks directed at the United States abated during talks over the nuclear deal, the country was now "fully committed" to using them as part of a revamped military strategy. The Iranians, another senior intelligence official said, discussing private intelligence assessments on the condition of anonymity, "will be looking intensely at how we handle the Chinese."


Correction: September 15, 2015
An earlier version of this article referred incompletely to the responsibilities of a Chinese official, Meng Jianzhu, who met with United States officials last week to discuss possible "rules of the road" for the Internet. Mr. Meng is China's chief of domestic security, not the Internet czar.

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information

> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.


> Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade. He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons -- even under the most careful and limited circumstances -- could enable other countries, terrorists or hackers to justify their own attacks.

> If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work. Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.

> Mr. Obama has repeatedly told his aides that there are risks to using -- and particularly to overusing -- the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.


Cyberwar Ignites a New Arms Race
By DAMIAN PALETTA, DANNY YADRON, JENNIFER VALENTINO-DEVRIES Oct. 11, 2015
http://www.wsj.com/articles/cyberwar-ignites-a-new-arms-race-1444611128



Government investigators believe Iranian hackers implanted the Shamoon virus on computers at Saudi Arabia's Saudi Aramco, the world's largest energy firm, in 2012. The Aramco attack erased 75% of the company's computers and replaced screen images with burning American flags. The attack didn't affect oil production, but it rattled the company, and security officials, as it revealed the extent of Iran's cybercapabilities. A spokesman for Aramco didn't respond to a request for comment.

The move was at least partly in retaliation for the alleged U.S.-Israeli attack on Iran discovered in 2010 that deployed the Stuxnet computer worm to destroy Iranian nuclear centrifuges--considered to be the most successful and advanced cyberattack ever. The U.S. and Israel haven't confirmed or denied involvement with Stuxnet.

Director of National Intelligence James R. Clapper has said that Iran used malware to destroy computers last year at Las Vegas Sands Corp., a casino company run by Sheldon Adelson, a major critic of the Iranian government. A Sands spokesman declined to comment.

Defense officials have also said Iranian hackers have temporarily overwhelmed the websites of numerous U.S. banks, in an annoying but relatively pedestrian technique known as a "denial of service" attack. The attack was allegedly in response to a YouTube video depicting the Prophet Muhammad. Some U.S. officials suspected it was retaliation for sanctions and the Stuxnet attack.

In 2012, Iran's Supreme Leader Ayatollah Ali Khamenei publicly announced the creation of the Supreme Council of Cyberspace charged to oversee the defense of Iran's computer networks and develop "new ways of infiltrating or attacking the computer networks of its enemies."

National Security Agency Director Adm. Michael Rogers said Iranian cyberattacks have slowed since nuclear talks intensified last year, but that Tehran appears "fully committed" to using cyberattacks as part of its national strategy.

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information
>

> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.


Spy vs. Spy: Inside the Fraying U.S.-Israel Ties
By ADAM ENTOUS Oct. 22, 2015
http://www.wsj.com/articles/spy-vs-spy-inside-the-fraying-u-s-israel-ties-1445562074





The U.S. closely monitored Israel's military bases and eavesdropped on secret communications in 2012, fearing its longtime ally might try to carry out a strike on Fordow, Iran's most heavily fortified nuclear facility.

Nerves frayed at the White House after senior officials learned Israeli aircraft had flown in and out of Iran in what some believed was a dry run for a commando raid on the site. Worried that Israel might ignite a regional war, the White House sent a second aircraft carrier to the region and readied attack aircraft, a senior U.S. official said, "in case all hell broke loose."

The two countries, nursing a mutual distrust, each had something to hide. U.S. officials hoped to restrain Israel long enough to advance negotiations on a nuclear deal with Iran that the U.S. had launched in secret. U.S. officials saw Israel's strike preparations as an attempt to usurp American foreign policy.

Instead of talking to each other, the allies kept their intentions secret. To figure out what they weren't being told, they turned to their spy agencies to fill gaps. They employed deception, not only against Iran, but against each other. After working in concert for nearly a decade to keep Iran from an atomic bomb, the U.S. and Israel split over the best means: diplomacy, covert action or military strikes.

Personal strains between President Barack Obama and Israeli Prime Minister Benjamin Netanyahu erupted at their first Oval Office meeting in 2009, and an accumulation of grievances in the years since plunged relations between the two countries into crisis.

This Wall Street Journal account of the souring of U.S.-Israel relations over Iran is based on interviews with nearly two dozen current and former senior U.S. and Israeli officials.

U.S. and Israeli officials say they want to rebuild trust but acknowledge it won't be easy. Mr. Netanyahu reserves the right to continue covert action against Iran's nuclear program, said current and former Israeli officials, which could put the spy services of the U.S. and Israel on a collision course.

A shaky start

Messrs. Obama and Netanyahu shared common ground on Iran when they first met in 2007. Mr. Netanyahu, then the leader of Israel's opposition party, the right-wing Likud, discussed with Mr. Obama, a Democratic senator, how to discourage international investment in Iran's energy sector. Afterward, Mr. Obama introduced legislation to that end.

Suspicions grew during the 2008 presidential race after Mr. Netanyahu spoke with some congressional Republicans who described Mr. Obama as pro-Arab, Israeli officials said. The content of the conversations later found its way back to the White House, senior Obama administration officials said.

Soon after taking office in January 2009, Mr. Obama took steps to allay Israeli concerns, including instructing the Pentagon to develop military options against Iran's Fordow facility, which was built into a mountain. The president also embraced an existing campaign of covert action against Iran, expanding cooperation between the Central Intelligence Agency and Mossad, the Israeli spy agency.

Mossad leaders compared the covert campaign to a 10-floor building: The higher the floor, they said, the more invasive the operation. CIA and Mossad worked together on operations on the lower floors. But the Americans made clear they had no interest in moving higher--Israeli proposals to bring down Iran's financial system, for example, or even its regime.

Some covert operations were run unilaterally by Mossad, such as the assassination of Iranian nuclear scientists, according to U.S. officials.

The first Oval Office meeting between Messrs. Obama and Netanyahu, in May 2009--weeks after Mr. Netanyahu became prime minister--was difficult for both sides. After the meeting, Mr. Obama's aides called Ron Dermer, Mr. Netanyahu's adviser, to coordinate their statements. Mr. Dermer told them it was too late; Mr. Netanyahu was already briefing reporters. "We kind of looked at each other and said, 'I guess we're not coordinating our messages,' " said Tommy Vietor, a former administration official who was there.

In 2010, the risk of covert action became clear. A computer virus dubbed Stuxnet, deployed jointly by the U.S. and Israel to destroy Iranian centrifuges used to process uranium, had inadvertently spread across the Internet. The Israelis wanted to launch cyberattacks against a range of Iranian institutions, according to U.S. officials. But the breach made Mr. Obama more cautious, officials said, for fear of triggering Iranian retaliation, or damaging the global economy if a virus spread uncontrollably.

Israel questioned whether its covert operations were enough, said aides to Mr. Netanyahu. Stuxnet had only temporarily slowed Tehran's progress. "Cyber and other covert operations had their inherent limitations," a senior Israeli official said, "and we reached those limitations."

Mr. Netanyahu pivoted toward a military strike, raising anxiety levels in the White House.

The U.S. Air Force analyzed the arms and aircraft needed to destroy Iran's nuclear facilities and concluded Israel didn't have the right equipment. The U.S. shared the findings, in part, to steer the Israelis from a military strike.

The Israelis weren't persuaded and briefed the U.S. on an attack plan: Cargo planes would land in Iran with Israeli commandos on board who would "blow the doors, and go in through the porch entrance" of Fordow, a senior U.S. official said. The Israelis planned to sabotage the nuclear facility from inside.

Pentagon officials thought it was a suicide mission. They pressed the Israelis to give the U.S. advance warning. The Israelis were noncommittal.

Iranian students in a November 2013 demonstration defending their country's nuclear program outside the Fordow Uranium Conversion facility in Iran. ENLARGE
Iranian students in a November 2013 demonstration defending their country's nuclear program outside the Fordow Uranium Conversion facility in Iran. PHOTO: CHAVOSH HOMAVANDI/AFP/GETTY IMAGES
"Whether this was all an effort to try to pressure Obama, or whether Israel was really getting close to a decision, I don't know," said Michéle Flournoy, who at the time was undersecretary of defense for policy.

Mr. Obama, meanwhile, was moving toward diplomacy. In December 2011, the White House secretly used then-Sen. John Kerry to sound out Omani leaders about opening a back channel to the Iranians.

At the same time, the White House pressed the Israelis to scale back their assassination campaign and turned down their requests for more aggressive covert measures, U.S. officials said.

The president spoke publicly about his willingness to use force as a last resort to prevent Iran from getting a nuclear weapon--"I don't bluff," Mr. Obama said in March 2012--but some of Mr. Netanyahu's advisers weren't convinced.

In early 2012, U.S. spy agencies told the White House about a flurry of meetings that Mr. Netanyahu convened with top security advisers. The meetings covered everything from mission logistics to the political implications of a military strike, Israeli officials said.

Warning signs

U.S. spy agencies stepped up satellite surveillance of Israeli aircraft movements. They detected when Israeli pilots were put on alert and identified moonless nights, which would give the Israelis better cover for an attack. They watched the Israelis practice strike missions and learned they were probing Iran's air defenses, looking for ways to fly in undetected, U.S. officials said.

New intelligence poured in every day, much of it fragmentary or so highly classified that few U.S. officials had a complete picture. Officials now say many jumped to the mistaken conclusion that the Israelis had made a dry run.

At the time, concern and confusion over Israel's intentions added to the sense of urgency inside the White House for a diplomatic solution.

The White House decided to keep Mr. Netanyahu in the dark about the secret Iran talks, believing he would leak word to sabotage them. There was little goodwill for Mr. Netanyahu among Mr. Obama's aides who perceived the prime minister as supportive of Republican challenger Mitt Romney in the 2012 campaign.

Mr. Netanyahu would get briefed on the talks, White House officials concluded, only if it looked like a deal could be reached.

The first secret meeting between U.S. and Iranian negotiators, held in July 2012, was a bust. But "nobody was willing to throw it overboard by greenlighting Israeli strikes just when the process was getting started," a former senior Obama administration official said.

Israeli officials approached their U.S. counterparts over the summer about obtaining military hardware useful for a strike, U.S. officials said.

At the top of the list were V-22 Ospreys, aircraft that take off and land like helicopters but fly like fixed-wing planes. Ospreys don't need runways, making them ideal for dropping commandos behind enemy lines.

The Israelis also sounded out officials about obtaining the Massive Ordnance Penetrator, the U.S. military's 30,000-pound bunker-busting bomb, which was designed to destroy Fordow.

Mr. Netanyahu wanted "somebody in the administration to show acquiescence, if not approval" for a military strike, said Gary Samore, who served for four years as Mr. Obama's White House coordinator for arms control and weapons of mass destruction. "The message from the Obama administration was: 'We think this is a big mistake.' "

White House officials decided not to provide the equipment.

Messrs. Obama and Netanyahu spoke in September 2012, and Mr. Obama emerged convinced Israel wouldn't strike on the eve of the U.S. presidential election.

By the following spring, senior U.S. officials concluded the Israelis weren't serious about a commando raid on Fordow and may have been bluffing. When the U.S. offered to sell the Ospreys, Israel said it didn't have the money.

Former Israeli Defense Minister Ehud Barak, who championed a strike, said Mr. Netanyahu had come close to approving a military operation against Iran. But Israel's military chiefs and cabinet members were reluctant, according to Israeli officials.

While keeping the Omani talks secret, U.S. officials briefed the Israelis on the parallel international negotiations between Iran and major world powers under way in early 2013. Those talks, which made little headway, were led on the U.S. side by State Department diplomat Wendy Sherman.
Robert Einhorn, at the time an arms control adviser at the State Department, said that during the briefings, Mr. Netanyahu's advisers wouldn't say what concessions they could live with. "It made us feel like nothing was going to be good enough for them," Mr. Einhorn said.

U.S. spy agencies were monitoring Israeli communications to see if the Israelis had caught wind of the secret talks. In September 2013, the U.S. learned the answer.

Yaakov Amidror, Mr. Netanyahu's national security adviser at the time, had come to Washington in advance of a Sept. 30 meeting between Messrs. Netanyahu and Obama.

On Sept. 27, Mr. Amidror huddled with White House national security adviser Susan Rice in her office when she told him that Mr. Obama was on the phone in a groundbreaking call with Iran's president, Hassan Rouhani.

Mr. Amidror had his own surprise. During a separate meeting in the Roosevelt Room, he told several of Mr. Obama's top advisers that Israel had identified the tail numbers of the unmarked U.S. government planes that ferried negotiators to Muscat, Oman, the site of the secret talks, U.S. officials said.

Mr. Amidror, who declined to comment on the White House discussions, said that it was insulting for Obama administration officials to think "they could go to Oman without taking our intelligence capabilities into account." He called the decision to hide the Iran talks from Israel a big mistake.

U.S. officials said they were getting ready to tell the Israelis about the talks, which advanced only after Mr. Rouhani came to office. During the Sept. 30 meeting with Mr. Netanyahu, the president acknowledged the secret negotiations. The secrecy cemented Israel's distrust of Mr. Obama's intentions, Israeli officials said.

Mr. Samore, the former White House official, said he believed it was a mistake to keep Israel in the dark for so long. Mr. Einhorn said: "The lack of early transparency reinforced Israel's suspicions and had an outsize negative impact on Israeli thinking about the talks."

Israel pushed for the U.S. to be more open about the Iran negotiations. Ms. Rice, however, pulled back on consultations with her new Israeli counterpart, Yossi Cohen, who took over as Mr. Netanyahu's national security adviser, according to U.S. and Israeli officials.

In exchanges with the White House, U.S. officials said, Mr. Cohen wouldn't budge from demanding Iran give up its centrifuges and uranium-enrichment program. Israeli officials said they feared any deviation would be taken by the U.S. as a green light for more concessions.

In one meeting, Mr. Cohen indicated Mr. Netanyahu could accept a deal allowing Iran to keep thousands of centrifuges, U.S. officials said. Soon after, Mr. Cohen called to say he had misspoken. Neither side was prepared to divulge their bottom line.

In November 2013, when the interim agreement was announced, Mr. Samore was in Israel, where, he said, the Israelis "felt blindsided" by the terms. U.S. officials said the details came together so quickly that Ms. Sherman and her team didn't have enough time to convey them all. Israeli officials said the Americans intentionally withheld information to prevent them from influencing the outcome.

Listening in

As talks began in 2014 on a final accord, U.S. intelligence agencies alerted White House officials that Israelis were spying on the negotiations. Israel denied any espionage against the U.S. Israeli officials said they could learn details, in part, by spying on Iran, an explanation U.S. officials didn't believe.

Earlier this year, U.S. officials clamped down on what they shared with Israel about the talks after, they allege, Mr. Netanyahu's aides leaked confidential information about the emerging deal.

When U.S. officials confronted the Israelis over the matter in a meeting, Israel's then-minister of intelligence said he didn't disclose anything from Washington's briefings. The information, the minister said, came from "other means," according to meeting participants.

Ms. Sherman told Mr. Cohen, Israel's national security adviser: "You're putting us in a very difficult position. We understand that you will find out what you can find out by your own means. But how can we tell you every single last thing when we know you're going to use it against us?" according to U.S. officials who were there.

Mr. Netanyahu turned to congressional Republicans, one of his remaining allies with the power to affect the deal, Israeli officials said, but he couldn't muster enough votes to block it.

U.S. officials now pledge to work closely with their Israeli counterparts to monitor Iran's compliance with the international agreement.

But it is unclear how the White House will respond to any covert Israeli actions against Iran's nuclear program, which current and former Israeli officials said were imperative to safeguard their country.

One clause in the agreement says the major powers will help the Iranians secure their facilities against sabotage. State Department officials said the clause wouldn't protect Iranian nuclear sites from Israel.

Michael Hayden, a former director of the CIA, said the U.S. and Israel could nonetheless end up at odds.

"If we become aware of any Israeli efforts, do we have a duty to warn Iran?" Mr. Hayden said. "Given the intimacy of the U.S.-Israeli relationship, it's going to be more complicated than ever."







--------------

https://infotomb.com/e5pzu

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information
>
>
>
> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.
>

> Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program--dubbed "Olympic Games" by the CIA--including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting--one man's hard-won scoop is another man's "official leak"--but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.

>
>
>
> -----------------------------------------------------------------------------
>
>
>
> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.
>
> Mr. Obama decided to accelerate the attacks -- begun in the Bush administration and code-named Olympic Games -- even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran's Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.


> Mr. Obama has repeatedly told his aides that there are risks to using -- and particularly to overusing -- the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.




Stealthy malware targeting air-gapped PCs leaves no trace of infection
Researchers discover "self-protecting" trojan circulating in the wild.
by Dan Goodin - Mar 24, 2016
http://arstechnica.com/security/2016/03/stealthy-malware-targeting-air-gapped-pcs-leaves-no-trace-of-infection/




Researchers have discovered highly stealthy malware that can infect computers not connected to the Internet and leaves no evidence on the computers it compromises.

USB Thief gets its name because it spreads on USB thumb and hard drives and steals huge volumes of data once it has taken hold. Unlike previously discovered USB-born malware, it uses a series of novel techniques to bind itself to its host drive to ensure it can't easily be copied and analyzed.



The malware is notable for its similarities to state-sponsored threats that have targeted governments and critical infrastructure in the Middle East for years. The Stuxnet worm that the US and Israel reportedly unleashed to disrupt Iran's nuclear program was also spread on USB drives, because many of the systems it targeted weren't connected to the Internet. By infecting computers each time a booby-trapped drive was inserted, Stuxnet aimed to bridge these so-called air gaps. USB Thief has the same ability to infiltrate sensitive networks.

State-sponsored Gauss contains secret warhead eluding global cracking experts.
One of the major failures of the Stuxnet operation was its designer's inability to maintain control of the computers that were infected by the self-replicating malware. What's more, the Stuxnet code was also easily dissected by researchers, allowing them to eventually figure out it targeted industrial control systems. Gauss, another piece of malware spawned from at least some of the same developers as Stuxnet, didn't make the same critical mistakes. Its mystery warhead was encrypted using a key derived from a single computer that has yet to be publicly identified.

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information
>
>
>
> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.
>

> Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program--dubbed "Olympic Games" by the CIA--including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting--one man's hard-won scoop is another man's "official leak"--but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.

>
>
>
> -----------------------------------------------------------------------------
>
>
>
> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.
>
> Mr. Obama decided to accelerate the attacks -- begun in the Bush administration and code-named Olympic Games -- even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran's Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

> "We discussed the irony, more than once," one of his aides said. Another said that the administration was resistant to developing a "grand theory for a weapon whose possibilities they were still discovering." Yet Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.
>
> If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work. Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.

> Breakthrough, Aided by Israel

> "We think there was a modification done by the Israelis," one of the briefers told the president, "and we don't know if we were part of that activity."
>
> Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. "It's got to be the Israelis," he said. "They went too far."

> Mr. Obama has repeatedly told his aides that there are risks to using -- and particularly to overusing -- the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.




On Thursday the Justice Department indicted seven Iranians for distributed denial of service ("DDoS") attacks in 2011-2013 against 46 companies (mostly in the financial sector). The indictment alleges that Iran's Revolutionary Guard sponsored the attacks.

David Sanger of the New York Times reports that intelligence experts have long speculated that attacks "were intended to be retaliation for an American-led cyberattack on Iran's main nuclear enrichment plant." Sanger adds that "Iran's computer networks have been a primary target of the National Security Agency for years, and it is likely that in penetrating those networks -- for intelligence purposes or potential sabotage -- the N.S.A. could have traced the attacks to specific computers, IP addresses or individuals."

Assuming these experts' speculations are right, the Iranians were indicted for retaliating against U.S. cyberattacks on Iran's nuclear weapons infrastructure, and they got caught because the NSA had penetrated Iranian networks. On its face this seems hypocritical. Might the U.S. indictments nonetheless be justified?

One way to answer this question is to ask what the U.S. government would do if Iran named and indicted the NSA officers reportedly behind the penetration of and attacks on Iran's nuclear weapons facility. How might the United States distinguish its cyber cyberattacks on Iran's infrastructure from Iran's responsive cyberattacks on U.S. infrastructure?

The United States would first need to explain how its attacks on Iran's nuclear weapons facilities are consistent with the principles laid down by Secretary of State Kerry for responsible behavior in cyberspace:


The basic rules of international law apply in cyberspace. Acts of aggression are not permissible. And countries that are hurt by an attack have a right to respond in ways that are appropriate, proportional, and that minimize harm to innocent parties. We also support a set of additional principles that, if observed, can contribute substantially to conflict prevention and stability in time of peace. We view these as universal concepts that should be appealing to all responsible states, and they are already gaining traction.
First, no country should conduct or knowingly support online activity that intentionally damages or impedes the use of another country's critical infrastructure.



The United States would likely argue that the cyberattacks on Iran complied with international law because they were taken in its or Israel's self-defense in the face of an imminent attack by Iran. If the United States' actions were legitimate self-defense, Iran's actions in response could not be justified as lawful self-defense.

However, the United States might have a tough time arguing self-defense.



Is the U.S. a Hypocrite on Iran Cyberattack?
Jack Goldsmith March 25, 2016
http://time.com/4272214/iran-cyberattack-indictment/

[Bill Steele]

On 3/26/16 12:36 PM, thinbl...@gmail.com wrote:
> However, the United States might have a tough time arguing self-defense.

Makes as much sense as arguing that this is about television. Doesn't
have the required CNN link.

[thinbl...@gmail.com]

Hey Bill, here's a cheerful thought:

"The cable system that provides you with all that butt jiggling enjoyment is part of the US infrastructure"

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information
>
>
>
> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.
>

> Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program--dubbed "Olympic Games" by the CIA--including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting--one man's hard-won scoop is another man's "official leak"--but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.

>
>
>
> -----------------------------------------------------------------------------
>
>
>
> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.
>
> Mr. Obama decided to accelerate the attacks -- begun in the Bush administration and code-named Olympic Games -- even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran's Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

> "We discussed the irony, more than once," one of his aides said. Another said that the administration was resistant to developing a "grand theory for a weapon whose possibilities they were still discovering." Yet Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.
>
> If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work. Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.

> Mr. Obama has repeatedly told his aides that there are risks to using -- and particularly to overusing -- the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.





FBI paid professional hackers one-time fee to crack San Bernardino iPhone
Ellen Nakashima April 12, 2016
https://www.washingtonpost.com/world/national-security/fbi-paid-professional-hackers-one-time-fee-to-crack-san-bernardino-iphone/2016/04/12/5397814a-00de-11e6-9d36-33d198ea26c5_story.html




The FBI cracked a San Bernardino terrorist's phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter.

The new information was then used to create a piece of hardware that helped the FBI to crack the iPhone's four-digit personal identification number without triggering a security feature that would have erased all the data, the individuals said.

The researchers, who typically keep a low profile, specialize in hunting for vulnerabilities in software and then in some cases selling them to the U.S. government. They were paid a one-time flat fee for the solution.

Cracking the four-digit PIN, which the FBI had estimated would take 26 minutes, was not the hard part for the bureau. The challenge from the beginning was disabling a feature on the phone that wipes data stored on the device after 10 incorrect tries at guessing the code. A second feature also steadily increases the time allowed between attempts.

The bureau in this case did not need the services of the Israeli firm Cellebrite, as some earlier reports had suggested, people familiar with the matter said.

The U.S. government now has to weigh whether to disclose the flaws to Apple, a decision that probably will be made by a White House-led group.

The people who helped the U.S. government come from the sometimes shadowy world of hackers and security researchers who profit from finding flaws in companies' software or systems.

Some hackers, known as "white hats," disclose the vulnerabilities to the firms responsible for the software or to the public so they can be fixed and are generally regarded as ethical. Others, called "black hats," use the information to hack networks and steal people's personal information.

At least one of the people who helped the FBI in the San Bernardino case falls into a third category, often considered ethically murky: researchers who sell flaws -- for instance, to governments or to companies that make surveillance tools.

This last group, dubbed "gray hats," can be controversial. Critics say they might be helping governments spy on their own citizens. Their tools, however, might also be used to track terrorists or hack an adversary spying on the United States. These researchers do not disclose the flaws to the companies responsible for the software, as the exploits' value depends on the software remaining vulnerable.

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information


> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support.

> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html

> WASHINGTON -- From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran's main nuclear enrichment facilities, significantly expanding America's first sustained use of cyberweapons, according to participants in the program.


> Mr. Obama decided to accelerate the attacks -- begun in the Bush administration and code-named Olympic Games -- even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran's Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.


> Getting the worm into Natanz, however, was no easy trick. The United States and Israel would have to rely on engineers, maintenance workers and others -- both spies and unwitting accomplices -- with physical access to the plant. "That was our holy grail," one of the architects of the plan said. "It turns out there is always an idiot around who doesn't think much about the thumb drive in their hand."

> In fact, thumb drives turned out to be critical in spreading the first variants of the computer worm; later, more sophisticated methods were developed to deliver the malicious code.

> The Stuxnet Surprise

> "We think there was a modification done by the Israelis," one of the briefers told the president, "and we don't know if we were part of that activity."


> Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. "It's got to be the Israelis," he said. "They went too far."

> Mr. Obama has repeatedly told his aides that there are risks to using -- and particularly to overusing -- the weapon. In fact, no country's infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.





Berlin: Watch the First Trailer for Alex Gibney's Cyber Warfare Doc 'Zero Days' 2/17/2016 by Scott Roxborough
http://www.hollywoodreporter.com/news/berlin-first-trailer-zero-days-866607



The latest film from the director of 'Going Clear' and 'Taxi to the Dark Side' has its world premiere in the Berlin competition on Wednesday.

The Hollywood Reporter has received the exclusive first look at the trailer for Zero Days, the new documentary from Oscar-winning director Alex Gibney (Taxi to the Dark Side, Going Clear: Scientology and the Prison of Belief).

A terrifying look into cyber warfare and the threat from state-sponsored hackers, Zero Days premiered Wednesday in competition at the Berlin International Film Festival.

Magnolia and Showtime snatched up the film for the U.S. just ahead of its Berlin debut.

In the trailer, members of the U.S. and international Secret Services outline the dangers of cyber war as illustrated by Stuxnet, the computer worm apparently developed by one or more nation states that sabotaged Iran's nuclear program and reportedly destroyed up to a fifth of the country's nuclear centrifuges.

But the Stuxnet incident is only the beginning, Gibney argues. Computer viruses designed to attack critical infrastructure -- electrical grids, nuclear power stations, water treatment plants -- are out there, and the systems of the U.S. are among the most vulnerable to attacks.

"Welcome to the next global war" runs the tagline in the trailer. One commentator notes ominously, "This has the whiff of 1945," referring to the beginning of nuclear warfare.

Watch the trailer below.
http://www.hollywoodreporter.com/news/berlin-first-trailer-zero-days-866607

[bruce2...@gmail.com]

The administration has a bad habit of declaring info already published freely elsewhere as "classified".

Thats probably why Hillary never did anything wrong at the Department of State.

[thinbl...@gmail.com]

On Saturday, May 7, 2016 at 6:16:05 AM UTC-4, bruce2...@gmail.com wrote:


> The administration has a bad habit of declaring info already published freely elsewhere as "classified".

This administration has a habit of selectively leaking classified information that is favorable to it's own conduct. A careful reading of the 2012 NYTimes article will reveal:

1) The Stuxnet cyber attack was launched upon the Iranian software controlled centrifuge array to prevent the Israelis from launching a military attack upon the physical facility.

2) When Stuxnet broke free from the confines of the Iranian facility, it was due to Israeli coding beyond US involvement.

> Thats probably why Hillary never did anything wrong at the Department of State.

With a blue and white vagenda, Hillary will never do anything wrong, unless she turns her back on Israel, like her husband Bill did. (see "Give Piece a Chance" thread, for details)

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information
>
>
>
> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.
>
> Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program—dubbed "Olympic Games" by the CIA—including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting—one man's hard-won scoop is another man's "official leak"—but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.
>
>
>
> -----------------------------------------------------------------------------
>
>
>
> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>

> The Stuxnet Surprise

> “We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”


> Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”

> Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.

Former Joint Chiefs of Staff vice chairman pleads guilty to false statements in classified leak investigation, court files show
Spencer S. Hsu and Ellen Nakashima October 17
https://www.washingtonpost.com/local/public-safety/former-joint-chiefs-of-staff-vice-chairman-to-plea-to-false-statements-in-classified-leak/2016/10/17/a84b9986-9483-11e6-9b7c-57290af48a49_story.html




A retired four-star Marine Corps general who served as the nation’s second-ranking military officer pleaded guilty Monday to making false statements in a probe of a leak of classified information about a covert U.S.-Israeli cyberattack on Iran’s nuclear program.

James E. “Hoss” Cartwright, who served as deputy chairman of the Joint Chiefs of Staff before he retired in 2011, entered his plea in federal court in Washington before U.S. District Judge Richard J. Leon of the District.

The plea came hours after the charge against Cartwright was announced by the office of U.S. Attorney Rod Rosenstein of Maryland.

U.S. officials in June 2013 disclosed that Cartwright was the target of a Justice Department investigation into a leak to New York Times reporter David E. Sanger of details about a highly classified operation to hobble Iran’s uranium-enrichment capability through cyber-sabotage — an effort not acknowledged by Israel or the United States.

Prosecutors in court documents accused Cartwright of falsely telling investigators he did not provide or confirm classified information to Sanger for his 2012 book, “Confront and Conceal,” and of falsely denying he did not confirm similar information in an email to Newsweek correspondent Daniel Klaidman.

In a written statement to reporters distributed after his plea, Cartwright said, “It was wrong for me to mislead the FBI [in an voluntary interview] on Nov. 2, 2012, and I accept full responsibility.”

Cartwright also said in the statement, “I knew I was not the source of the story and I didn’t want to be blamed for the leak. My only goal in talking to the reporters was to protect American interests and lives.” He added, “I love my country and continue to this day to do everything I can to defend it.”

The false statements charge carries a maximum prison term of five years, but under a plea agreement both sides agreed to a recommendation of zero to six months at sentencing set for Jan. 17. Part of the sentencing proceeding, Leon said Monday, might be held in secret to discuss classified information.

FBI investigators focused on Cartwright in the fall of 2012, officials said. They interviewed him at least twice, according to people who are familiar with the case and who spoke on the condition of anonymity because of the sensitivity of the investigation.

Part of the challenge of preparing the case was determining to what extent authorities who control the declassification of information — in this case the White House and the intelligence community — were willing to divulge information.

The Obama administration was also sensitive to its ally Israel’s concerns about revealing any information in a court caseabout the cyber operation.

Cartwright had White House authorization to speak with reporters, according to people familiar with the matter.

The false statement charge was, practically speaking, the stiffest charge the government was going to be able to bring given the challenges of building a prosecution in a case involving highly classified information, several current and former law enforcement officials said.

In such cases, prosecutors run into resistance from officials and agencies that want to keep the information under wraps. That is what happened here, the officials said. By 2014, it was clear the case was hitting roadblocks. White House officials, for instance, did not want to declassify material that would be important to the case.

But, during his interviews with FBI special agents, Cartwright made false statements, the government alleged. That gave prosecutors the grounds to bring the felony charge.

“Clearly lying to the FBI is not that big a deal if you compare it to espionage,” said a former federal law enforcement official, who like several others interviewed asked not to be identified because of the matter’s sensitivity. “But sometimes it’s the only charge you can bring.”

Still, the former official said, “if you talk and lie, it’s much worse than not talking.”

Cartwright’s attorney, Gregory Craig, said in a written statement after the plea that in conversations with Sanger and Klaidman, Cartwright “was engaged in a well-known and understood practice of attempting to save national secrets, not disclosing classified information. His effort to prevent publication of information that might harm American lives or national security does not constitute a violation of any law.”

Craig added, Cartwright’s “offense was in statements he made to FBI agents investigating a leak -- and that is the entire basis of his plea.”

Legal analysts also noted that Cartwright was being charged with making false statements in connection with the leak investigation –and not with the leak itself. Nonetheless, the prosecution shows the Obama administration is seeking to send a message about unauthorized leaks of classified information, said Stephen Vladeck, a law professor at the University of Texas.

The charge against Cartwright, Vladeck said, is “probably as much about protecting particular sources and methods as it is about the actual unlawful conduct.”

“I think the reality is that this trend will not stop leaking,” Vladeck said. “But I have to think it will at least dissuade this.”

Klaidman declined comment Monday.

The long-running investigation was reportedly stalled last year by national security and diplomatic concerns, after Israel opposed confirming details of the operation in court. The United States was in the final stages of negotiations with Iran over its nuclear program.

Cartwright helped design the cyber-campaign against Iran under President George W. Bush and was involved in its escalation under President Obama.

Details of the joint program, including its code name, Olympic Games, were revealed by Sanger in a book and article in June 2012. The sabotage of Iranian uranium centrifuges by the computer worm dubbed Stuxnet had emerged two years earlier, and security experts speculated that it was the work of the United States and Israel.

Neither the United States nor Israel has ever formally acknowledged their role in the cyberattack — the first known use of computer code to destroy another country’s critical system.

Disclosures about the operation set off a political controversy, with congressional Republicans charging that the White House had deliberately leaked information to enhance Obama’s national security credentials as he sought reelection.



----------------------

https://www.youtube.com/watch?v=UAjIyXQw4Sc

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

Obama pardons James Cartwright in leak case
BY KATIE BO WILLIAMS - 01/17/17
http://thehill.com/policy/national-security/314674-obama-pardons-james-cartwright-in-leak-case
http://www.theverge.com/2017/1/17/14303148/obama-pardon-general-james-cartwright-stuxnet




President Obama on Tuesday pardoned retired Gen. James Cartwright, the former vice chairman of the Joint Chiefs of Staff accused of lying to the FBI about his conversations with reporters regarding U.S. efforts to cripple Iran’s nuclear program.

Cartwright pleaded guilty in October to one felony count of making false statements during the FBI’s investigation into leaks about the government’s role in a highly classified operation known as Operation Olympic Games.

The clandestine effort — untaken with Israel — deployed a computer virus known as Stuxnet that destroyed Iranian centrifuges used in creating nuclear fuel.

New York Times journalist David Sanger exposed the operation in 2012, sparking the federal investigation that led to Cartwright.

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information
>
>
>
> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.
>
> Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program—dubbed "Olympic Games" by the CIA—including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting—one man's hard-won scoop is another man's "official leak"—but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.
>
>
>
> -----------------------------------------------------------------------------
>
>
>
> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>
> WASHINGTON — From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.
>
> Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

Trump Inherits a Secret Cyberwar Against North Korean Missiles
한국어로 읽기 点击查看本文中文版
By DAVID E. SANGER and WILLIAM J. BROAD MARCH 4, 2017
https://www.nytimes.com/2017/03/04/world/asia/north-korea-missile-program-sabotage.html?_r=0


WASHINGTON — Three years ago, President Barack Obama ordered Pentagon officials to step up their cyber and electronic strikes against North Korea’s missile program in hopes of sabotaging test launches in their opening seconds.

Soon a large number of the North’s military rockets began to explode, veer off course, disintegrate in midair and plunge into the sea. Advocates of such efforts say they believe that targeted attacks have given American antimissile defenses a new edge and delayed by several years the day when North Korea will be able to threaten American cities with nuclear weapons launched atop intercontinental ballistic missiles.

But other experts have grown increasingly skeptical of the new approach, arguing that manufacturing errors, disgruntled insiders and sheer incompetence can also send missiles awry. Over the past eight months, they note, the North has managed to successfully launch three medium-range rockets. And Kim Jong-un, the North Korean leader, now claims his country is in “the final stage in preparations” for the inaugural test of his intercontinental missiles — perhaps a bluff, perhaps not.

An examination of the Pentagon’s disruption effort, based on interviews with officials of the Obama and Trump administrations as well as a review of extensive but obscure public records, found that the United States still does not have the ability to effectively counter the North Korean nuclear and missile programs. Those threats are far more resilient than many experts thought, The New York Times’s reporting found, and pose such a danger that Mr. Obama, as he left office, warned President Trump they were likely to be the most urgent problem he would confront.

Mr. Trump has signaled his preference to respond aggressively against the North Korean threat. In a Twitter post after Mr. Kim first issued his warning on New Year’s Day, the president wrote, “It won’t happen!” Yet like Mr. Obama before him, Mr. Trump is quickly discovering that he must choose from highly imperfect options.

He could order the escalation of the Pentagon’s cyber and electronic warfare effort, but that carries no guarantees. He could open negotiations with the North to freeze its nuclear and missile programs, but that would leave a looming threat in place. He could prepare for direct missile strikes on the launch sites, which Mr. Obama also considered, but there is little chance of hitting every target. He could press the Chinese to cut off trade and support, but Beijing has always stopped short of steps that could lead to the regime’s collapse.

In two meetings of Mr. Trump’s national security deputies in the Situation Room, the most recent on Tuesday, all those options were discussed, along with the possibility of reintroducing nuclear weapons to South Korea as a dramatic warning. Administration officials say those issues will soon go to Mr. Trump and his top national security aides.

The decision to intensify the cyber and electronic strikes, in early 2014, came after Mr. Obama concluded that the $300 billion spent since the Eisenhower era on traditional antimissile systems, often compared to hitting “a bullet with a bullet,” had failed the core purpose of protecting the continental United States. Flight tests of interceptors based in Alaska and California had an overall failure rate of 56 percent, under near-perfect conditions. Privately, many experts warned the system would fare worse in real combat.

So the Obama administration searched for a better way to destroy missiles. It reached for techniques the Pentagon had long been experimenting with under the rubric of “left of launch,” because the attacks begin before the missiles ever reach the launchpad, or just as they lift off. For years, the Pentagon’s most senior officers and officials have publicly advocated these kinds of sophisticated attacks in little-noticed testimony to Congress and at defense conferences.

The Times inquiry began last spring as the number of the North’s missile failures soared. The investigation uncovered the military documents praising the new antimissile approach and found some pointing with photos and diagrams to North Korea as one of the most urgent targets.

After discussions with the office of the director of national intelligence last year and in recent days with Mr. Trump’s national security team, The Times agreed to withhold details of those efforts to keep North Korea from learning how to defeat them. Last fall, Mr. Kim was widely reported to have ordered an investigation into whether the United States was sabotaging North Korea’s launches, and over the past week he has executed senior security officials.

The approach taken in targeting the North Korean missiles has distinct echoes of the American- and Israeli-led sabotage of Iran’s nuclear program, the most sophisticated known use of a cyberweapon meant to cripple a nuclear threat. But even that use of the “Stuxnet” worm in Iran quickly ran into limits. It was effective for several years, until the Iranians figured it out and recovered. And Iran posed a relatively easy target: an underground nuclear enrichment plant that could be attacked repeatedly.

In North Korea, the target is much more challenging. Missiles are fired from multiple launch sites around the country and moved about on mobile launchers in an elaborate shell game meant to deceive adversaries. To strike them, timing is critical.

Advocates of the sophisticated effort to remotely manipulate data inside North Korea’s missile systems argue the United States has no real alternative because the effort to stop the North from learning the secrets of making nuclear weapons has already failed. The only hope now is stopping the country from developing an intercontinental missile, and demonstrating that destructive threat to the world.

“Disrupting their tests,” William J. Perry, secretary of defense in the Clinton administration, said at a recent presentation in Washington, would be “a pretty effective way of stopping their ICBM program.”

Decades in the Making

Three generations of the Kim family have dreamed that their broken, otherwise failed nation could build its own nuclear weapons, and the missiles to deliver them, as the ultimate survival strategy. With nukes in hand, the Kims have calculated, they need not fear being overrun by South Korea, invaded by the United States or sold out by China.

North Korea began seeking an intercontinental ballistic missile decades ago: It was the dream of Kim Il-sung, the country’s founder, who bitterly remembered the American threats to use nuclear weapons against the North during the Korean War.

His break came after the collapse of the Soviet Union, when out-of-work Russian rocket scientists began seeking employment in North Korea. Soon, a new generation of North Korean missiles began to appear, all knockoffs of Soviet designs. Though flight tests were sparse, American experts marveled at how the North seemed to avoid the kinds of failures that typically strike new rocket programs, including those of the United States in the late 1950s.


The Rise of Missile and Nuclear Tests

The success was so marked that Timothy McCarthy of the Middlebury Institute of International Studies at Monterey wrote in a 2001 analysis that Pyongyang’s record “appears completely unique in the history of missile development and production.”

In response, President George W. Bush in late 2002 announced the deployment of antimissile interceptors in Alaska and California. At the same time, Mr. Bush accelerated programs to get inside the long supply chain of parts for North Korean missiles, lacing them with defects and weaknesses, a technique also used for years against Iran.

Threat Grows in Obama Era

By the time Mr. Obama took office in January 2009, the North had deployed hundreds of short- and medium-range missiles that used Russian designs, and had made billions of dollars selling its Scud missiles to Egypt, Libya, Pakistan, Syria, the United Arab Emirates and Yemen. But it aspired to a new generation of missiles that could fire warheads over much longer distances.

In secret cables written in the first year of the Obama administration, Secretary of State Hillary Clinton laid out the emerging threat. Among the most alarming released by WikiLeaks, the cables described a new path the North was taking to reach its long-range goal, based on a missile designed by the Soviets decades ago for their submarines that carried thermonuclear warheads.

It was called the R-27. Unlike the North’s lumbering, older rockets and missiles, these would be small enough to hide in caves and move into position by truck. The advantage was clear: This missile would be far harder for the United States to find and destroy.


The North Korean Arsenal

“North Korea’s next goal may be to develop a mobile ICBM that would be capable of threatening targets around the world,” said an October 2009 cable marked “Secret” and signed by Mrs. Clinton.

The next year, one of the new missiles showed up in a North Korean military parade, just as the intelligence reports had warned.

By 2013, North Korean rockets thundered with new regularity. And that February, the North set off a nuclear test that woke up Washington: The monitoring data told of an explosion roughly the size of the bomb that had leveled Hiroshima.

Days after the explosion, the Pentagon announced an expansion of its force of antimissile interceptors in California and Alaska. It also began to unveil its “left of launch” program to disable missiles before liftoff — hoping to bolster its chances of destroying them. Gen. Martin E. Dempsey, the chairman of the Joint Chiefs of Staff, announced the program, saying that “cyberwarfare, directed energy and electronic attack,” a reference to such things as malware, lasers and signal jamming, were all becoming important new adjuncts to the traditional ways of deflecting enemy strikes.

He never mentioned North Korea. But a map accompanying General Dempsey’s policy paper on the subject showed one of the North’s missiles streaking toward the United States. Soon, in testimony before Congress and at public panels in Washington, current and former officials and a major contractor — Raytheon — began talking openly about “left of launch” technologies, in particular cyber and electronic strikes at the moment of launch.

The North, meanwhile, was developing its own exotic arsenal. It tried repeatedly to disrupt American and South Korean military exercises by jamming electronic signals for guided weapons, including missiles. And it demonstrated its cyberpower in the oddest of places — Hollywood. In 2014, it attacked Sony Pictures Entertainment with a strike that destroyed about 70 percent of the company’s computing systems, surprising experts with its technical savvy.

Last month, a report on cybervulnerabilities by the Defense Science Board, commissioned by the Pentagon during the Obama administration, warned that North Korea might acquire the ability to cripple the American power grid, and cautioned that it could never be allowed to “hold vital U.S. strike systems at risk.”

Secret Push, and New Doubts

Not long after General Dempsey made his public announcement, Mr. Obama and his defense secretary, Ashton B. Carter, began calling meetings focused on one question: Could a crash program slow the North’s march toward an intercontinental ballistic missile?

There were many options, some drawn from General Dempsey’s list. Mr. Obama ultimately pressed the Pentagon and intelligence agencies to pull out all the stops, which officials took as encouragement to reach for untested technologies.

The North’s missiles soon began to fail at a remarkable pace. Some were destroyed, no doubt, by accident as well as by design. The technology the North was pursuing, using new designs and new engines, involved multistage rockets, introducing all kinds of possibilities for catastrophic mistakes. But by most accounts, the United States program accentuated the failures.

The evidence was in the numbers. Most flight tests of an intermediate-range missile called the Musudan, the weapon that the North Koreans showed off in public just after Mrs. Clinton’s warning, ended in flames: Its overall failure rate is 88 percent.

Nonetheless Kim Jong-un has pressed ahead on his main goal: an intercontinental ballistic missile. Last April, he was photographed standing next to a giant test-stand, celebrating after engineers successfully fired off a matched pair of the potent Russian-designed R-27 engines. The implication was clear: Strapping two of the engines together at the base of a missile was the secret to building an ICBM that could ultimately hurl warheads at the United States.

In September, he celebrated the most successful test yet of a North Korean nuclear weapon — one that exploded with more than twice the destructive force of the Hiroshima bomb.

His next goal, experts say, is to combine those two technologies, shrinking his nuclear warheads to a size that can fit on an intercontinental missile. Only then can he credibly claim that his isolated country has the know-how to hit an American city thousands of miles away.

In the last year of his presidency, Mr. Obama often noted publicly that the North was learning from every nuclear and missile test — even the failures — and getting closer to its goal. In private, aides noticed he was increasingly disturbed by North Korea’s progress.

With only a few months left in office, he pushed aides for new approaches. At one meeting, he declared that he would have targeted the North Korean leadership and weapons sites if he thought it would work. But it was, as Mr. Obama and his assembled aides knew, an empty threat: Getting timely intelligence on the location of North Korea’s leaders or their weapons at any moment would be almost impossible, and the risks of missing were tremendous, including renewed war on the Korean Peninsula.

Hard Decisions for Trump

As a presidential candidate, Mr. Trump complained that “we're so obsolete in cyber,” a line that grated on officials at the United States Cyber Command and the National Security Agency, where billions of dollars have been spent to provide the president with new options for intelligence gathering and cyberattacks. Now, one of the immediate questions he faces is whether to accelerate or scale back those efforts.

A decision to go after an adversary’s launch ability can have unintended consequences, experts warn.

Once the United States uses cyberweapons against nuclear launch systems — even in a threatening state like North Korea — Russia and China may feel free to do the same, targeting fields of American missiles. Some strategists argue that all nuclear systems should be off limits for cyberattack. Otherwise, if a nuclear power thought it could secretly disable an adversary’s atomic controls, it might be more tempted to take the risk of launching a pre-emptive attack.

“I understand the urgent threat,” said Amy Zegart, a Stanford University intelligence and cybersecurity expert, who said she had no independent knowledge of the American effort. “But 30 years from now we may decide it was a very, very dangerous thing to do.”

Mr. Trump’s aides say everything is on the table. China recently cut off coal imports from the North, but the United States is also looking at ways to freeze the Kim family’s assets, some of which are believed held in Chinese-controlled banks. The Chinese have already opposed the deployment of a high-altitude missile defense system known as Thaad in South Korea; the Trump team may call for even more such systems.

The White House is also looking at pre-emptive military strike options, a senior Trump administration official said, though the challenge is huge given the country’s mountainous terrain and deep tunnels and bunkers. Putting American tactical nuclear weapons back in South Korea — they were withdrawn a quarter-century ago — is also under consideration, even if that step could accelerate an arms race with the North.

Mr. Trump’s “It won’t happen!” post on Twitter about the North’s ICBM threat suggests a larger confrontation could be looming.

“Regardless of Trump’s actual intentions,” James M. Acton, a nuclear analyst at the Carnegie Endowment for International Peace, recently noted, “the tweet could come to be seen as a ‘red line’ and hence set up a potential test of his credibility.”

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html

> Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.


> If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work. Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.

> But the good luck did not last. In the summer of 2010, shortly after a new variant of the worm had been sent into Natanz, it became clear that the worm, which was never supposed to leave the Natanz machines, had broken free

> “We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”


> Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”

> Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.

Every day, America’s adversaries are testing our cyber defenses. They attempt to gain access to our critical infrastructure, exploit our great companies, and undermine our entire way of life. And we can’t let that happen.

This vital legislation will establish a new agency within the Department of Homeland Security to lead the federal government’s civilian response to these cyber threats against our nation. We’ve had many, many threats against our nation. Cyber is going to be the newest form. And the threats have taken place, and we’ve been doing pretty good in knocking them out, but now we’ll be — this will make us, I think, much more effective. We’re putting people that are the best in the world, in charge. And I think we’re going to have a whole different ballgame. Cyber is, to a large extent, where it’s at nowadays.

The men and women of the new Cybersecurity and Infrastructure Security Agency will be on the front lines of our cyber defense. They will partner with the private sector, and all levels of government, to defend America’s power grids, banks, telecommunications, and other critical parts of our economy.

The cyber battlespace evolves — and it is evolving, and unfortunately, faster than a lot of people want to talk about. But battlespace it is.

So as the cyber battlespace evolves, this new agency will ensure that we confront the full range of threats from nation-states, cyber criminals, and other malicious actors, of which there are many. This is going to go a long way. This is a very, very important piece of legislation, and it is my honor to have all of you with us.




Remarks by President Trump at Signing of H.R.3359, Cybersecurity and Infrastructure Security Agency Act
November 16, 2018
https://www.whitehouse.gov/briefings-statements/remarks-president-trump-signing-h-r-3359-cybersecurity-infrastructure-security-agency-act/

[thinbl...@gmail.com]

On Sunday, November 25, 2018 at 11:58:11 PM UTC-5, thinbl...@gmail.com wrote:
> On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:
>
> https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ
>
> > Obama Order Sped Up Wave of Cyberattacks Against Iran
> > By DAVID E. SANGER June 1, 2012
> > http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>
>
> > Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.
>
>
> > If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work. Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.
>
>
> > But the good luck did not last. In the summer of 2010, shortly after a new variant of the worm had been sent into Natanz, it became clear that the worm, which was never supposed to leave the Natanz machines, had broken free
>
>
> > “We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”
>
>
> > Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”
>
>
> > Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.



> Every day, America’s adversaries are testing our cyber defenses. They attempt to gain access to our critical infrastructure, exploit our great companies, and undermine our entire way of life. And we can’t let that happen.

> Remarks by President Trump at Signing of H.R.3359, Cybersecurity and Infrastructure Security Agency Act
> November 16, 2018
> https://www.whitehouse.gov/briefings-statements/remarks-president-trump-signing-h-r-3359-cybersecurity-infrastructure-security-agency-act/

In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc
By Nicole Perlroth and Scott Shane May 25, 2019
https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-baltimore.html



For nearly three weeks, Baltimore has struggled with a cyberattack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.

But here is what frustrated city employees and residents do not know: A key component of the malware that cybercriminals used in the attack was developed at taxpayer expense a short drive down the Baltimore-Washington Parkway at the National Security Agency, according to security experts briefed on the case.

Since 2017, when the N.S.A. lost control of the tool, EternalBlue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage. But over the past year, the cyberweapon has boomeranged back and is now showing up in the N.S.A.’s own backyard.

It is not just in Baltimore. Security experts say EternalBlue attacks have reached a high, and cybercriminals are zeroing in on vulnerable American towns and cities, from Pennsylvania to Texas, paralyzing local governments and driving up costs.

The N.S.A. connection to the attacks on American cities has not been previously reported, in part because the agency has refused to discuss or even acknowledge the loss of its cyberweapon, dumped online in April 2017 by a still-unidentified group calling itself the Shadow Brokers. Years later, the agency and the Federal Bureau of Investigation still do not know whether the Shadow Brokers are foreign spies or disgruntled insiders.

Thomas Rid, a cybersecurity expert at Johns Hopkins University, called the Shadow Brokers episode “the most destructive and costly N.S.A. breach in history,” more damaging than the better-known leak in 2013 from Edward Snowden, the former N.S.A. contractor.

“The government has refused to take responsibility, or even to answer the most basic questions,” Mr. Rid said. “Congressional oversight appears to be failing. The American people deserve an answer.”

The N.S.A. and F.B.I. declined to comment.

Since that leak, foreign intelligence agencies and rogue actors have used EternalBlue to spread malware that has paralyzed hospitals, airports, rail and shipping operators, A.T.M.s and factories that produce critical vaccines. Now the tool is hitting the United States where it is most vulnerable, in local governments with aging digital infrastructure and fewer resources to defend themselves.

On May 7, city workers in Baltimore had their computers frozen by hackers. Officials have refused to pay the $100,000 ransom.Credit.
Before it leaked, EternalBlue was one of the most useful exploits in the N.S.A.’s cyberarsenal. According to three former N.S.A. operators who spoke on the condition of anonymity, analysts spent almost a year finding a flaw in Microsoft’s software and writing the code to target it. Initially, they referred to it as EternalBluescreen because it often crashed computers — a risk that could tip off their targets. But it went on to become a reliable tool used in countless intelligence-gathering and counterterrorism missions.

EternalBlue was so valuable, former N.S.A. employees said, that the agency never seriously considered alerting Microsoft about the vulnerabilities, and held on to it for more than five years before the breach forced its hand.

The Baltimore attack, on May 7, was a classic ransomware assault. City workers’ screens suddenly locked, and a message in flawed English demanded about $100,000 in Bitcoin to free their files: “We’ve watching you for days,” said the message, obtained by The Baltimore Sun. “We won’t talk more, all we know is MONEY! Hurry up!”

Today, Baltimore remains handicapped as city officials refuse to pay, though workarounds have restored some services. Without EternalBlue, the damage would not have been so vast, experts said. The tool exploits a vulnerability in unpatched software that allows hackers to spread their malware faster and farther than they otherwise could.

North Korea was the first nation to co-opt the tool, for an attack in 2017 — called WannaCry — that paralyzed the British health care system, German railroads and some 200,000 organizations around the world. Next was Russia, which used the weapon in an attack — called NotPetya — that was aimed at Ukraine but spread across major companies doing business in the country. The assault cost FedEx more than $400 million and Merck, the pharmaceutical giant, $670 million.

The damage didn’t stop there. In the past year, the same Russian hackers who targeted the 2016 American presidential election used EternalBlue to compromise hotel Wi-Fi networks. Iranian hackers have used it to spread ransomware and hack airlines in the Middle East, according to researchers at the security firms Symantec and FireEye.

“It’s incredible that a tool which was used by intelligence services is now publicly available and so widely used,” said Vikram Thakur, Symantec’s director of security response.

One month before the Shadow Brokers began dumping the agency’s tools online in 2017, the N.S.A. — aware of the breach — reached out to Microsoft and other tech companies to inform them of their software flaws. Microsoft released a patch, but hundreds of thousands of computers worldwide remain unprotected.

Hackers seem to have found a sweet spot in Baltimore, Allentown, Pa., San Antonio and other local, American governments, where public employees oversee tangled networks that often use out-of-date software. Last July, the Department of Homeland Security issued a dire warning that state and local governments were getting hit by particularly destructive malware that now, security researchers say, has started relying on EternalBlue to spread.

Microsoft, which tracks the use of EternalBlue, would not name the cities and towns affected, citing customer privacy. But other experts briefed on the attacks in Baltimore, Allentown and San Antonio confirmed the hackers used EternalBlue. Security responders said they were seeing EternalBlue pop up in attacks almost every day.

Amit Serper, head of security research at Cybereason, said his firm had responded to EternalBlue attacks at three different American universities, and found vulnerable servers in major cities like Dallas, Los Angeles and New York.

The costs can be hard for local governments to bear. The Allentown attack, in February last year, disrupted city services for weeks and cost about $1 million to remedy — plus another $420,000 a year for new defenses, said Matthew Leibert, the city’s chief information officer.

He described the package of dangerous computer code that hit Allentown as “commodity malware,” sold on the dark web and used by criminals who don’t have specific targets in mind. “There are warehouses of kids overseas firing off phishing emails,” Mr. Leibert said, like thugs shooting military-grade weapons at random targets.

The malware that hit San Antonio last September infected a computer inside Bexar County sheriff’s office and tried to spread across the network using EternalBlue, according to two people briefed on the attack.

This past week, researchers at the security firm Palo Alto Networks discovered that a Chinese state group, Emissary Panda, had hacked into Middle Eastern governments using EternalBlue.

“You can’t hope that once the initial wave of attacks is over, it will go away,” said Jen Miller-Osborn, a deputy director of threat intelligence at Palo Alto Networks. “We expect EternalBlue will be used almost forever, because if attackers find a system that isn’t patched, it is so useful.”

Until a decade or so ago, the most powerful cyberweapons belonged almost exclusively to intelligence agencies — N.S.A. officials used the term “NOBUS,” for “nobody but us,” for vulnerabilities only the agency had the sophistication to exploit. But that advantage has hugely eroded, not only because of the leaks, but because anyone can grab a cyberweapon’s code once it’s used in the wild.

Some F.B.I. and Homeland Security officials, speaking privately, said more accountability at the N.S.A. was needed. A former F.B.I. official likened the situation to a government failing to lock up a warehouse of automatic weapons.

In an interview in March, Adm. Michael S. Rogers, who was director of the N.S.A. during the Shadow Brokers leak, suggested in unusually candid remarks that the agency should not be blamed for the long trail of damage.


“If Toyota makes pickup trucks and someone takes a pickup truck, welds an explosive device onto the front, crashes it through a perimeter and into a crowd of people, is that Toyota’s responsibility?” he asked. “The N.S.A. wrote an exploit that was never designed to do what was done.”

At Microsoft’s headquarters in Redmond, Wash., where thousands of security engineers have found themselves on the front lines of these attacks, executives reject that analogy.

“I disagree completely,” said Tom Burt, the corporate vice president of consumer trust, insisting that cyberweapons could not be compared to pickup trucks. “These exploits are developed and kept secret by governments for the express purpose of using them as weapons or espionage tools. They’re inherently dangerous. When someone takes that, they’re not strapping a bomb to it. It’s already a bomb.”

Brad Smith, Microsoft’s president, has called for a “Digital Geneva Convention” to govern cyberspace, including a pledge by governments to report vulnerabilities to vendors, rather than keeping them secret to exploit for espionage or attacks.

Last year, Microsoft, along with Google and Facebook, joined 50 countries in signing on to a similar call by French President Emmanuel Macron — the Paris Call for Trust and Security in Cyberspace — to end “malicious cyber activities in peacetime.”

Notably absent from the signatories were the world’s most aggressive cyberactors: China, Iran, Israel, North Korea, Russia — and the United States.


https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/hMUBm3xfCgAJ

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

https://groups.google.com/d/msg/rec.arts.tv/ID-1YzcFDBw/JucaV5prx4sJ

> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html


> WASHINGTON — From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.

> Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.

Pentagon Keeps Trump in the Dark About its Cyber Attacks on Russia
By PETER WADE JUNE 15, 2019
https://www.rollingstone.com/politics/politics-news/pentagon-trump-cyber-attacks-on-russia-848695/


On Saturday, the New York Times published an important story about how the United States military branches are attempting to thwart and combat Russian cyber attacks on American utility networks and interference in elections.

https://www.nytimes.com/2019/06/15/us/politics/trump-cyber-russia-grid.html?smid=nytcore-ios-share

But deeper into the article, an interesting and disturbing nugget has drawn attention: The Pentagon has gone out of its way to keep President Donald Trump ignorant of certain details about the operation because of “the possibility that he might countermand it or discuss it with foreign officials.”

After giving an in-depth account about the “deployment of American computer code” into Russia’s electric power grid, to work as both a warning to Russian President Vladimir Putin and a more offensive posture in the cyber warfare realm, The Times then wrote:

“Two administration officials said they believed Mr. Trump had not been briefed in any detail about the steps to place ‘implants’ — software code that can be used for surveillance or attack — inside the Russian grid.

“Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction — and the possibility that he might countermand it or discuss it with foreign officials, as he did in 2017 when he mentioned a sensitive operation in Syria to the Russian foreign minister.”

New laws, enacted by Congress last year, allow such “clandestine military activity” in cyberspace to go ahead without the president’s approval. So, in this case, those new laws are protecting American interests… by keeping the sitting president out of the loop.



--------------

https://www.youtube.com/watch?v=iP8_Dbvpi-A

[thinbl...@gmail.com]

On Monday, July 8, 2013 at 9:49:40 PM UTC-4, thinbl...@gmail.com wrote:

> White House Didn't Ask New York Times Not to Publish Classified Information
> John Cook 6/01/12
> http://gawker.com/5915026/white-house-didnt-ask-new-york-times-not-to-publish-classified-information
>
>
>
> When the New York Times published a detailed story by chief Washington correspondent David Sanger today confirming the U.S. as the co-author of the Stuxnet virus and outlining Barack Obama's role in directing a highly classified digital monkeywrenching program against Iranian nuclear facilities, many observers noted that the story couldn't have been written without White House support. Which is odd, considering how much energy the White House has been putting into prosecuting leaks it doesn't like.
>
> Sanger's story contains a wealth of presumably Top Secret data about the Stuxnet program—dubbed "Olympic Games" by the CIA—including a direct quote from Vice President Joe Biden during a Situation Room meeting about the operation. Not to diminish Sanger's reporting—one man's hard-won scoop is another man's "official leak"—but it's impossible to imagine that Sanger could have gathered the level of detail that he did about the classified program if the White House didn't want at least some of the information to reach the public.

> Obama Order Sped Up Wave of Cyberattacks Against Iran
> By DAVID E. SANGER June 1, 2012
> http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>
>
> WASHINGTON — From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.
>
> Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.
>
> At a tense meeting in the White House Situation Room within days of the worm’s “escape,” Mr. Obama, Vice President Joseph R. Biden Jr. and the director of the Central Intelligence Agency at the time, Leon E. Panetta, considered whether America’s most ambitious attempt to slow the progress of Iran’s nuclear efforts had been fatally compromised.
>
> “Should we shut this thing down?” Mr. Obama asked, according to members of the president’s national security team who were in the room.
>
> Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.
>
> This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts.

David Sanger, welcome back to FRESH AIR. You write in this book that any classified Pentagon scenario about a confrontation with Russia or China or Iran or North Korea, any scenario in how that might play out, it's assumed the adversary's first strike would be a cyber barrage aimed at civilians. What are we talking about?

DAVID SANGER: Well, we're talking about an effort, either by an adversary aimed at the United States or by the United States aimed at an adversary, to try to conduct a war before the first shot is even fired. That if you can so disable the adversary's electric power grid, the cellphone system, emergency response, the communications to their defenses, in some cases even their ability to launch a nuclear weapon or just an ordinary missile, then you've kind of won before any shot was fired. And it's entirely conceivable that you could achieve your political objectives before you actually started shelling anything or dropping bombs.

DAVIES: A cyber Pearl Harbor some people would say.

SANGER: Yes, Dave, exactly. That's the concept of a cyber Pearl Harbor, which is something we don't see coming. And that's the reason that people get so unhappy when they read headlines - and I've written many of these stories - that the Russians or the Iranians or someone have placed implants in our utility grid, our other computer systems, so that they would be able to go turn off computer systems at any moment. And we know right now, for example, that the Department of Homeland Security has warned of a very extensive amount of malware, which is essentially what an implant is, that's in the American utility grid. The problem here is we don't see this the same way when someone's doing it to us than when we're doing it to someone, right?

So we hear that the Russians have put implants in our grid, and we say, oh, my goodness, somebody is getting ready to go turn off the power at any moment of conflict. When we do the same to other countries - and believe me; the National Security Agency and its military sidekick, the United States Cyber Command, does put these implants in other foreign systems and probably has tens if not hundreds of thousands of them in - we say, well, we're just preparing the battlefield.


Journalist Warns Cyber Attacks Present A 'Perfect Weapon' Against Global Order
June 19, 2018
https://www.npr.org/2018/06/19/621338178/journalist-warns-cyber-attacks-present-a-perfect-weapon-against-global-order

[RichA]

[RichA]

Nice to see Biden was so worried about the Iranians. Did his son work for them too?

User Reviews
Does NOT Mention alot
18 October 2020 | by dncorp – See all my reviews

"The Russian Interference" is mentioned in more Detail in 2020 Documentary "The Plot Against the President", including why the DNC Refused the FBI 100 Percent access to all the DNC Servers (DNC Criminal Activities).

Cyber Warfare Propaganda (Democrats and other Nations Troll Farms) is talked about in more Detail, 2018 Documentary Death of a Nation.

NOT MENTIONED

The Chinese Peoples Liberation Army Navy Air Force's Cyber Army how many (estimated to be about 1 Million), how they since being children are trained to be hackers and eventually Commissioned as Officers of the PLAN AF, special treatment.

The Russian Federation's Cyber Warfare Army. Including Recruiting from "the Russian Mob" including the Russian and Eastern European Illegal Aliens at the U.S., Cyber warfare Russians and Eastern European at the U.S. also trained as Russian Spetsnaz FSB.

The limited Capabilities of U.S. Cyber Warfare Command, after Democrat President Obama's 2009 to 2016 U.S. Defense Budget Cuts. Number of U.S. Defense "Hackers" that learned by themselves how to "Hack" about 4,000 Versus School Trained China PLAN AF about 1 Million Cyber Warfare Army, Russian Federation about 1/2 Million School Trained Hackers.. Iran about a Division of 100,000 School Trained Hackers. Democratic People's Nation of North Korea estimated 40,000 to 50,000 School Trained Hackers.

[trotsky]

On 10/18/20 1:40 AM, RichA wrote:
> Nice to see Biden was so worried about the Iranians. Did his son work for them too?

Which office is his son running for you fucking dipshit?

[chromebook test]

“I think it's more likely ... if we end up in a war, a real shooting war with a major power, it's going to be as a consequence of a cyber breach of great consequence,” Biden said.






President Joe Biden used his first visit with rank-and-file members of the U.S. intelligence community — a part of government that was frequently criticized by his predecessor Donald Trump — to make a promise that he will “never politicize” their work.

Biden waited more than six months to make the short drive across the Potomac River on Tuesday to the Office of the Director of National Intelligence, giving analysts and national security leaders — often derided by Trump as the “deep state" — some breathing room.

The president in his remarks to about 120 ODNI employees and senior leadership officials sought to make clear that he understood the complexity and critical nature of their work. The agency oversees the 17 other U.S. intelligence organizations.

"You have my full confidence," he said. “I know there’s no such thing as 100% certainty in the intelligence world. Occasionally that happens. Rarely, rarely, rarely.”

Biden told the audience that his administration would be “getting us back to the basics.”

“I’ll never politicize the work you do. You have my word on that,” he said. "It’s too important for our country.”

Biden also mentioned Russia and China as growing threats to American national security and noted the growing wave of cyberattacks, including ransomware attacks, against government agencies and private industry that U.S. officials have linked to agents in both countries.

“I think it's more likely ... if we end up in a war, a real shooting war with a major power, it's going to be as a consequence of a cyber breach of great consequence,” Biden said.

Biden toured the National Counterterrorism Center Watch Floor, where analysts work to collect information and intelligence from various sources to ascertain potential threats. He was accompanied on the tour by Avril Haines, director of national intelligence.


https://en.wikipedia.org/wiki/Avril_Haines#Early_life_and_education




In 1st visit to intel agency, Biden warns of cyber conflict
BY NOMAAN MERCHANT AND ALEXANDRA JAFFE JULY 28, 2021
https://www.miamiherald.com/news/article253048098.html

> In fact, both the Israelis and the Americans had been aiming for a particular part of the centrifuge plant, a critical area whose loss, they had concluded, would set the Iranians back considerably. It is unclear who introduced the programming error.
>
> The question facing Mr. Obama was whether the rest of Olympic Games was in jeopardy, now that a variant of the bug was replicating itself “in the wild,” where computer security experts can dissect it and figure out its purpose.
>
> “I don’t think we have enough information,” Mr. Obama told the group that day, according to the officials. But in the meantime, he ordered that the cyberattacks continue. They were his best hope of disrupting the Iranian nuclear program unless economic sanctions began to bite harder and reduced Iran’s oil revenues.
>
> Within a week, another version of the bug brought down just under 1,000 centrifuges. Olympic Games was still on.
>
> A Weapon’s Uncertain Future
>
> American cyberattacks are not limited to Iran, but the focus of attention, as one administration official put it, “has been overwhelmingly on one country.” There is no reason to believe that will remain the case for long. Some officials question why the same techniques have not been used more aggressively against North Korea. Others see chances to disrupt Chinese military plans, forces in Syria on the way to suppress the uprising there, and Qaeda operations around the world. “We’ve considered a lot more attacks than we have gone ahead with,” one former intelligence official said.








> Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.

Biden: If U.S. has 'real shooting war' it could be result of cyber attacks
Nandita Bose July 28, 2021
https://www.reuters.com/world/biden-warns-cyber-attacks-could-lead-a-real-shooting-war-2021-07-27/