Last week, a top U.S. government intelligence official named James Clapper warned Congress that the threat of somebody using the Internet to attack the United States is “even more pressing than an attack by global terrorist networks”. At about the same time, Keith Alexander, the head of the National Security Agency, announced that the government is forming 13 teams to conduct an international “cyber offensive” to pre-empt or answer “Internet attacks” on this country.
This, as they say, means war.
Clapper issued his melodramatic assessment during an appearance before the Senate Intelligence Committee. As Director of National Intelligence, he testified jointly with the heads of the CIA and FBI as part of their annual “Threat To the Nation” assessment report.
While undoubtedly important, these “threat assessment” appearances are usually a substitute for sleeping pills. The panel of Intelligence honchos parades out a list of “threats” ranked by a combination of potential harm and probability of attack. Since they began giving this report (shortly after 9/11), “Islamic fundamentalist terrorist networks” have consistently ranked number one. Hence the sleep-provoking predictability of it all.
But Clapper’s ranking of “cyber terrorism” as the number one threat would wake up Rip Van Winkle.
“Attacks, which might involve cyber and financial weapons, can be deniable and unattributable,” he intoned. “Destruction can be invisible, latent and progressive.” After probably provoking a skipped heartbeat in a Senator or two, he added that he didn’t think any major attack of this type was imminent or even feasible at this point.
So why use such “end of the world” rhetoric to make a unfeasible threat number one?
The answer perhaps was to be found in the House of Representatives where, on that same day, Gen. Alexander was testifying before the Armed Services Committee about, you got it, “cyber-war”.
Besides being head of the NSA, Alexander directs the United States Cyber Command. I’m not joking. Since 2010, the United States military has had a “Cyber Command”, comprised of a large network of “teams” some of whose purpose is to plan and implement what he called “an offensive strategy”.
Up to now, the Obama Adminstration’s stated policy has been to prioritize protection and defense of its own Internet and data systems and, unsurprisingly, those of U.S. corporations. Now we realize that the President has been cooking another dish on the back burner. When these military leaders talk about “offensive strategy”, they mean war and in warfare, the rules change and warriors see democracy as a stumbling block at least and a potential threat at worst.
Is there a “cyber threat”? Sure, just like there’s a “personal security threat” at your front door. You live among other humans and a few of them sometimes rob people. The Internet is a neighborhood of two billion people in constant communication. To do what it was developed to do, it has to be an open, world-wide communications system and so people can exploit that by harming your website or stealing your data if you don’t protect these things adequately. Developing protections is part of what technologists in every setting, including government services, do every day and they do it well, minimizing the incidence of an on-line hack.
That’s contemporary society. You lock the door to your house, turn on your car alarm on and protect your computer’s data. Most of the time it’s unnecessary but you do it for those rare occasions that it might be called for.
You do not, however, break into a thief’s home, kill him or her and wipe out everyone in the house. That’s what President Obama is proposing. No longer is this Administration interested in just “protection of data”; it now plans to pre-emptively attack data operations and Internet systems in other countries. The non-euphemistic term for this kind of “offensive strategy” is hacking and hacking takes two forms: data theft and disruption of service. In other words, the government plans to do what it throws people in jail for doing.
Clearly, this isn’t only about data theft or service disruption. It’s entwined with the political conflicts Washington has with other countries like China and Iran. The Internet is now another battlefield and this offensive strategy gives our government another weapon in its ceaseless war on the world.
While this weapon might sound benign, almost game-like, compared to other military adventures, it is actually a vicious and punishing strategy promising a festival of unavoidable collateral damage.
A “cyber offensive” can target just about anything in a country (like the computers running an Iranian power plant) and, depending on how the Internet systems are inter-connected, almost automatically cut service to people, schools, hospitals, security services and governments themselves. This is the digital version of nuclear warfare, horrific for its impact and its fundamental immorality.
When the announcements were made, the mainstream media flew into a frenzy of evaluation and analysis. Is this cyber threat real, commentators asked? Most of them found that, at this point, it isn’t. But that’s not the point and it isn’t the real threat.
The carefully planned and coordinated Clapper/Alexander testimony provides a pretext for the array of repressive Internet-governing laws, strategies and programs the Administration already has in place. Their purpose is a ratcheting control of the Internet by the government, a redefinition of our constitutional rights and the eviscerating of our, and the world’s, freedoms. Now, with this “cyber war” scenario, these measures can be more easily defended and made permanent.
We can group those laws and programs into three categories.
1 — “Extreme Data Collection”
The Obama Administration is building a huge data center in Bluffdale, Utah whose role is to capture and store all data everyone in this country (and most of the world) transmits. You read that right.
“Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication,” wrote James Bamford in Wired Magazine, “including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails — parking receipts, travel itineraries, bookstore purchases, and other digital ‘pocket litter.'”
While having your entire on-line life tracked and stored in Utah is pretty creepy, the more pressing issue is how government officials plan to use this data and how they are collecting it. To mine its value, they need to order it to make searches, filtering and lists possible. You need a strategy and while Obama officials have been pretty open about what they’re building, they are closed-mouth about what they intend to do with it.
We know they are working hard on developing code-breaking technology which would allow them to read data which is super-encrypted, the last wall of privacy and protection we have. We also know that, to get this data, they have a remarkable system of surveillance that includes direct capture (capturing data from your on-line sessions), satellite surveillance and the tapping (through easily available data captures) of major information gatherers like Google and Yahoo. The fact that they plan to open this center in September, 2013 means that the intense surveillance and data gathering is in place. You are now never alone.
This is the kind of information on “the enemy” they need in a cyber-war but this information is about us and so the question pertains: who is the enemy here?
2 — “Internet Usage Restriction”
If you’re conducting a war, you can’t have people running around the battlefield trading information and distributing it because, after all, you need secrecy. But collecting and distributing information is entirely what the Internet is about.
No reasonable person expects the entire shut-down of the Internet but the curtailment of on-line expression is now happening and getting worse, re-defining the meaning of free speech and making it an embattled concept.
Under the law, for instance, any corporation or individual can claim you are violating their copyright and demand you remove offending material from a website. You can challenge and litigate that but it doesn’t really matter because, under the Digital Millenium Copyright Act your web hosting service faces huge penalties if they keep the site on-line and the copyright violation is proven. So, to avoid the legal fees and the risk, they’ll just wipe your website. This happens all the time.
If the hosting service stands strong — as some progressive providers do — the people claiming the violation will just go “upstream” to the company that provides your web hosting service’s connection to the Internet and, to avoid legal problems, that “upstream provider” will just unplug the server. Servers host many websites, sometimes in the hundreds, and other services and so not only do you lose your site but everyone else on the server has theirs taken off-line. And this happens without even going in front of a judge.
Sure, there is still robustly exercised “freedom of speech” on the Internet. But the laws are in place to curtail it and, if the government wants, it can (and will) curtail. It’s a modern-day version of benevolent dictatorship which can, as history demonstrates, become pretty darn malevolent pretty fast.
3 — “Selective Repression”
There are hundreds of criminal cases against Internet activists world-wide right now and scores in the United States. The ones most of us are most familiar with, those involving Aaron Swartz and Bradley Manning, are only the tip of the frightening iceberg.
A day after the testimony before Congress, for example, federal authorities announced the case of a techie named Matthew Keys . Keys, who worked for a tv station in Los Angeles owned by the Tribune Company, is accused of leaking a username and password to an activist from the well-known hacker organization Anonymous. Authorities say the Anonymous activist used that user/password combo to satirically alter a headline on the website of the Tribune-owned Los Angeles Times.
Keys is now charged with conspiracy to transmit information to damage a protected computer; transmitting information to damage a protected computer and attempted transmission of information to damage a protected computer. Each count carries a 10 year jail sentence, three years of supervised release and a fine of $250,000. For giving someone who changed a headline a username and password!
Last year, we at May First/People Link were raided by the FBI which literally stole a server from one of our server installations in New York City. They were investigating terroristic emails from some lunatic to people at the University of Pittsburgh and the dozens of servers this bozo used included one of ours. We have some anonymous servers which means there are no records of who used them, no traces…no information about the person sending the email; it’s to protect whistle-blowers and others needing total anonymity.
The FBI knew this but they stole the server anyway and then, about a week later, put it back. They never informed us of any of this. We found out because one of our techies went into the server installation and found one of the servers gone and installed a hidden camera which caught the agents when they returned the machine.
If all these developments seem disturbing to you, that’s justified. These repressive and intrustive measures target the very essence and purpose of the Internet. Created as a way for people to communicate with each other world-wide, this marvel of human interaction is now being turned into a field across which countries shoot programming bombs at each other while repressing and even punishing ordinary people’s communication: dividing us, perpetuating the feeling of loneliness that’s a constant in today’s societies and crippling the struggles for change that combat the division and loneliness and depend on the Internet to do it.
The Internet’s true purpose is to bring the world’s people closer to each other. The Obama Administration is doing just the opposite. It would advisable for those of us who have consistently opposed and fought against wars of all kinds to view this “cyber war” as an equally dangerous and destructive threat.