@War: The Rise of the Military-Internet Complex (39 page)

[>]
But the hackers also:
Ibid.

[>]
It also settled a class-action:
Basil Katz, “Stratfor to Settle Class Action Suit Over Hack,” Reuters, June 27, 2012,
http://www.reuters.com/article/2012/06/28/us-stratfor-hack-lawsuit-idUSBRE85R03720120628
.

[>]
In 2013 the Justice Department:
Matthew J. Schwartz, “Anonymous Hacker Claims FBI Directed LulzSec Hacks,” Dark Reading,
InformationWeek
, August 27, 2013,
http://www.informationweek.com/security/risk-management/anonymous-hacker-claims-fbi-directed-lulzsec-hacks/d/d-id/1111306?
.

[>]
 “
What many do not know”:
Hammond's statement can be read at
http://freejeremy.net/yours-in-struggle/statement-by-jeremy-hammond-on-sabus-sentencing/
.

 

8. “Another Manhattan Project”

 

[>]
“Is there anything else?”:
The account of the meeting is based on two lengthy interviews with Mike McConnell, then the president's director of national intelligence, as well as an interview with Fran Townsend, then Bush's counterterrorism adviser, and retired air force general Dale Meyerrose, then a senior official in the Office of the Director of National Intelligence, 2009 and 2010.

[>]
Among the secret plans and designs:
The list of weapons and technologies is contained in a report from the Defense Science Board,
Resilient Military Systems and the Advanced Cyber Threat
, released in January 2013,
http://www.acq.osd.mil/dsb/reports/ResilientMilitarySystems.CyberThreat.pdf
. The list itself was not made public but was obtained by the
Washington Post
and can be read at
http://www.washingtonpost.com/world/national-security/a-list-of-the-us-weapons-designs-and-technologies-compromised-by-hackers/2013/05/27/a95b2b12-c483-11e2-9fe2-6ee52d0eb7c1_story.html
.

[>]
That in itself was an extraordinary:
See David Petraeus, “How We Won in Iraq,”
Foreign Policy
, October 29, 2013,
http://www.foreignpolicy.com/articles/2013/10/29/david_petraeus_how_we_won_the_surge_in_iraq?page=0,3
.

[>]
“part sensor, part sentry”:
William J. Lynn III, “Defending a New Domain: The Pentagon's Cyberstrategy,”
Foreign Affairs
, September/October 2010,
http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain
.

 

9. Buckshot Yankee

 

[>]
Friday, October 24, 2008:
Details of the Buckshot Yankee operation come from author interviews with current and former military and intelligence officials, including General Michael Basla, in June 2013, and a Defense Department analyst who participated in the program, in November 2013. Supplementary sources include: Ellen Nakashima, “Cyber-Intruder Sparks Massive Cyber Response—and Debate Over Dealing with Threats,”
Washington Post
, December 8, 2011,
http://www.washingtonpost.com/national/national-security/cyber-intruder-sparks-response-debate/2011/12/06/gIQAxLuFgO_story.html
; Jason Healey, ed.,
A Fierce Domain: Conflict in Cyberspace 1986 to 2012
(Vienna, VA: Cyber Conflict Studies Association, 2013); and William J. Lynn III, “Defending a New Domain: The Pentagon's Cyberstrategy,”
Foreign Affairs
, September/October 2010,
http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain
.

[>]
“In so many words”:
Author interview, June 2013.

[>]
“It opened all our eyes”:
Author interview, June 2013.

[>]
According to a former Defense Department:
Author interview, November 2013.

[>]
Some officials who worked:
Noah Shachtman, “Insiders Doubt 2008 Pentagon Hack Was Foreign Spy Attack,” Danger Room,
Wired
, August 25, 2010,
http://www.wired.com/dangerroom/2010/08/insiders-doubt-2008-pentagon-hack-was-foreign-spy-attack/
.

[>]
“Alexander created this aura”:
Author interview with former administration official who worked with Alexander and the White House on cyber security, August 2013.

[>]
“If you pulled out a USB”:
Author interview, March 2012.

 

10. The Secret Sauce

 

[>]
During the campaign
,
Obama staffers':
Michael Isikoff, “Chinese Hacked Obama, McCain Campaigns, Took Internal Documents, Officials Say,” NBC News, June 6, 2013,
http://investigations.nbcnews.com/_news/2013/06/06/18807056-chinese-hacked-obama-mccain-campaigns-took-internal-documents-officials-say
.

[>]
Now, as the forty-fourth president:
“Securing Cyberspace for the 44th Presidency,” Center for Strategic and International Studies, December 2008,
http://csis.org/files/media/csis/pubs/081208_securingcyberspace_44.pdf
.

[>]
Among them were:
Author interviews with current and former US officials and a technical expert who analyzed Chinese spyware, May 2008.

[>]
But these and other incursions:
Author interview, 2013.

[>]
In a particularly clever :
An account of the spear phishing is contained in a State Department cable published by WikiLeaks. See also the author's “Chinese Spies May Have Tried to Impersonate Journalist Bruce Stokes,”
Washingtonian
, February 2, 2011,
http://www.washingtonian.com/blogs/capitalcomment/washingtonian/chinese-spies-may-have-tried-to-impersonate-journalist-bruce-stokes.php
.

[>]
Also in 2009
a
senior:
Author interviews with a current State Department official and a former State Department official, 2012–2013.

[>]
Charlie Croom, a retired:
Author interview, January 2014.

[>]
Obama didn't say where, but
intelligence:
The link between hackers and the Brazilian blackouts was first reported by CBS News'
60 Minutes
, November 6, 2009,
http://www.cbsnews.com/news/cyber-war-sabotaging-the-system-06-11-2009/
. In January 2008, Tom Donahue, the CIA's chief cyber security officer, said publicly that hackers had breached the computer systems of utility companies outside the United States and had demanded ransom. Donahue spoke at a security conference in New Orleans. “All involved intrusions through the Internet,” he said. He didn't name the countries or cities affected.

[>]
Owners and operators:
See Shane Harris, “China's Cyber-Militia,”
National Journal
, May 31, 2008,
http://www.nationaljournal.com/magazine/china-s-cyber-militia-20080531
.

[>]
He was carrying:
Author interview with former US official. 2013.

[>]
At NSA the plan:
Author interviews with former intelligence and administration officials, 2011–2013.

[>]
Alexander told them:
Author interviews with two congressional staff members who were in meetings with Alexander, as well as a former administration official who worked with Alexander and the White House on cyber security issues, August 2013.

[>]
“They're pretty mad”:
Author interview with former congressional staff member who was in the room, October 2013.

[>]
By the time she arrived:
Information about Lute's work at the Homeland Security Department comes from former department officials who worked with her, a senior law enforcement official who works on cyber security issues with multiple agencies and their senior officials, and congressional staff members who work on committees that oversee aspects of the Homeland Security Department's mission.

[>]
Homeland Security's computer-emergency watch:
Richard L. Skinner, “Einstein Presents Big Challenge to U.S.-CERT,” GovInfo Security, June 22, 2010,
http://www.govinfosecurity.com/einstein-presents-big-challenge-to-us-cert-a-2677/op-1
.

[>]
In March, Rod Beckstrom quit:
Beckstrom's resignation letter was published by the
Wall Street Journal
,
http://online.wsj.com//files/11/16/29/f111629/public/resources/documents/BeckstromResignation.pdf
.

[>]
Practically a technophobe:
Author interview, September 28, 2012.

[>]
“Pretend the Manhattan”:
Author interviews with two former administration officials, September and October 2013.

[>]
“There's a presumption”:
Author interview with senior law enforcement official, September 2013.

[>]
“His attitude was, ‘If'”:
Author interview with former senior security official, October 2013.

[>]
“I've been behind the curtain”:
Author interview with former administration official who worked with Alexander and the White House on cyber security issues, August 2013.

[>]
“I do not have the authority”:
Keith Alexander spoke on February 9, 2011, at the AFCEA Defending America Cyberspace Symposium. See
http://www.soteradefense.com/media/events/afcea-defending-america-cyberspace-symposium-2011/
. A senior US law enforcement official also provided an account of the dueling speeches and op-eds between Alexander and Lute.

[>]
On February 14, three days:
Jane Holl Lute and Bruce McConnell, “A Civil Perspective on Cybersecurity,” Threat Level,
Wired
, February 14, 2011,
http://www.wired.com/threatlevel/2011/02/dhs-op-ed/
.

[>]
He gave his speech:
Declan McCullagh, “NSA Chief Wants to Protect ‘Critical' Private Networks,” CNET, February 17, 2011,
http://news.cnet.com/8301-31921_3-20033126-281.html
.

[>]
“There's a lot of folks”:
Keith Alexander spoke on February 22, 2011, at the AFCEA Homeland Security Conference in Washington, DC. “CyberCom Commander Calls for Government Protection of Critical Infrastructure,”
Homeland Security News Wire
, February 23, 2011,
http://www.homelandsecuritynewswire.com/cybercom-commander-calls-government-protection-critical-infrastructure
. The entirety of Alexander's speech can be watched at
http://www.youtube.com/watch?v=Z_lLSP_1Ng0
.

[>]
Of fifty-two cases:
Ellen Nakashima, “Cyber Defense Effort Is Mixed, Study Finds,”
Washington Post
, January 12, 2012,
http://www.washingtonpost.com/world/national-security/cyber-defense-effort-is-mixed-study-finds/2012/01/11/gIQAAu0YtP_story.html
.

[>]
“They thought he was an idiot”:
Author interview, August 2013.

[>]
“Halfway through the meeting”:
Author interview with Steve Chabinsky, July 2013.

[>]
“The Russians will alert”:
Author interview with senior law enforcement official, October 2013.

[>]
As of 2013, the NSA:
Keith Alexander provided the figures on NSA employment in public remarks at a cyber security event sponsored by
Politico
in Washington, DC, on October 8, 2013,
http://www.politico.com/events/cyber-7-the-seven-key-questions/
.

 

11. The Corporate Counterstrike

 

[>]
“a highly sophisticated”:
David Drummond, “A New Approach to China,” Google blog, January 12, 2010,
http://googleblog.blogspot.com/2010/01/new-approach-to-china.html
.

[>]
“crown jewels”:
John Markoff, “Cyberattack on Google Said to Hit Password System,”
New York Times
, April 19, 2010,
http://www.nytimes.com/2010/04/20/technology/20google.html?_r=0
.

[>]
“Google broke in”:
Author conversation with said official, February 2013.

[>]
Google uncovered evidence:
For more on Google's investigation, see David E. Sanger and John Markoff, “After Google's Stand on China, US Treads Lightly,”
New York Times
, January 14, 2010,
http://www.nytimes.com/2010/01/15/world/asia/15diplo.html?_r=0
.

[>]
Deputy Secretary of State James Steinberg :
Author interview with a US intelligence agency consultant with knowledge of the conversation, February 2010. In a separate interview with Steinberg, in October 2013, he said he could not recall if he learned the news at the cocktail party, but he confirmed that Google approached the State Department the night before going public and informed officials of its intentions.

[>]
“It gave us an opportunity”:
Author interview.

[>]
“cooperative research and development agreement”:
Siobhan Gorman and Jessica E. Vascarellaro, “Google Working with NSA to Investigate Cyber Attack,”
Wall Street Journal
, February 4, 2010,
http://online.wsj.com/news/articles/SB10001424052748704041504575044920905689954?mod=WSJ_latestheadlines
. News of the agreement between the NSA and Google was first reported in the
Washington Post
, Ellen Nakashima, “Google to Enlist NSA to Help It Ward Off Cyberattacks,” February 4, 2010,
http://www.washingtonpost.com/wp-dyn/content/article/2010/02/03/AR2010020304057.html
.

[>]
The government could command:
See NSA's Prism overview presentation at
http://s3.documentcloud.org/documents/807036/prism-entier.pdf
.

[>]
Shortly after the China revelation:
Michael Riley, “US Agencies Said to Swap Data with Thousands of Firms,” Bloomberg.com, June 15, 2013,
http://www.bloomberg.com/news/2013-06-14/u-s-agencies-said-to-swap-data-with-thousands-of-firms.html
.