Hillary Clinton Thinks Real-World Military Responses To Hacking Attacks Are A Nifty Idea
from the bombing-for-the-lulz dept
While hacking and “cybersecurity” threats have long been used to justify awful government policy, the entire concept is clearly about to be turbocharged. With the rise in hacking attacks on the DNC, many were quick to call for renewed cyberattacks on Russia despite the fact that hard, transparent proof of Russian nation state involvement remains hard to come by (the idea being unsound either way). But in a speech last week, Presidential hopeful Hillary Clinton took things one step further by suggesting that she’ll make it an administration goal to respond to cyberattacks with real-world military force:
“As President, I will make it clear that the United States will treat cyberattacks just like any other attack. We will be ready with serious political, economic, and military responses,” she told the attendees, largely made up of veterans and their supporters. “We are going to invest in protecting our governmental networks and our national infrastructure,” she continued. “I want us to lead the world in setting the rules in cyberspace. If America doesn’t, others will.”
There are several things wrong with this narrative. The US government and Western media seem to frequently go out of their way to imply that the United States is an innocent little hacking daisy, nobly defending itself from a wide variety of evil international threats. But as we saw with Stuxnet, the United States is very often the country doing the attacking, often with major negative impact on countries, companies and civilians worldwide. That the US has the moral high ground on cybersecurity is little more than a stale meme, and it needs to be put out of its misery.
And granted, while Clinton was clearly trying to appeal to her veteran audience at the American Legion National Conference (most of whom likely can’t tell a terabyte from T-Mobile), America’s moral cybersecurity superiority was on proud display all the same:
“We need to respond to evolving threats from states like Russia, China, Iran and North Korea,” Clinton said in the speech. “We need a military that is ready and agile so it can meet the full range of threats and operate on short notice across every domain ? not just land, sea, air and space but also cyberspace. “You’ve seen reports. Russia’s hacked into a lot of things, China has hacked into a lot of things. Russia even hacked into the Democratic National Committee, maybe even some state election systems. So we have got to step up our game. Make sure we are well defended and able to take the fight to those who go after us.”
Again, you’ll note that the United States is portrayed as an innocent and noble defender of cybersecurity freedom, when it’s the one often engaging in frequently-unprovoked attacks the world over. Of course, Clinton and friends are well aware that the vast majority of the time it’s impossible to know where an attack came from, and any hacker worth his or her salt simply doesn’t leave footprints. That makes a real-world military or economic response to a nebulous, usually-unprovable threat simply idiotic. You’d assume Clinton knows this and was just doing some light pandering to the audience.
But this rhetoric alone is still dangerous in that it opens the door wide to using hacking — much like communism and Islamic extremism and numerous “isms” before them — as a nebulous, endlessly mutable justification for a litany of bad US behavior. You could, for example, covertly hack a government, publicize its hacking response to your hack, using the press to help you justify military action. Given the US and global media’s historical complicity in helping governments begin wars with jack shit for evidence, it shouldn’t be hard to see how hacking is going to be a useful bad policy bogeyman du jour for decades to come.
Despite some repeated, painful lessons on this front stretching back generations, forcing the government to show its math before it resorts to violence is simply not the US media’s strong suit. And with hacking and cybersecurity being subjects the press and public are extra-violently ignorant about, we’ve created the opportunity for some incredible new sleight of hand when it comes to framing and justifying US domestic and international policy. If history is any indication, by next time this year we’ll be blaming everything under the sun on Russian hackers because after all, two anonymous senior government officials said so.
Healthy skepticism will be our ally as we stumble down the rabbit hole. While it’s no surprise that Russia, like the United States is deeply-involved in nation state hacking, you’ll note that actual evidence linking the Putin Administration to the recent rise in US hacking attacks remains fleeting. Most reports simply cite a single anonymous US government source, or security firms with a vested interest in selling services and products. That’s not to say Putin and friends aren’t busy hacking the US, but whether a country is responding to similar attacks by the United States (pdf) — or is actually involved at all — is rather important to transparently document before you begin trotting out awful new policies or worse, real world bombs.
Filed Under: attack, cyber war, cybersecurity, hacking, hillary clinton, military
Comments on “Hillary Clinton Thinks Real-World Military Responses To Hacking Attacks Are A Nifty Idea”
I want us to lead the world in setting the rules in cyberspace
That is pretty much antithetical to the philosophy of the Internet itself, and has been since it’s inception.
Hate to say it: I told you so.
“But this rhetoric alone is still dangerous in that it opens the door wide to using hacking — much like communism and Islamic extremism before it “
Might want to fix this part.
I can think of reasons why one would think this way.
A bully in school thinks that violence is the solution to all problems.
A physical attack is a response to an intellectual attack perpetrated by smart people.
If she intends to have policies that cause the US to not excel in the STEM fields, then a real military attack may be the only option. If you have no real geeks. When a nation has to outsource development of its cyberweapons.
Maybe she can ignore the hypocrisy of the NSA quietly spying on everyone else. And the NSA and possibly Israel being the first to give cyberweapons a try.
Another reason is that it is simply unthinkable to the military industrial complex not to be in a continuous state of undeclared war. War is simply too profitable. The greatness of a nation requires campaign contributions which requires obscene executive bonuses which requires excess profitability. We have to use up physical weapons in order to have a need to replenish them.
And hey, you can still cyber attack back while also engaging in a physical attack.
The physical attack could be distraction for the cyber attack.
Re: Re:
“We have to use up physical weapons in order to have a need to replenish them.”
For the M-I complex, things aren’t so dire as that. They can sell us more modern weapons. They just need to show how the old weapons are outdated. We’ll get sales pitches for ultra-mega-project weapons like Star Wars, or a nuclear arsenal which we never intend to use. We get new fighter planes that run years late and billions over budget.
Also, they don’t need to use the weapons to clear space for the new ones. You can just recycle them for scrap, sell them to allies, sell them to enemies-with-benefits, or -better still- you can sell them to some yokel Sheriff to use on American civilians.
Oh, the places you will go!
Maybe the US should invest more resources in DEFENDING from cyber attacks and less into preserving or even creating vulnerabilities and keeping them secret.
Re: Re:
Maybe the US should invest more resources in DEFENDING from cyber attacks
You’ve got two choices.
a) fix vulnerabilities, which will make everyone safer and more secure. That is the defensive stance. Fixing vulnerabilities, however, will also make your enemies more safe, and thus diminish your offensive potential.
b) hoard knowledge of vulnerabilities. This will make everyone, including yourself, more vulnerable. But then you have a bigger offensive arsenal.
One of these choices shows you’re an idiot, unless your side has less technology that needs defending in the first place (like: if you’re a terrorist outfit, and not a country, then you don’t need to defend anyone).
Re: Re:
How could their corrupt leaders justify attacking and destroying countries if they don’t have a boogeyman to blame for their unprovoked attacks.
Saying the target nation has WMD’s just won’t cut it anymore, as a blank cheque for warmongering
It makes all of the war mongers happy, but its stupid.
Perhaps you should have offered to build a cyberwall and make China pay for it.
Your ideas are just as stupid as Trumps, perhaps you should try to operate in reality with the rest of us little people.
If this is the level of ‘serious’ thinking we can look forward to from our leadership… I’m looking forward to getting nuked for cyberwar crimes and putting us all out of this misery.
Re: Re:
Her claim takes me back to Clifford Stoll’s 1989 book The Cuckoo’s Egg. It tells the true story of how the Soviet KGB enlisted German hackers to break into American military computers – via other computers in California and Virginia. And that’s in the dial-up / Tymnet pre-internet days, before things got complicated and much harder to trace.
Would Hillary bomb California? Virginia? Germany?
Re: Re: Re:
“…bomb California? Virginia? Germany?”
Well, there are worse places to start…
/s
Re: Re:
“Your ideas are just as stupid as Trumps”
No. Don’t contribute to the false equivalence meme.
A wall on the MX border is obviously stupid. It is physically unbuildable on any reasonable budget. He claims MX will pay, but they won’t. And it will be completely ineffective as undocumented peeps just enter here on tourist visas, and overstay…as they mostly do now.
Clinton’s position from this article is not good, is certainly hawkish, but it is not so blatantly stupid. And to understand the intricacies of “the cyber” is not something we would expect of the candidates – although we would hope she has advisers who understand. And Clinton hasn’t made this “not smart” position the main pillar of her campaign.
There is no equivalence between Trump’s blatantly stupid, incessant windmill tilting, and Clinton’s imperfect one-time statement about over-zealous cyber-retaliation.
Are we just going to gloss over the idea that she thinks a *hack of the DNC* is grounds for introducing a new doctrine for dealing with cyber attacks?! Last I heard the DNC is NOT a government agency.
What exactly does she propose we defend here? If Russian hackers go after a grandmother’s bank account, are we going to put boots on the ground? Or is the goal just to prevent Democrats from being embarrassed during an election year?
One more thing: How the hell does she look at the DNC hack and not immediately change her position on encryption? If we had strong, encrypted email services readily available and easily used by anyone…bam, no DNC hack. Instead, she talks about using the military to respond. Christ.
Re: Re:
How the hell does she look at the DNC hack and not immediately change her position on encryption?
Because the idea is to cement a position of power, not for the serfs to benefit from changes in behavior.
Re: Re:
If Russian hackers go after a grandmother’s bank account, are we going to put boots on the ground?
Only if it’s her account.
Cyber is the new ism. An invisible enemy you can claim comes from anywhere in the world you want to invade.
Re: Re:
For as long as Winston can recall, Oceania has been in a constant state of war – with whom it was at war is of neither importance nor consequence.
“most of whom likely can’t tell a terabyte from T-Mobile”
Wait a minute, you mean to tell me they’re different? Wow, and all this time I thought my hard drive had three T-Mobiles and my phone was connected via an invisible intertube that is four gravity units light (isn’t that what 4GLTE stands for?).
Re: Re:
Wait I think I get it now. My Android phone uses 4 light gravitational signals to transfer T-Mobiles across the entire Samsung galaxy. The light gravitational signals are an improvement over the previous heavy gravitational signals, by using 4 gravitational signals instead of 3 (as in 3G) they can use lighter signals and transfer more T-Mobiles across the Samsung galaxy.
Re: Re: Re:
We need to build a great firewall around the samsung galaxy and make China pay for it.
The great firewall of America is going to be so great that it’s going to make America great again. Everyone will look at this great firewall and say, wow, what an amazingly great firewall. America is so great for making such a marvel.
Re: Re: Re: Re:
“We need to build a great firewall around the samsung galaxy and make China pay for it.”
I really like your cyber.
Re: Re: Re:2 Re:
Well if Mexico should pay for a physical wall then China should pay for a digital wall, am I right?
Re: Re: Re:3 Re:
its not like china doesn’t know how to build firewalls
Re: Re: Re:
Nice. My Samsung Note 7 still communicates by bursting into flames.
“The Beacons are lit! Gondor calls for aid!”
Re: Re: Re: Re:
Following the theme of mixed metaphors, shouldn’t that be:
“The Beacons are lit! Gondor calls Lord Voldemort for aid!”
Re: Re: Re: Re:
“The Galaxy Note 7, the official smartphone of the Impossible Missions Force.”
I think the gov should hand out free metasploit kits and tell us, “Go to town, let us know if you find anything”.
So new false flags?
And people wonder why some people think the US do false flags. With a cyber attack justifying a military response, the false flag people might turn out to be right.
Re: So new false flags?
“some people think the US do false flags”
No… it’s because they do.
Here’s just a little taste:
http://www.nytimes.com/library/world/mideast/041600iran-cia-index.html
Cointelpro
he FBI had used provocateurs in the 1950s through 1970s to carry out violent acts and falsely blame them on political activists.
And more recently the Anthrax scare
http://www.nydailynews.com/news/world/fbi-told-blame-anthrax-scare-al-qaeda-white-house-officials-article-1.312733
and so on and so on. THATS why Kathy.
Hitler Clinton is just a puppet.
Re: Re:
I could vote for Hillary strictly on the basis of messages like this. It takes little imagination to visualize the sort of candidate Anonymous Coward would try to vote into power.
Re: Re: Re:
Sadly, the AC is not that far off, with Clinton’s fascist surveillance policy and such.
Funny that a person so inept at using email is proposing “real world” consequences for unauthorized access of computer networks…
Re: Re:
well you know, when you can’t respond like an adult and learn to safeguard your property because it is beyond your mental grasp, the next best thing is to act like a child and smash everyone else’s toys to bits.
What a Charade
Given the US and global media’s historical complicity in helping governments begin wars with jack shit for evidence, it shouldn’t be hard to see how hacking is going to be a useful bad policy bogeyman du jour for decades to come.
There is a term for the media’s historical complicity in helping governments begin wars with jack shit for evidence it is:
Yellow Journalism
The paragraph excerpted below is from a Wikipedia page titled Yellow journalism:
Yellow journalism, or the yellow press, is a type of journalism that presents little or no legitimate well-researched news and instead uses eye-catching headlines to sell more newspapers.[1] Techniques may include exaggerations of news events, scandal-mongering, or sensationalism.[1] By extension, the term yellow journalism is used today as a pejorative to decry any journalism that treats news in an unprofessional or unethical fashion.[2]
https://en.wikipedia.org/wiki/Yellow_journalism
So naturally she will increase the hacking done by American agencies to other countries to justify the war she seems to crave.
Re: Re:
Balderdash, it doesn’t count as hacking when the USG does it, it’s ‘Defending Freedom’, and that’s always justified.
/poe
There’s a very obvious reason to think this way.
Violence is the last refuge of the incompetent.
There is a much, much, MUCH bigger question to be asked.
What *EXACTLY* constitutes hacking? Is it breaching a secured network, or is it the USGovt’s version in that it violates the CFAA, even tenuously. THEN you have to contend with the Posse Comititus Act if it happens inside the US.
Re: Re:
Posse Comititus is a moot point when you can just get the ATF, SWAT team, or your local war-geared-up police department to start launching the mortars.
Re: Re:
whatever they say it is while saying at the same time “it doesn’t count when we do it”
For the Stuxnet blurb, wouldn’t it be more accurate to say “major negative externalities on countries, companies and civilians worldwide.”? No matter what one thinks of the actions of nation state hacking, it’s fairly clear Stuxnet was designed to limit itself to attack Iranian nuclear facilities. Even though the infection spread far beyond it, I’m hard pressed to believe it was the goal of the infection itself.
The next step...
Is to respond with commercial attacks and diplomatic attacks with military response.
Wow! Look at all the nails!
I'm just as much worried about the reverse...
I’m worried about this rhetoric but I’m just as much worried, or possibly more, about what other countries could do with statements like that.
If the US says: “I will make it clear that the United States will treat cyberattacks just like any other attack” what will stop other countries for doing the exact same thing? They’d even be justified doing so.
This remark basically say: Stuxnet is (retroactively) a declaration of war!
Do we want Russia to follow that logic? China or North Korea? I think this would be a very dangerous escalation of day to day activities. I’m sure the CIA (or another agency) is routinely trying to hack whatever country they have on their shitlist and probably most that are not as well.
More non existant weapons of mass destruction.
It is physically unbuildable on any reasonable budget.
Actually I did some of that math on this at one point when checking the solar lobbies numbers for B.S.
IMHO, the best way to handle it is to take a liberal view of mineral rights laws, and imminent domain a DMZ of a few hundred meters along the border and populate it with solar collectors.
Two birds with one stone. Power the whole south west United States, and close the border in one shot. The power plants would pretty much pay for the maintenance of the difficult to patrol areas of the border.
So it IS doable.
In terms of percentage of GDP it is probably something in the order of the Hoover Dam. But governments of dilettantes don’t do things like that.
Don’t get me wrong. I am immigration liberal. But the facts speak for themselves. It is not just practical, but profitable and green to close that border if it is done intelligently.