During the 19th century, Great Britain and Russia did battle over control of Asia’s expanse. A new 21st century contest is taking shape in cyberspace.
It’s one of the hottest questions circulating among cyberpunks, political junkies, and Facebook opinion-makers.
On Wednesday, October 12, 2016, Charlie Rose asked it of John Carlin, the now-former Assistant Attorney General and chief of the U.S. Department of Justice National Security Division.
“How did we determine that the Russians were behind the hacking of the DNC and perhaps John Podesta as well?”
Carlin’s long and not-quite-direct answer starts during the 2008 presidential election, when he briefed representatives from the Obama and the McCain campaigns on the fact that both had been “compromised” by Chinese hackers.
Free Reports:
Neither campaign was aware of the breach. But Carlin and the FBI knew, in part due to the use of “sensitive sources and methods to collect the information.” Those sources and methods had to remain secret.
“At that time,” Carlin notes, “we had known for a while that China, in particular, was committing economic espionage.”
The feds weren’t saying so publicly. Cyberattacks on the 2008 campaigns were treated as an intelligence problem, “as a secret issue, as it had for years when it came to spy versus spy.”
Carlin, who was then Special Counsel to the Director of the FBI, was able to observe up close the intelligence-gathering capabilities, in real-time, of his colleagues.
“How did we determine that the Russians were behind the hacking of the DNC and perhaps John Podesta as well?”
He describes “a system where you could watch on a huge jumbotron screen, Chinese actors, for instance, hop into a university, hop from the university into a company, and then you’d watch the data exfiltrated out of the United States.”
That’s literally billions of dollars worth of intellectual property and trade secrets. It wasn’t enough, however, to just watch it happen.
Interdiction and disruption became the order of the day as the Justice Department learned to address cyberthreats.
During his nearly 20 years with the Justice Department, Carlin, also former Chief of Staff to FBI Director Robert Mueller, prosecuted cybercriminals, including indictments of five Chinese military hackers for economic espionage in 2014 and terrorists such as the Boston Marathon bombers.
His last project involved crafting a “proportional response” to Russia after the U.S. government officially accused it of hacking the Democratic National Committee, leaking files and attempting to influence the presidential election.
Carlin stepped down on October 15 as the head of the Justice Department’s National Security Division, which was created as part of the reforms pushed through in the aftermath of the September 11, 2001, terrorist attacks “because of a failure to share information across the law enforcement and intelligence divide.”
In the new model, prosecutors work literally side by side with intelligence officers. Success is not defined by a post-attack prosecution but “by preventing the attack from occurring.”
“You’ve got to know what they know, and you’ve got to be creative as lawyers and look across the full set of legal tools.”
That kit includes federal prosecution. But it also includes diplomacy, the use of military force, Treasury Department sanctions such as asset freezes, and Commerce Department restrictions on trade with terror-sponsoring states.
That transformation, completed in 2013, meant that U.S. attorneys were retrained and teamed with FBI agents. Their efforts now concentrate on “four major threat actors”: Russia, China, North Korea, and Iran.
By 2014, the Justice Department was indicting five members of China’s People’s Liberation Army for economic espionage.
As Carlin tells it, uniformed members of the Chinese military were stealing technology from non-Chinese companies just ahead of those non-Chinese companies completing joint ventures or cooperation agreements with Chinese companies.
In the new model, prosecutors work literally side by side with intelligence officers. Success is not defined by a post-attack prosecution but “by preventing the attack from occurring.”
One theft involved sophisticated pipe technology.
Another focused on pricing information for a solar panel company that enabled a Chinese company to price-dump its own product. When a lawsuit arose out of these facts, the PLA stole the plaintiffs’ litigation strategy.
The Chinese have backed away from their aggressive cybertactics because we’re now capable of identifying actors and establishing costs for their actions. The United States and China have agreed a five-point document that includes the concession that it’s wrong to use military assets to acquire economic intelligence from private companies.
The Group of 20 has also recognized these five principles against cybertheft of intellectual property.
Carlin, quoting President Obama, noted that “cyberspace is the Wild West.
“If we’re going to bring law to this new frontier, it’s going to take agreements like” the U.S.-China arrangement.
The National Security Division’s other recent activities include the investigation of North Korea’s hack of Sony Corp. over its subsidiary Sony Pictures Entertainment’s release of the 2014 political satire/stoner comedy The Interview, which had great fun at the expense of Kim Jong Un.
Carlin and his colleagues had war-gamed cyberthreats posed by antagonistic nuclear-armed nation-states but never considered a real scenario triggered by a Seth Rogen/James Franco movie.
Carlin got to brief President Obama about the plot of the movie.
As for motivations behind the respective cyberattacks, the Chinese were in it for the old-fashioned profit: They could steal intellectual property and trade secrets rather than spend money on research and development.
The North Koreans wanted to avenge Dear Leader. Their society doesn’t allow such mockery. Their attack on Sony represented, in Carlin’s words, “an attack on our fundamental values,” including free speech.
So what’s up with the Russians? “They want to undermine confidence in our public election,” which would be consistent with their efforts “in Germany and other parts of the world.”
“So when we say the Russians are behind this, we are — the U.S. government is — pretty clear and pretty sure that that’s, in fact, true?”
“This is a country that, under its current leadership, is anti-democratic. It’s fundamentally opposed to the idea of democracy.”
Asked Charlie: “So when we say the Russians are behind this, we are — the U.S. government is — pretty clear and pretty sure that that’s, in fact, true?”
Carlin replied: “They wouldn’t say it unless we’re highly, highly confident that it’s so.”
“And when should we expect an indictment in Russia?”
According to Carlin:
So that’s a part of this all-tools approach. It’s important, one, to figure out who did it with high confidence, which you’ve seen. Two, to make it public, and you’ve seen us do that here and say, “It’s the Russians,” because if you’re going to be able to deter you gotta make sure the world knows we can figure out who did it. And then, third, be public about the fact that there will be consequences. What those consequences are have varied depending on the threat that we’ve faced when we’ve been trying out this new approach. It’ll be at a time and place of our choosing — not our enemy’s — and there may be things you do see and things you don’t see.
Charlie followed up by asking about everyone’s favorite anti-establishment “journalistic organization.” “What’s the connection between Russian hackers and WikiLeaks?”
Carlin responded, “So I’m not gonna address the specifics outside the statement that the Director of National Intelligence and Homeland Security put out.
“Look, there’s going to be a lot of mischievous, bad actors, ranging from those who want to undermine confidence in an election to terrorist groups who attack private companies in order to steal names to create kill lists, which is an actual case.”
We’ll have more — including social media and the threat of crowd-sourced terrorism, the “dark web,” and the risks involved with the Internet of Things and self-driving cars — in the second part of our breakdown of Carlin’s interview with Charlie in tomorrow’s issue of Wall Street Daily.
“Here we are, just as we were, snarling at each other, hating each other, but neither wishing for war.”
– Lord Palmerston, 1835
Smart Investing,
David Dittman
Editorial Director, Wall Street Daily
The post Cyberwarfare: Assessing 21st-Century Security Threats appeared first on Wall Street Daily.