NOAA WEATHER STATION – THE AZORES – NIGHT

SUPERIMPOSE: NOAA WEATHER STATION – THE AZORES

A HARBIN Z-9 military helicopter hovers silently above the antenna clad nondescript building as a team of soldiers in head to toe black rappel to the rooftop.  Though they wear masks, their eyes reveal them as members of the Chinese People’s Liberation Army.

With bolt cutters, they sever cables from the antennas in a flash of sparks, and toss a flash/bang grenade into the main operations room, blowing up the computers, monitors and displays.  A charred American flag flutters in the wind. Surveying the damage, the TEAM LEADER gives a thumbs up, and the team ascends back to the helicopter.

HOOVER DAM CONTROL CENTER – DAY

Klaxons warn of impending disaster. Engineers frantically running about, as an indicator warns “LOW PRESSURE.” Engineers attempt to gain control of the situation, but are unable to do so. The main floodgates slowly open releasing millions of gallons of water into the river below, which swells and overwhelms towns and villages. A team of PLA soldiers, dressed as civilians, casually walk away from the Dam, mingling with tourists and fiddling with cameras.

BRENTWOOD POSTAL SORTING FACLITY – BRENTWOOD MARYLAND – DAY

Black SUV’s surround the USPS facility, and teams of Russian troops in full camouflage and AK-47’s file out of the vehicles in unison.  They kick in the door of the facility, surprising the bureaucrats and Postal workers there.  An older African-American worker resists, and received the butt end of the Kalashnikov.  The soldiers kick over and destroy sorting equipment and steal piles of mail and files from filing cabinets.  As they leave, they use an acetylene torch to weld the doors shut.

Sounds like scenes from a Hollywood blockbuster.  Chinese and Russian military agents, working with organized crime figures and common thieves wage war against the United States, destroying infrastructure, stealing secrets, stealing money.

They infiltrate government agencies, they pose as ordinary Americans, and they wage war against the U.S. military.  They plan covert operations within the U.S., and strike at will.  Of course, in the movie version, some plucky former soldier (let’s say Channing Tatum) and a band of rogue misfits uncover the plot and restore order.

If these things were to happen in the physical world, if the destruction of the infrastructure was done through kinetic attacks (things that go boom) and the espionage done through what the community calls “HUMINT” and we normally call “spies,” these actions would undoubtedly constitute acts of war and would come under the auspices of the Law Of Armed Conflict (LOAC.)

Yet all of these things are happening and more.  State sponsored, state tolerated and state encouraged acts of crime, theft, espionage and destruction against U.S. military and civilian infrastructure occur every day.

Most recently the National Oceanic and Atmospheric Administration (NOAA) and the National Weather Service (NWS) have blamed erroneous weather reports and tornado warnings on cyber attacks to their infrastructure, which they have alleged, have been the work of the Chinese military.

The Russian hacker group APT28 (Advanced Persistent Threat) reportedly hacked entities in Eastern Europe and NATO organizations.   While in a cyber cold war scenario Russian government hackers attempt to penetrate the White HouseThe US Postal Service is hacked by Chinese (possibly government) agents, while more than 40 thousand computers are attacked by a Chinese hacker group (Axiom) with alleged ties to the Central government.   And that’s just in the past week.

As Rufus T. Firefly would say, “You realize, of course, this means war…”

But of course, it doesn’t.

China, and now to a lesser degree Russia are our “frenemies.”  We work with them in some contexts (buddy, can you spare a trillion?) and fight them in others.  Nowhere is this contrast more start than in the area of cyber-warfare.

This includes cyber attack and destruction, cyber fraud and theft, cyber espionage and intellectual property infringement, and flat-out cyber war.  Unlike the scenarios in the fictional screenplay, the real attacks going on every day occur not though black helicopters, but black fiber.  We can’t (or don’t want to) attribute these attacks to specific nations or specific military organizations, merely noting that the attacks come from “China” or “Russia” and may be “state sponsored.”

This ambiguity serves the interests of both parties.  My intimating (but not saying) that attacks on the US government and critical infrastructure are deliberate acts by foreign governments, we can try to get more budgets for cybersecurity, raise awareness of the (genuine) threat, and further perpetuate the cycle of Fear Uncertainty and Doubt (FUD).  You realize, of course, this means war.  It also means a greater role of the federal government in promoting cybersecurity particularly in the critical infrastructure.

And not in a “government conspiracy to take over the private sector” kind of way.  But more in the “common threat” and “common enemy” kind of way.  Airline security – to prevent thieves and criminals is the responsibility of the airlines.  Airline security – to prevent terrorists, bombers and hijackers – is the responsibility of the various governments.  A bank is prepared to deal with a burglar or a robber.  Not a military operation.   So we want people to know about the genuine or potential threat from state actors and state sponsored actors.

But not too much.

After the NOAA/NWS hack, it took the government months to tell Congress what happened, much less the American people.  These are the same people that criticize companies like Target for failing to notice and report a theft of credit card data for ten days.  If we want more resources in prevention, we need to be more open about the consequences of not preventing attacks.

But we also don’t want to be at war.  War is inconvenient and has a lot of collateral consequences, like interruption of commerce.  So we know about the attacks, we criticize them, our leaders talk about them and we scold the Chinese premier about the attacks.

But we don’t see the U.S. President at the dais before a Joint Session of Congress exclaiming, “Yesterday, November 7, 2014, a date which will live in cyber-infamy.  The critical infrastructure of the United States of America was suddenly and deliberately attacked by naval and air forces of the People’s Liberation Army and the Armed Forces of the Russian Federation.  I ask that the Congress declare that since the unprovoked and dastardly attack by China and Russia, a state of war has existed between the United States and these nations.”

Not. Gonna. Happen.

Cyber warfare is convenient because it has deniability, is not attributable, indirect consequences, and may or may not constitute an act of war.  Even if it is an act of war, we don’t see people in the streets protesting and demanding action.  We don’t see pundits on TV asking to resume the draft, or calling for “boots on the ground.”  We absorb the costs of cyber war as a cost of doing business.

Instead of “boots” we have “reboots.”  We patch up the damage, and move on.  And of course we likely do the same things to our adversaries (“I’m shocked, shocked to see that there’s gambling going on here…”)   There’s been a great deal of literature on the issue of whether the Law of Armed Conflict applies to cyberspace (hint, it does), but the bottom line is that we are at war when we say we are at war and are prepared to deal with the consequences of war.  And frankly, we’re not there.  Not yet.  Not by a long shot.

So we keep preparing for a war that honestly started decades ago and have been escalating.  And we keep telling our citizens not to worry, everything is under control.

And that’s probably the best strategy.  For now.  But we should recognize that we are at war, albeit a cold and electronic one, and will be for decades to come.  And that the battlefield includes not just “Flander’s Field” but banks, hospitals, power plants, insurance companies, manufacturing, chemical plants, etc.

The reason the government must do a better job reporting to the public when they have been breached is not because we want to embarrass them.  It’s because that’s what information sharing and preparedness means.  We can all be more secure if we appreciate the scope of the threat.  And more panicked.  So let me get typing on the NEW screenplay.

Leave a Reply