U.S. National Security Adviser, John Bolton, announced September 20 that President Donald Trump had signed the plan for the new National Cyber Strategy that officially authorizes the U.S. government to conduct offensive cyber attacks.
“We’re going to do a lot of things offensively and I think our adversaries need to know that,” Bolton stated in a press conference. This document will contribute to guaranteeing “secure Internet,” according to Bolton. The competent bodies will now be able to “identify, counter, disrupt, degrade, and deter behavior in cyberspace that is destabilizing and contrary to national interests.”
The National Security Adviser warned, “The people who need to be worried about this are the people who have taken or are preparing to take hostile actions in cyberspace against us,” and emphasized that the responses to these attacks will not be limited to cyberspace, but will also include legislative responses, economic sanctions, and military actions.
He continued: “It is in our national interest to do that not because we want more offensive operations in cyber space but precisely to create the structures of deterrence that will demonstrate to adversaries that the cost of their engaging in operations against us is higher than they want to bear.”
The document accuses Iran, Russia, China, and the Democratic People’s Republic of Korea (DPRK), among others, of using cyberspace as an instrument to attack the United States. Bolton mentions examples of attacks “perpetrated” by Russia and the DPRK.
In July, Special Counsel for the U.S. Department of Justice, Robert Mueller, accused 12 members of Russia’s Main Intelligence Directorate (GRU) of hacking Hillary Clinton’s 2016 presidential campaign.
According to Associated Press (AP), Russian cyber spies obtained U.S. military secrets, including information regarding drones and critical defense technology. The group of hackers targeted at least 87 people “working on militarized drones, missiles, rockets, stealth fighter jets, cloud-computing platforms or other sensitive activities.”
The Office of Personnel Management, an independent agency of the U.S. government, reported that hackers launched various attacks on major U.S. websites, including the Pentagon computer network, and the Twitter and YouTube accounts of the U.S. Central Command (USCENTCOM). In addition, hackers stole personal data of millions of U.S. officials, including employees of the Defense Department.
Moscow denies any involvement. The Russian government has repeatedlystated that the accusations are “absurd” and represent an attempt to divert attention from U.S. domestic affairs, and the country’s responsibility for attacks against facilities, companies, military and civilian units, public and private services in Russia, Iran, the DPRK, and China.
WHO’S ATTACKING WHOM?
The Russian Foreign Ministry reiterated the call to organize “a meeting of the bilateral working group on cyber security, where such problems must, in fact, be discussed with the participation of Russian and U.S. specialists.”
The U.S. government, its intelligence services and institutions, and companies linked to the military-industrial complex, have been developing a strong offensive against the Islamic Republic of Iran for the past decade.
In 2010, a cyber attack against an Iranian nuclear power plant caused damage to the plant’s cooling system, which could have caused a serious incident of unforeseeable consequences. This was considered the first cyber attack to cause real-world physical damage.
Several sources claim that the Stuxnet virus affected the centrifuges of the Iranian nuclear system. The virus caused the pressure to increase in the centrifuges, without being detectable, confusing technicians who believed there were physical failures in the system. The intention was to sabotage and stall the development of the Iranian nuclear program, and today there are elements to indicate that the attack saw the involvement of U.S. and Israeli intelligence services.
Although it seems the stuff of science fiction, in addition to attacks on infrastructure, cyber criminals can make attempts on human lives directly. They can hack pacemakers with wireless functions, and thus end the life of an “enemy,” according to sources close to the CIA.
As U.S. vice president under George Bush, Dick Cheney, told CBS’ 60 Minutes program, in 2007, that his doctor ordered the deactivation of his pacemaker’s wireless function, for fear that it could be hacked.
FireEye, a cybersecurity research company, is closely linked to the CIA, through Robert Bigman, former chief information security officer at the Agency, with whom numerous contracts have been signed for research on the use of malware, zero day exploits (a cyber attack that occurs on the same day a weakness is discovered in software), and APT tactics (technical solutions to an Advanced Persistent Threat).
FireEye has been identified as the possible origin of false cyber attacks, conducted with the aim of accusing Russia and Iran as culprits.
Russia was accused in 2017 of carrying out a global cyber attack that led to billion dollar losses in Europe, Asia, and the Americas. In a statement, the UK accused Russia of being behind the attack, an accusation backed by the White House.
President Vladimir Putin, visiting China at the time, immediately responded that the attack had nothing to do with Russia. “Microsoft has spoken directly about this,” Putin said. “They said that the first sources of this virus were the United States intelligence agencies.”
“A genie let out of a bottle of this kind, especially created by secret services, can then cause damage to its authors and creators,” Putin warned, noting the issue warranted immediate talks “on a serious political level.”
Chief Legal Officer of Microsoft, Brad Smith, noted that the malware was a modified version of one developed to penetrate Windows operating systems by the National Security Agency (NSA), which ended up in the hands of hackers.
THE “TERABYTE OF DEATH” AND OTHER VIRUSES
The U.S. Department of Defense has repeatedly announced that a major cyber attack of unknown magnitude could occur at any time on a global scale. The Director of Defense Information Systems Agency, Alan R. Lynn, stated that some years ago, an attack of one or two gigabytes was considered an important matter, but “Now, we get 600-gig attacks on the internet access points and unique, different ways of attacking that we hadn’t thought of before.”
“There’s now, we would call it the ‘terabyte of death’” he said, adding: “It’s just a matter of time before it hits us.”
May 12 of last year, the WannaCry ransomware infected 200,000 users in more than 150 countries. WannaCry is a file-encrypting virus that “hijacks” infected computers, requiring users to pay to get their files back.
“The scale of the attack causes us to believe that it may not be the work of lone wolves,” blogger Jose Luis Camacho told Russia Today, arguing that attacks of this magnitude require significant funding.
Part of the virus code matched a NSA created “cyber weapon” called EternalBlue, according to Bleeping Computer. With this tool, the attack exploits a known security breach of the Windows operating system that allows hackers to take control of a computer.
THE APPROVED PLAN JUSTIFIES CYBER ATTACKS AGAINST SUPPOSED ENEMIES
Trump rescinded the so-called “Presidential Policy Directive 20” (PPD-20), a confidential document signed by Obama made public in 2013, when the former NSA analyst, Edward Snowden, leaked 1.7 million files on U.S. espionage programs.
The PPD-20 forced the Pentagon and intelligence agencies to obtain the approval of other government departments before launching cyber attacks. The Pentagon now has free reign to act aggressively, leaving behind the defensive position maintained until now, according to Bolton.
The new strategy legalizes hacking and cyber attacks against other nations. What, then, can be expected from the experts in fabricating pretexts, false flag and simulated attacks? Or in allowing attacks to take place in order to achieve obscure purposes, as some claim was the case on September 11, 2001?
The new plan opens the path to a more dangerous scenario for world peace. Humanity must close ranks to halt this warmongering madness that extends to cyberspace.
Cuba promotes the peaceful and legitimate use of information and communications technology, and the opportunities offered by cyberspace for the development and welfare of humanity.