US CyberSpy vs CyberSpy Incompetence

Spy vs Spy was a Mad Magazine comic strip started during the Cold War era in 1961. Drawn by Antonia Prohias, the strip featured two spies one level too clever  such that they inevitably did themselves in with  scheming stunts of self-destruction. These spies were Maxwell Smart over confident and Inspector Clouseau clumsy clowns as seen in this cartoon:

Apparently the US Intelligence Services such as the CIA. NSA, and Naval Intelligence have latched onto these “all too clever” cyber-agents and policies with one stark difference – the other side was staffed by cold and calculating operators who,  over the past 20 years, have been able to take full advantage of the US Cyber-sie by  stealing-  not just hoards of government classified secrets but also nearly all the arsenal of US created cyber hacking tools. Worse, the Chinese, Iranian, ISIS, North Korean, and Russian cyber experts using these US tools have been able to unleash a broad range of cyber attacks to loot US and World businesses and government agencies.

For example, the advanced US Lockheed F35 fighter aircraft and the Grumman X-47B aircraft  now have remarkably similar Chinese counterparts . The US Defense intelligence attributes these to “Chinese military hackers undertaking “technical reconnaissance” have succeeded in pilfering highly classified technical documents on a number of occasions. The sensitive technical data that is known to have been compromised is now evident in the latest versions of several Chinese weapons.”

How Pervasive are the US Cyber Spy Tool Breaches

First Cyber-spy gaffe, give  away as Open Source Software key cyber-software tools and don’t expect anybody to exploit it for malvolence.  Tor is free and open-source software for enabling anonymous communication. It was developed in the mid 1990s by the Naval Research Laboratory  to ensure that Naval communications could not be a)intercepted for deciphering or b)tracked to reveal source and destination communications for tracing vessel and submarine movements. Tor  and its counterparts such as I2p, Freenet and GnuNET are all anonymous browsers of the resulting  Deep Web which is not just invisible to but also nearly 500 times the size of the regular surface Web .

As it turns out, anonymous browsing which is untraceable is as vital to hackers and criminal organizations as it is for military and corporate systems. But what the Naval Research Laboratory  and Electronic Frontier Foundation as sponsors failed to  do  when Tor was released as Open Source was some elementary controls on the code. For example simple to more sophisticated  controls could a)keep back in time or content portions of Tor code so it could not be exploited or b)keep the latest release undisclosed to prevent immediate exploitation or c)leave trojans or hooks that could be used to expose malevolent Tor versions.

As a result hackers have taken the Open Source Tor [and I2P, Freenet and GnuNET  as well]  and adapted it for their own purposes including creating a host of vulnerabilities for their malignant ends. Congratulations Naval Intelligence for hoping for the best and reaping the worst possible outcome – creating the Dark Web Space with which provides cover for enemy state  cyber-hackers and organized crime.

Second Cyber-spy gaffe, presume your headquarters are impervious to hack attack; then lose secrets through your own staff and/or incompetence. The record from 2000 to 2013 of Federal Government cyber-attacks is full of incidents where  security incompetence or internal employees were the source of most data breaches.

  1. Department of Homeland Security – June 2013 – CIA analyst Edward Snowden copied and leaked highly classified information from the National Security Agency (NSA) . His disclosures revealed numerous global surveillance programs, many run by the NSA and the Five Eyes Intelligence Alliance with the cooperation of telecommunication  and web software companies like Google and Yahoo.. As well tools and methods for surveillance were revealed to hackers and enemy agents.
  2. Department of Homeland Security – September 2007 – Dozens of DHS’s computers and servers were hacked, allowing sensitive information to be stolen.  The contractor hired to protect DHS computers hid the breach for financial reasons.
  3. Department of Interior – February 2002 – The Department was forced, under court order, to shut down all computers from the Internet for a period of two months until it could prove that it had fixed major security problems.
  4. Department of Commerce – October 2006 – The  Department had to take the Bureau of Industrial Security’s networks offline for several months and replace hundreds of computers because its networks were hacked by unknown foreign intruders.
  5. Department of Defense – February 2012 – It was announced that delays and high costs for the development of fighter plane F-35 stemmed from responding to cyber attacks that stole classified information discussing the technology.
  6. Department of Defense – November 2006The Naval War College in Rhode Island had to shut down all of its computer systems for two weeks following an unknown cyber-attack.
  7. Department of Transportation – May 2009 – A report released by the DOT acknowledged that the FAA administrative networks that manage air-traffic flow and electric power were subject to cyber attacks that gained access to information used to control the network.
  8. Department of Veteran Affairs – May 2009 – 26.5 million records were stolen by unknown cyber-attackers.

The overall impression is that Cyber Security in the US Government is a decidedly uneven mix.

Third Cyber-spy gaffe, lose control of your most important  cybertools as the NSA did in 2016. And then once lost, all the tools were dumped in code form by a still secret group known as the Shadow Brokers for all the world to see and employ for  their own massive cyber hacking exploits. . The NYTimes describes  the full nature of the disaster:

…a much broader earthquake that has shaken the NSA to its core. Current and former agency officials say the Shadow Brokers disclosures, which began in August 2016, have been catastrophic for the NSA., calling into question its ability to protect potent cyber-weapons and its very value to national security. The agency regarded as the world’s leader in breaking into adversaries’ computer networks failed to protect its own..
The consequences were immediate, spread throughout the world, and  very debilitating and costly for the thousands of. hack victims. The US Intelligence community  helped to create hacking chaos throughout the the world for the last decade.

 

A full four years after the NSA Cybertools loss, the US intelligence community is still trying to piece together what happened. There have been many theories explored. In  November 2017, the NYTimes describes a NSA analyst who lost sensitive material illicitly stored on his home compute:
“In the latest case of an insider removing sensitive data from the nation’s largest intelligence agency, Russian hackers obtained classified documents that a National Security Agency employee had taken and stored on his home computer. Investigators believe the hackers may have penetrated the computer by exploiting Kaspersky Lab antivirus software, a Russian brand widely used around the world, that the employee was using, according to officials briefed on the matter.

Then in May of 2019, the NYTmes describes how the NSA was out-foxed by  Chinese cyber-expert who ensnared, US Cybertools during a US raid on a Chinese server target. The case  laid out is disturbing:
“...Chinese intelligence agents acquired National Security Agency hacking tools and repurposed them in 2016 to attack American allies and private companies in Europe and Asia, a leading cybersecurity firm has discovered. The episode is the latest evidence that the United States has lost control of key parts of its cybersecurity arsenal.

Based on the timing of the attacks and clues in the computer code, researchers with the firm Symantec believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — like a gunslinger who grabs an enemy’s rifle and starts blasting away. The Chinese action shows how proliferating cyber-conflict is creating a digital Wild West with few rules or certainties,…The losses have touched off a debate within the intelligence community over whether the United States should continue to develop some of the world’s most high-tech, stealthy cyberweapons if it is unable to keep them under lock and key.”
The result is that over the last decade, US Cyber Intelligence  has fallen into disarray and  and badly needs revitalization. See recent Naval Intelligence  assessment of that need.

Consequences of  US Intelligence Incompetence

The US record for preparation against Cyberattacks is woeful.  In the early 2000, the US provided access to the Deep Web to hackers and enemy state agents through Open Source of anonymous communication tools.  Since 2010 the US Intelligence community has fallen victim to internal personnel like Eric Snowden releasing methods and policies to the hacking world. And the last 5-7 years has seen the US lose highly potent cyber-tools through agents “mishandling” highly confidential tools or the  astonishing  miscalculation of the the degree of the vulnerability of their prized cybertools to detection and capture in combat.

Clearly there is a hubris about US Intelligence Effectiveness and Invulnerability. Yet all the major Intelligence players [CIA, NSA, and Naval Intelligence]  have proven to be remiss in defending US business, government and individual citizens against cyberattacks. Because  some of the very best US hacking tools are in possession of organized crime and foreign agents, US infrastructure systems  which are running on old , outdated, and/or poorly monitored control systems , are particularly at risk. This means major systems such as the US electrical grid, air transportation  control centers, intertwined oil,/gas/chemical pipelines have become increasingly susceptible to concerted cyberattack.

But perhaps most disconcerting is how social media like Facebook, Twitter, Youtube have been mastered as propaganda machines for sowing  massive misinformation on political and economic issues. So much so that the last US Presidential election was swayed by Russian cyber-agents. And so you can imagine how President Trump, already a vocal dissenter of the US  Intelligence community, will be “reluctant” to investigate the foreign cyberagent  influence by social media let alone revitalize the US Cyber-Agencies.