17 February 2000. Thanks to Wayne Madsen.
February 17, 2000
For what it is worth, I am a 20-year veteran of the computer security community. I have served in the Navy, National Security Agency, State Department, Computer Sciences Corporation, RCA, and have consulted on computer security with the National Institute of Standards and Technology, international banks, telecom companies and even firms that manufacture candy.
While working for the FBI and Naval Investigative Service, I put one US Navy official in Federal prison for espionage and other crimes, and I was involved in U.S. counter-terrorism work in Greece and the Philippines. I think I know how the "spook" community operates and, more importantly, how it thinks.
The hype associated with the recent Internet flooding is outrageous and serves the agendas of the military and intelligence communities regarding new vistas for bloated Pentagon and espionage budgets.
On 17 February, National Public Radio's Diane Rehm Show had a round table discussion featuring James Adams, a former London Sunday Times reporter in Washington who is now a drum beater for information warfare, and Jeffrey Hunker, the former head of the White House Critical Infrastructure Assurance Office. Adams suggested that for critical infrastructure protection certain civil liberties must be forfeited. He also stated that Internet transactions should not be afforded the same degree of privacy as the U.S. mail.
Hunker was uncomfortable that some people think that scare mongering has been at the center of the recent packet flooding of the Internet. Adams supported the CIA's creation of IN-Q-IT, a CIA Trojan Horse in the Silicon Valley. According to Adams, Science Applications International Corporation (SAIC), a virtual CIA proprietary firm, is funding, through IN-Q-IT, a program called Net Eraser. None of the participants in the Rehm Show were willing to talk about Net Eraser and some seemed very nervous about discussing it in detail.
This radio program is highly indicative of the current hype surrounding the Distributed Denial of Service (DDOS) attacks on DOT COM sites on the Internet. Even the use of the acronym DDOS is amazing. Here they are, twenty-something DOT COM executives, who probably never thought about computer security except for watching re-runs of "Hackers" and "Sneakers," using Pentagon-originated terms like "Distributed Denial of Service" attacks.
Why? Who told them to use those terms?
Then Clinton manages to take 90 minutes to attend an Internet security summit on February 15. Northern Ireland's peace agreement is falling apart, the Israeli-Palestine agreement is unraveling, and Russia's new President is putting ex-KGB agents in his government, but Clinton has enough time to talk with a group of e-commerce barons, computer security geeks, and even one hacker. The whole thing appeared to be staged and scheduled way in advance.
The whole so-called Internet "hack" smells of a perception management campaign by the intelligence community. Perhaps the system flooding was coordinated by one group -- however, those types of attacks probably occur on a daily basis without being reported by the world's media. It is important to note that one of the key components of information warfare -- according to the Pentagon's own seminal documents -- is perception management -- psychological operations to whip up public support for a policy or program. The early Defense Science Board reports on Critical Infrastructure Protection actually call for a campaign to change the public's attitude about information system and network security.
The Pentagon is a master at deception campaigns aimed at the news media. They constantly broadcast disinformation to television and radio audiences in Haiti, Serbia, Colombia, Mexico and elsewhere. They are now extending this to cyber space. Critical infrastructure protection is a masterful ruse aimed at creating the myth of impeding cyber-peril.
The major domo is a weird chap named Richard Clarke, a Dr. Strangelove-type character who is Clinton's counter-terrorism czar. He always talks about defensive cyber-warfare but clams up when it comes to offensive US cyber-operations. That is classified.
However, it is certain that the US Government has already done more to disrupt the Internet than any other actor -- state-sponsored or freelance. For the past few years, US government hackers have penetrated networks at the European Parliament, Australian Stock Exchange, and banks in Athens, Nicosia, Moscow, Johannesburg, Beirut, Tel Aviv, Zurich, and Vaduz. The US also engaged in network penetrations in Yugoslavia during the NATO war against that country.
Why doesn't NPR, CBS, ABC, NBC and the others focus on what the US is doing to disrupt the Internet? They are instead falling into a familiar Pentagon trap of deception and diversion.