A note about the index: The pages referenced in this index refer to the page numbers in the print edition. Clicking on a page number will take you to the ebook location that corresponds to the beginning of that page in the print edition. For a comprehensive list of locations of any word or phrase, use your reading system’s search function.
cyber warfare as priority of, 145–48, 149–50
Abkhazia, 164–65
Abraham Lincoln, USS, 147
Absolute Weapon, The (Brodie), 277
Afghanistan, 147, 182, 199, 229
U.S. war in, 208
Against All Enemies (Clarke), 240
agent.btz (computer worm), 182
Air Combat Command, Information Warfare Branch of, 107, 110
Office of Special Investigations of, 85, 87
Air Force Cryptology Support Center, 62
Air Force Information Operations Center, 225
Air Force Information Warfare Center (Air Intelligence Agency), 7, 32, 58–59, 85, 107, 108, 110, 111, 112, 122–23, 126, 137, 161, 176, 212, 223, 225, 292n–93n, 296n
Computer Emergency Response Team of, 62–63, 69, 73
demon-dialing counter-C2 plan of, 59, 64
Network Security Monitoring program of, 60–61, 62
Air Force Scientific Advisory Board, 51
Air Force Systems Command, 50
Alexander, Keith, 148–49, 173, 213
as Army deputy chief of staff for intelligence, 149–50
as Army Intelligence and Security commander, 148, 152, 154–55, 196
BuckShot Yankee and, 182–84
CNE and, 180
cyber warfare expertise of, 149, 157–58
Hayden’s conflicts with, 152–53, 154–55
infrastructure security and, 280–82
metadata and, 230, 231, 233, 253, 256
as NSA director, 152, 155–56, 174, 178–81, 182–84, 185–86, 187, 189, 204, 211, 214, 231, 244, 247, 252, 253, 256
Obama information-sharing bill opposed by, 281–82
PRISM and, 247
and Snowden leaks, 231
Stuxnet attack and, 204–5, 206
Turbulence and, 157–58
al Qaeda, 140, 142–43, 147, 151, 171, 192, 197, 240–41, 245
U.S. drone strikes on, 201, 208
Amazon, 102
American Civil Liberties Union (ACLU), 239
American Electrical Power Company, 167
Anderson, Jack, 288n–89n
Andrews, Duane, 54
Andrews Air Force Base, cyber attack on, 73, 74
AntiOnline, 77
AOL, PRISM and, 247
Apple, PRISM and, 247
Aristide, Jean-Bertrand, 58, 59
Intelligence and Security Command of, 148, 152–55, 196
Land Information Warfare Activity of, 32, 123
Army Intelligence Center, 148–49
Arquilla, John, 291n
Asia Society, Donilon’s speech at, 221–22, 226–27
Assad, Bashar al-, 160–61, 198
Assante, Michael, 166–67
@stake, 103
Aurora Generator Test, 166–69, 171, 174, 204, 206, 241
Australia, see five eyes
auto industry, 199
automobiles, hacking of computers in, 273n–74n
back doors, 8, 37, 73, 93, 235, 257
Baghdad, 22
Balad Air Base, Iraq, 159
Balkans, 1999 NATO bombing of, 112–14, 115, 119, 161
banking industry:
cyber security as low priority of, 175
2008 crisis in, 199
Basra, 22
Bates, John, 250
Baywatch (TV show), 112
beacons (cyber tracking code), 83, 181–82, 207
Beers, Rand, 46, 48, 49, 89, 95, 97
Bell Corporation, 44
Bellknap, Lloyd, 62
bin Laden, Osama, 89, 90, 140, 142–43
killing of, 239
Black Chamber, 11
Bloomberg Businessweek, 268
BND, 235
BNN, 95
Boeing, 132
Booz Allen Hamilton, 132, 172, 173, 176
Border Gateway Protocol, 93
Bosnia-Herzegovina, 110–11, 146
Bremer, L. Paul, 147
Brezhnev, Leonid, 12
Brown, Michael, 187–88
Buckshot Yankee, 185, 207, 276
Alexander and, 182–84
Bush, George H. W., 21, 24, 44, 66
Bush, George W., 3, 103, 171, 173, 175–76, 216, 225, 304n–5n
Iraq insurgency and, 150
Iraq invasion and, 142–43, 145, 147
Iraq troop surge ordered by, 158, 173
McConnell’s cyber warfare briefing of, 173–75, 187
Obama’s Stuxnet briefing by, 203
Stellar Wind and, 155n
Stuxnet and, 203, 205, 206, 208, 209, 212, 215
Bush (G.W.) administration:
cyber security as viewed in, 140–41
cyber warfare and, 3
terrorism as low priority of, 140–41
warnings on al Qaeda ignored by, 240–41
Butler, Robert, 279
Campbell, John “Soup,” 70–71, 110–11, 121, 122
JTF-CND headed by, 81–82, 83–84, 88
Canada, see five eyes
Cannon, Lou, 287n–88n
Carter, Ashton, 283
Cartwright, James, 219
Casablanca (film), 234–35
Casey, William, 27
Central Command, U.S., 145–46, 147–48, 149, 152, 207,
Central Intelligence Agency (CIA), 6, 27, 45, 49, 126, 146, 147, 151, 185, 229, 238–39
civil liberties abuses by, 192
Critical Defense Technologies Division of, 7
Hayden as director of, 215
Information Operations Center of, 113, 134, 161, 207
NSA interaction with, 133–34
Charney, Howard, 235
Cheney, Dick, 24, 140, 174, 203–4
Chilton, Kevin, 183
China:
information warfare and, 224
U.S. hacking of computer systems in, 227–28, 229
U.S. relations with, 221–28
China, cyber warfare by, 4, 85n, 198, 213, 220, 221–28, 242, 269
Google attack of, 234
intellectual property and trade secrets as targets of, 224–27, 308n
see also People’s Liberation Army
Christopher, Warren, 12–13
Church Committee, 37, 230, 252
“CIA Eavesdrops on Kremlin Chiefs” (Anderson), 288n–89n
Citibank, Russian hackers’ attack on, 42
civil liberties:
intelligence community and, 251–52, 259, 260
NSA and, 3, 20, 188, 192, 194–96, 231, 239, 244–52, 264
Protect America Act and, 194–95
Stone and, 239, 244, 251, 259, 264
Civil War, U.S., 4
Clapper, James, 231–33
Clarke, Richard, 139, 174, 175–76, 177, 191n, 200, 225, 274
books written by, 240–42
in Bush (G.W.) administration, 140–41, 143
as Clinton’s counterterrorism adviser, 89, 95–97
critical-infrastructure plan of, 239–40
FBI briefing and, 254–55
Hamre and, 95–96
L0pht and, 91–4
National Plan for Information Systems Protection written by, 100–105, 141–42
9/11 attacks and, 141
9/11 Commission testimony of, 240
PDD-63 as drafted by, 97–99
presumptuousness of, 95–96, 98, 101, 240
in Review Group, 240, 243, 245, 247, 251, 253, 254–55
Clinton, Bill, 3, 40, 55, 74, 87, 89, 96, 102, 115, 175–76, 239
cyber security summit of, 102–4
Executive Order 13010 of, 47, 48–49, 74
Haitian invasion planned by, 58–59, 107–8
PDD-39 of, 39–40
PDD-63 of, 95
Clipper Chip, 36–37, 40, 58, 100, 128, 239, 244
CNCI, see Comprehensive National Cybersecurity Initiative (CNCI)
Coalition Vulnerability Assessment Team, 65–66
Cold War, 4, 84, 129, 184, 284
cryptology in, 13
espionage in, 138–39
NSA and, 12
nuclear options in, 218
unspoken rules in, 272–73
command-control systems, 13, 15, 43, 51, 65, 224
Commerce Department, U.S., 34
cyber security as viewed in, 172–73
Comprehensive National Cybersecurity Initiative (CNCI), 177–78, 180, 198–99, 278
Computer Crime Initiative Plan, 41–42
computer industry:
cyber security as low priority of, 102–3, 104–5, 176
PDD-63 resisted by, 98, 99–100
Snowden leaks and, 234
Computer Network Attack (CNA), 122, 137–38, 180, 204, 211, 212, 219, 220, 281, 283
Computer Network Defense (CND), 122, 137–38, 180
Computer Network Exploitation (CNE), 137–38, 180, 204, 212, 281
computer networks, 33
IDS devices in, 176
infrastructure and, 41, 45, 52–53
inherent vulnerability of, 172, 174, 176–77, 179, 206–7, 241, 276–77
see also Internet
computers, computer software:
omnipresence of, 5
race between hackers and patchers in, 136–37
security of, see cyber security
zero-day vulnerabilities in, 137
Computers at Risk (National Research Council), 54
Computer Sciences Corp., 132
Computer Security Act (1987), 34
Computer Security Center (NSA), 18–19, 34, 60
Congress, U.S., 192
CNCI and, 178–79
defense authorization bills of, 46–47
select intelligence committees of, 256
Congressional Budget Office, 71
Constitution, U.S., Fourth Amendment of, 192, 250
Cornerstones of Information Warfare (Weaver), 108
corporations:
cyber security as low priority of, 102–3, 104–5, 176, 274
regulations feared by, 98–99, 101, 176, 200, 274–75
as reluctant to share information, 281–82
Cotter, George, 18–19
counter command-control (counter-C2) warfare, 15–16, 33, 41, 58, 59, 76, 84, 220
in Desert Storm, 21–25
counterinsurgency strategies, 148, 158–59, 160
Critical Foundations (Marsh Report), 53–55, 72, 80, 89, 94, 100, 139, 142, 166, 199, 241
“Critical Infrastructure Protection” (PDD-63), 95, 139
Clarke’s draft of, 97–99
computer industry objections to, 98, 99–100
see also National Plan for Information Systems Protection
Critical Infrastructure Working Group, 40–41, 42–43, 48, 51
Cryptolog, 219–20
Cuckoo’s Egg, The (Stoll), 61, 82–83
“cyber,” first use of term, 45–46
cyber attacks, cyber warfare, 4–6, 53
Abizaid’s prioritizing of, 145–48, 149–50
as acts of war, 214, 271, 317n
Alexander’s expertise in, 149, 157–58
banking industry and, 104, 275
Bush (G.W.) administration and, 3
on Central Command, 181–84, 185
by China, see China, cyber warfare by
denial-of-service, 102–3, 162–63, 213, 216
distinction between national security and property theft in, 227
Eligible Receiver in, see Eligible Receiver 97 cyber attack exercise
escalation of, 213–20, 273–74, 284
Gates’s concern about, 272–73
infrastructure as targets of, 104
and inherent vulnerability of networks, 276–77
against Iraq insurgents, 158–60, 173, 180
on Las Vegas Sands Corporation, 265–68
Law of Armed Conflict and, 25
Moonlight Maze and, 78–79, 81–88, 98, 119, 123, 187, 212–13, 223, 241, 276
morality of, 215
by North Korea, 4, 213, 216, 268–71, 272n
nuclear weapons vs., 215–16, 218
Obama administration and, 3–4
physical damage from, 166–69, 174, 198, 214, 215
political influence as goal of, 267
race between hackers and patchers in, 136–37
Reagan administration and, 1–3, 6–7
risks of, 212–13
secrecy of, 212, 214–15, 216, 219, 284–85
Solar Sunrise and, 74–78, 80, 81, 98, 101, 119, 120, 123, 183, 187, 241
terrorists and, 98
unintended consequences of, 217
U.S. military’s resistance to, 117–18, 119, 120
U.S. offensive operations in, 4, 48–49, 174, 211–12, 291n
zero-day vulnerabilities and, 137
see also hacking, hackers; information warfare; specific operations and attacks
Cyber Command, U.S., 4, 211, 279–80
Alexander as head of, 189, 211
combatant support mission of, 280, 283
consolidation of armed services cyber agencies under, 195
critical-infrastructure security mission of, 280–83
Defense Department network security mission of, 280, 283
McConnell’s proposal for, 185
Review Group recommendations for, 257
Rogers as head of, 282
Cyber Council, 176
CNE and, 139
cyber deterrence, 283
asymetrical response in, 277–78
Defense Science Board and, 278–79
McConnell and, 278
nuclear deterrence vs., 284–85
cyber-offensive teams, 211–12
Cyber Operations Policy Working Group, 217
cyber security, 17, 186, 243, 257
active defense (offensive operations) in, 281, 282, 283
air gaps in, 206–7
ARPANET and, 8–9
banking industry’s low priority for, 175
Bush (G.W.) administration complacency about, 140–41
Clinton’s summit on, 102–4
CNE and, 139
computer industry’s low priority for, 102–3, 104–5, 176
computer networks and, 33
Defense Science Board report on, 275–79
detection as goal of, 277
exponential rise in breaches of, 273–74
information-sharing and, 281–82
infrastructure and, 186–89
Internet and, 52–53
McConnell’s briefing of Bush on, 174–75
McConnell’s focus on, 172, 198, 278
military’s complacency about, 64, 105, 119
Obama’s prioritizing of, 200–201
resilience as goal of, 277
Review Group’s prioritizing of, 257–58
Wilhelm’s focus on, 40
as domain of warfare, 6
Cyberspace Policy Review, 199–200
Cyber War (Clarke), 241–42, 243
DarkSeoul, 269
data packets, 5–6, 131, 156, 157–58, 192–93, 194, 248, 249–50
DEF CON Hacking Conference, 136
defense contractors:
Chinese cyber attacks on, 224–25
hacking of, 41
Defense Department, U.S., 6, 18, 54, 67, 100, 257
Advanced Research Projects Agency (ARPA), 7
Critical Infrastructure Commission and, 49
cyber attacks on, 47
in Eligible Receiver, see Eligible Receiver 97 cyber attack exercise
hacking and, 41
infrastructure policy directorate of, 43–44
Internet connections to, 280
Microwave, Space and Mobile Systems office of, 19
Moonlight Maze cyber attack on, 78–79, 81–88, 119, 123, 212–13, 223
National Communications System of, 177
Solar Sunrise attack on, 74–78, 80, 81, 101, 119, 120, 123
Special Technological Operations Division of, 7
Strategic Leveraging Project of, 43
Defense Information Systems Agency (DISA), 65, 74, 75, 78, 80, 82
Defense Intelligence Agency, 57
cyber deterrence task force of, 279
cyber security report of, 275–79
“Information Warfare-Defense” task force of, 54
demon-dialing, 9–10, 59, 64, 112, 113, 161
denial-of-service attacks, 102–3, 162–63, 213, 216
Department of Defense Cyber Strategy, The (Carter), 283, 316n–17n
Depression, Great, 199
Desert Storm, Operation, 21–25, 29, 32, 74, 132–33, 149, 290n
civilian casualties in, 24–25
deterrence:
in cyber warfare, see cyber deterrence
Deutch, John, 49
Devost, Matt, 65, 66, 80–81, 273, 293n
digital communications:
data packets in, 5–6, 17–18, 131, 156, 192–93, 194, 248, 249–50
GCHQ’s collection of data from, 228–29
global switch from analog to, 25, 28–29, 30, 35, 126–27, 275–76
metadata in, see metadata
NSA’s collection of data from, 196–97, 228–29, 230–35, 237–64
PRISM and, 247–52
U.S. as hub of, 191–92, 193, 248
see also telecom companies
Donilon, Thomas, 187, 228, 238
Asia Society speech of, 221–22, 226–27
Earnest, Josh, 272n
East Germany, 235
eBay, 102
e-commerce, 102
Einstein (IDS project), 177, 179
elections, U.S.:
Electromagnetic Systems Laboratory, see ESL, Inc.
electronic counter measures, 14–15
Eligible Receiver 97 cyber attack exercise, 55, 57–58, 65–72, 75, 81, 90, 110, 119, 241, 275
Army’s refusal to participate in, 70
hacking of military communication and computer networks in, 57, 67, 68–69
as “no-notice” exercise, 67, 68
NSA Red Team in, 57, 66, 67–68, 69–71, 72, 76, 80, 182
postmortem briefing on, 70–71
Ellis, James, 117
Energy Department, U.S., 166
cyber security as low priority of, 172–73
espionage, 138–39
microwave technology and, 12–13, 16–17, 22, 132–33, 289n
Estonia, cyber attack on, 162–64, 165, 241
European Command, U.S., 19
Executive Order 13010, 47, 48–49, 74
F-35 Joint Strike Fighter aircraft, 224–25
Facebook, PRISM and, 247
Federal Bureau of Investigation (FBI), 63, 74, 77–78, 98, 269, 288n
National Infrastructure Protection Center of, 166
National Security Letters of, 254–55, 256, 260
Review Group briefings by, 254–55
Review Group recommendations for, 256
Federal Intrusion Detection Network (FIDNET), 100–102
Federal Trade Commission, North Korean cyber attack on, 213
fiber-optic cables, 132–33
global spread of, 30–31
FIDNET (Federal Intrusion Detection Network), 100–102
FireEye, 269
1st Armored Division, 149
FISA Court, 155, 192, 194, 195, 196, 197, 238, 244
metadata collection and, 245, 246, 253, 256, 261, 262, 263
Review Group’s recommendations for, 256–57
secrecy of, 233
five eyes (U.S., Great Britain, Canada, Australia, New Zealand):
command-control systems hacking exercises of, 65–66, 235
intelligence sharing by, 65
Flame computer virus, 205–6, 213
Ford Escape, hacking of, 273n
Foreign Assistance Act, 96
Foreign Intelligence Surveillance Act (1978), 196–97
Foreign Intelligence Surveillance Court, see FISA Court
Franco, James, 269
Freeh, Louis, 96
Gandy, Charles, 16
Gates, Robert, 4, 171, 174, 271, 304n–5n, 317n
cyber warfare as concern of, 272–73
“dark territory” metaphor of, 272
as defense secretary, 173, 184–89, 204, 209, 214
infrastructure security and, 280
Obama’s replacing of, 220
and plan for protection of civilian infrastructure, 186–89
Stuxnet and, 206
GEDA (Gain, Exploit, Defend, Attack) concept, 123
Gellman, Barton, 229
General Accounting Office, 47
General Services Administration, 97
Georgia, Republic of:
Russian invasion of, 164–66
Giambastiani, Edmund, 174
Gibson, William, 45–46
“Global Access Study” (NSA paper), 28–29, 30
Golan Heights, 161
Good Harbor, 241
Google:
Chinese cyber attack on, 234
PRISM and, 247
Gorelick, Jamie, 40–41, 45, 46, 48, 50, 51
cyber crime and, 41–42
Government Communications Headquarters (GCHQ), British, 116–17, 213
communications data collected by, 228
Gravell, William, 291n
Great Britain, 235
see also five eyes
Great Depression, 199
Greenwald, Glenn, 229
Grenada, U.S. invasion of, 145
Growing Vulnerability of the Public Switched Networks (National Research Council), 54
GRU, 84
Guardian, 228, 229
“Guardians of Peace,” 268
Gulf War, see Desert Storm, Operation
Gunman (Soviet spy device), 16
hacking, hackers, 5, 8, 33, 41, 47, 123, 136, 227–28, 229, 235
L0pht and, 90–91
of military sites, 42
Network Security Monitoring and, 60–61
of Social Security numbers and personal data, 265, 268
software patches and, 136–37
university computers as entry points for, 61, 73, 82
white-hat, 163
zero-day vulnerabilities and, 137
see also cyber attacks, cyber warfare
Hadley, Stephen, 174
Haiti, planned U.S. invasion of, 58–59, 64, 107–8, 112, 161
Hamre, John, 71, 74, 77–78, 80, 81, 86, 113, 120, 121, 122, 125, 153–54, 183, 296n
Clarke and, 95–96
Hanscom Air Force Base, 50–51
Hathaway, Melissa, 176–77, 279
Cyberspace Policy Review issued by, 199–200
Haver, Richard, 26, 27, 28, 32, 84
as Air Force Information Warfare Center commander, 122–23, 126
Alexander’s conflicts with, 152–53, 154–55
as CIA director, 215
CNE and, 138
“Director’s Work Plan for Change” of, 128–29
GEDA concept of, 123
as NSA director, 122, 125–26, 127–33, 135, 138, 151, 157–59
TAO and, 135
Trailblazer and, 132
Heath, James, 154
Hiroshima, atomic bombing of, 215
Homeland Security Department, U.S., 18, 142, 167, 179
CNCI and, 178
North Korean cyber attack on, 213
and protection of civilian infrastructure, 186
shortcomings of, 177, 186, 280, 281
Hoover, J. Edgar, 251–52
HowlerMonkey, 136
Hussein, Saddam, 21, 22–23, 25, 74, 110, 132, 143, 145, 241
IBM Selectric typewriters, 16
Idaho National Laboratory, 167, 204
Information Assurance Directorate (NSA), 18, 34, 66, 68, 92–93, 128, 133, 181, 201, 234, 257, 260, 276, 293n
Information Operations Center (IOC), 113, 134, 161
Information Operations Technology Center (IOTC), 124–26
information security, see cyber security
“Information Security: Computer Attacks at Department of Defense Pose Increasing Risks” (GAO report), 47
Information Security Directorate (NSA), 177
Information Sharing and Analysis Centers (ISACs), 97, 104, 139, 176, 274
“Information Terrorism: Can You Trust Your Toaster?” (Devost), 273
information warfare, 41, 58, 119, 161, 169, 208, 289n
and anti-Milosevic campaign, 112–18
China and, 224
command-control systems and, see counter command-control (counter-C2) warfare
and hunt for Serbian war criminals, 110–12
McConnell’s focus on, 31–32, 34–37
U.S. offensive operations in, 108–10; see also specific operations
see also cyber attacks, cyber warfare
infrastructure, 67
computer networks and, 41, 45, 52–55
cyber attacks on, 166–69, 174, 198, 212, 214, 215
as cyber attack targets, 104, 212
cyber security and, 186–89, 278, 280–84
Gates-Napolitano plan for protection of, 186–89
as targets of terrorist attacks, 39, 41, 42, 53
Infrastructure Protection Task Force:
Moonlight Maze investigation of, 86
Solar Sunrise investigation of, 74–75
Inglis, John C. “Chris,” 244–48, 252, 279
Inman, Bobby Ray, 21–22, 84, 128, 132
as CIA deputy director, 27
as naval intelligence director, 14, 26–27, 28
as NSA director, 12–13, 14, 17, 18–19, 27, 29, 133
in retirement from government service, 27–28
Institute for Advanced Studies (Princeton), 8
intelligence agencies:
civil liberties and, 251–52, 259, 260
lack of communication between, 171
public-private revolving door in, 172
International Atomic Energy Agency, 301n
Internet, 47, 58, 100, 164, 181, 188, 193, 207, 212
commercial encryption on, 35
cyber security and, 52–53
data packets on, 5–6, 131, 156, 157–58
discontinued NSA metadata program for, 253
domain name system of, 191
Estonia and, 162–63
North Korea disconnected from, 271–72
terrorism and, 35
vulnerability of, 93–94, 176–77
see also computer networks; World Wide Web
Internet Security Systems, 80
Interview, The (film), 269
intrusion-detection systems (IDS), 80, 81, 101, 120, 176, 177, 278, 281
Iran:
attack on, see Stuxnet
cyber attack on Las Vegas Sands by, 265–68
cyber warfare and, 4, 213, 265–68
nuclear weapons program of, 198, 201, 203–4, 212
Saudi Aramco attacked by, 213, 216
Shamoon computer virus developed by, 213
Iranian National Oil Company, 213
Iraq:
command-control network of, 22
insurgency in, 143, 147, 150, 156, 173, 180, 208, 216, 241
Kurds in, 160
lack of U.S. intelligence about, 22
NSA teams in, 159–60
Operation Desert Storm, 21–23, 29, 32, 74, 149, 151
Sunni-Shiite conflict in, 147, 160
U.S. invasion of, 142–43, 145, 147, 240
WMD inspectors expelled by, 74
Islam, Sunni-Shiite split in, 147, 160
Israel, 216
Iranian nuclear program and, 203–4
Stuxnet and, 207
Syrian reactor bombed by, 160–61, 198
Unit 8200 of, 161, 205, 207, 213
anti-Milosevic campaign of, 114–18, 119
and 1999 Balkans bombing campaign, 112–14, 119, 161
Jeep Cherokee, hacking of, 273n–74n
Johnson, Jeh, 270
Joint Chiefs of Staff, 32, 74, 146, 183
Information Operations Response Cell of, 76, 78
intelligence directorate (J-2) of, 22, 69
J-39 bureau of, see J-39
Joint Computer Conference, 8
Joint Intelligence Center, 22–23, 24, 29, 32, 132
Joint Special Operations Command (JSOC), 150, 151–52, 156
Joint Task Force-Computer Network Defense (JTF-CND), 81–82, 83–84, 88, 105, 120–21, 183, 187, 276, 296n
Joint Task Force-Computer Network Operations (JTF-CNO), 122, 136
bureaucratic obstructions to, 146–47
Joint Task Force-Global Network Operations, 183
Justice Department, U.S., 63, 155
cyber crime and, 41–42
Information Infrastructure Task Force Coordinating Committee of, 42
Infrastructure Protection Task Force of, see Infrastructure Protection Task Force
Section 215 case and, 262
Kaspersky Lab, 210
Kelly Air Force Base, see Air Force Information Warfare Center
Khamenei, Ayatollah Ali, 266
Kim Jong-un, 269
Kingsley, Ben, 31
Kuwait, 21
Kuwait City, 22
L0phtCrack, 92
Lacombe, Phillip, 52–53
Lake, Anthony, 40
Lane, Charles, 44
Langley, Va., 6
Lasker, Lawrence, 9–10, 32, 287n
Las Vegas Sands Corporation, cyber attack on, 265–68
Law of Armed Conflict, 25
Lawrence Berkeley National Laboratory, 61–62
Lawrence Livermore National Laboratory, 62
Levitt, Karl, 62
Liberty and Security in a Changing World (Review Group report), 255, 258–59, 285
Lieberman, Joe, 95
Lockheed Martin, 120
Chinese cyber attack on, 224–25
LoudAuto, 136
Lukasik, Stephen, 9
Lute, Jane Holl, 188, 189, 302n–3n
McAfee, Chinese cyber attacks tracked by, 226
McCarthy, John, 97
as JSOC commander, 150, 151–52
McConnell, John “Mike,” 57, 169, 183, 194, 248
Bush briefed on cyber warfare by, 173–75, 187
Clipper Chip and, 36–37, 40, 58, 128
CNCI plan of, 177–78, 198–99, 278
Cyber Command proposed by, 185
cyber deterrence and, 278
cyber security as priority of, 172, 198, 278
as director of national intelligence, 171–78, 191–92, 216
FISA and, 192–93
information warfare as priority of, 31–32, 34–37
as Joint Intelligence Center head, 22–23, 29
as NSA director, 29, 30–37, 128, 133, 172, 173, 193
Obama’s replacing of, 200
in pre-election briefing of Obama, 197–98
Sneakers as epiphany for, 33
McDermott, Thomas, 68
McDonough, Denis, 238
McVeigh, Timothy, 39
MAE East, 191n
MAE West, 191n
Makaveli (pseudonym), 77–78
Maliki, Nouri al-, 160
malware, 182, 205–6, 207–8, 266
Mandia, Kevin, 85, 87, 223, 225, 269, 292n–93n
Mandiant, 85n, 222–23, 225, 226, 269, 292n
Marine Corps, Computer Network Defense unit of, 123
Marsh, Robert T. “Tom,” 50, 51, 52, 72
Marshall, Richard H. L., 24–25, 68
Marsh Commission, 98–99
Marsh Report (Critical Foundations), 53–55, 72, 80, 89, 94, 100, 139, 142, 166, 199, 241
Mellon, Christopher, 35
Merkel, Angela, NSA hacking of, 235, 260
Alexander and, 230, 231, 233, 253, 256
FISA Court and, 245, 246, 253, 256, 261, 262, 263
NSA’s collection and storage of, 64, 194–97, 230–35, 238, 245–47, 252–54, 261–62, 263
Obama “white paper” on, 238
telecom companies and, 194, 247, 248, 253, 263
USA Freedom Act and, 263
microwave technology, espionage and, 12–13, 16–17, 22, 132–33, 289n
military, U.S., 121
classified networks of, 276
cyber security as low priority of, 64, 105, 119, 120
cyber warfare resisted by, 117–18, 119, 120
Solar Sunrise cyber attack on, 74–78, 183
Military Intelligence Branch 8 (MI-8), 11
military networks, limited Internet connectivity to, 212
Miller, Charlie, 273n–74n
Miller, James, 279
information warfare campaign against, 112–18
Mimikatz, 266
Minihan, Kenneth, 74, 75, 90, 107, 108, 161, 184, 205, 233, 245
as Air Force Information Warfare Center commander, 58–59, 126
as Air Force intelligence chief, 64
as Defense assistant chief of staff for intelligence, 108
as Defense Intelligence Agency director, 57
Eligible Receiver 97 and, 57, 65, 66, 71
as NSA director, 57, 58, 64, 122, 123–24, 125–26, 127, 128, 129, 131, 157, 179–80
TAO and, 134–35
Misawa Air Base, Japan, 32
MIT (Massachusetts Institute of Technology), 9, 61, 73
Mitchell, Andrea, 232
Money, Art, 105, 122, 153, 279, 296n
as assistant secretary of defense, 119, 120, 124–25
MonkeyCalendar, 136
Moonlight Maze Coordination Group, 86–88
Moonlight Maze cyber attack, 78–79, 81–88, 98, 119, 123, 187, 212–13, 241, 276
Morell, Michael:
NSA case files reviewed by, 252–53
in Review Group, 238–39, 252–54, 256
Morris, Robert, Sr., 60
Morris, Robert T., Jr., 60
Moscow, U.S. embassy in, 12, 289n
Mossad, 207
Mudge, see Zatko, Peiter
Mullen, Mike, 183
Murtha, Jack, 193
Nagasaki, atomic bombing of, 215
Napolitano, Janet, 186–89
NASDAQ, North Korean cyber attack on, 213
cyber attack on, see Stuxnet
National Bureau of Standards, 34, 36
National Geospatial-Intelligence Agency, 152
National Infrastructure Protection Center, 166
National Institute of Standards and Technology, 34, 36
National Intelligence Directorate, 176, 242–43
National Military Command Center, Eligible Receiver hacking of, 68–69
National Military Strategy for Cyber Operations, 211
National Plan for Information Systems Protection, 100–105, 139, 141–42
“National Policy on Telecommunications and Automated Information Systems Security” (NSDD-145), 2–3, 7, 19–20, 27, 34, 54, 67, 72, 100, 188, 195, 241
National Research Council, 54
National Security Agency (NSA), 6–7, 12–13, 18–19, 27, 30–37, 54, 74, 78, 100, 110, 119, 122, 123–40, 147, 158, 176, 195, 219, 269, 288n
Alexander as director of, 152, 155–56, 174, 178–81, 182–84, 185–86, 187, 189, 204, 211, 214, 231, 244, 247, 252, 253, 256
anti-Milosevic campaign and, 114–15
Army’s relations with, 151
Bauded Signals Upgrade program in, 14, 22, 28
broken personnel system of, 129–30
CIA interaction with, 133–34
civil liberties and, 3, 20, 188, 192, 194–96, 231, 239, 244–52, 264
Clarke’s visit to, 90
CNCI and, 178
Cold War and, 12
communication service providers and, 194
Computer Security Center of, 18–19, 34, 60
Congress and, 3, 20, 27, 195–96
counter-C2 campaign of, 16
Data Network Technologies Branch of, 136
digital communications data collected by, 196–97, 228–29, 230–35, 237–64
domestic surveillance by, 230–35
in Eligible Receiver 97 cyber attack exercise, see Eligible Receiver 97 cyber attack exercise
executives’ report on shortcomings of, 127–28, 129–33
as falling behind in digital technology, 126–27, 128, 129
Flame virus of, 213
fusion of Cyber Command and, 243, 260
“Global Access Study” of, 28–29, 30
Hayden as director of, 122, 125–26, 127–33, 135, 138, 151, 157–59
Information Warfare Directorate of, 32, 40
infrastructure security and, 280
IOTC of, 124–26
Iraq teams of, 159–60
McConnell as director of, 29, 30–37, 128, 133, 172, 173, 193
metadata collection and storage by, 64, 194–97, 230–35, 238, 245–47, 252–54, 261–62, 263
Minihan as director of, 57, 58, 64, 122, 123–24, 125–26, 127, 128, 129, 131, 157, 179–80
Mission Infrastructure Technologies Branch of, 136
Moonlight Maze attack and, 79
“One Hundred Days of Change” at, 130
origins of, 11–12
potential for abuse by, 251–52, 254, 264
PRISM program of, 247–52
and protection of civilian infrastructure, 186–89
Red Team of, 57, 66, 67–68, 69–71, 72, 75, 76, 80, 182, 275
Review Group briefings by, 244–52
Review Group recommendations on, 256–57
Rogers as director of, 282
RTRG program of, 158–60
Scientific Advisory Board of, 11
secrecy of, 3, 178, 214–15, 234
security complacency at, 17, 34
Snowden leaks and, 64, 194, 228–30, 234, 242, 244, 245, 251, 257–59, 262, 282, 285, 298n
Stellar Wind program of, 155n
Stone’s speech to, 264
Studeman as director of, 126–27, 275–76
Telecommunications Network Technologies Branch of, 136
Trailblazer program of, 132, 156–57
Turbulence program of, 157–58
National Security Agency (NSA), SIGINT Directorate of, 4–5, 18, 22, 29, 30, 33, 34, 90, 93, 125, 128, 130–31, 133, 172, 181, 204, 205, 207, 257
changing role of, 214–15
“Global Network” operations of, 131
“Global Response” operations of, 131
ground commanders and, 156, 185
Tailored Access Operations of, see TAO
National Security Council (NSC), 40, 97, 140, 150, 187, 188, 227
National Security Directive 42, 66
National Security Letters, 254–55, 260
Review Group recommendations for, 256
National Strategy to Secure Cyberspace, The, 141–42, 174, 199
Naval Postgraduate School, 148
cryptology labs of, 7
intelligence operations of, 14, 26–27
Naval Information Warfare Activity of, 32, 123
Nellis Air Force Base, 107
Netscape Matrix, 35
Network Security Monitoring, 60–63
Neumann, John von, 8
Neuromancer (Gibson), 45–46
New York, N.Y., telecommunication switches in, 45
New York Stock Exchange, North Korean cyber attack on, 213
New York Times, 101
Chinese hacking of, 223
New Zealand, see five eyes
NightStand, 136
Nixon, Richard, 251–52
Noonan, Robert, 153–54
North American Aerospace Defense Command (NORAD), 1, 10
North Atlantic Treaty, Article 5 of, 163
North Atlantic Treaty Organization (NATO), 110, 163, 273
cyber warfare and, 4, 213, 216, 268–71, 272n
Internet shutdown in, 271–72
Sony cyber attack by, 268–71, 272n
Northrop Grumman Corporation, 127, 132
NSDD-145 (“National Policy on Telecommunications and Automated Information Systems Security”), 2–3, 7, 19–20, 27, 34, 54, 67, 72, 100, 188, 195, 241
cyber warfare vs., 215–16
critical infrastructure hearings of, 47–48
Obama, Barack, 186, 187, 197–98, 201, 249, 259, 304n–5n
Bush’s Stuxnet briefing of, 203
Chinese cyber attacks and, 221–28, 235
and cyber attack on Sony, 270–71
cyber security as priority of, 200–201
drone strikes supported by, 208
“Improving Critical Infrastructure Cybersecurity” executive order of, 274
intelligence review panel appointed by, see President’s Review Group on Intelligence and Communication Technologies
PPD-20 of, 217–20, 228, 314n–15n
Stuxnet and, 203, 208–9, 210, 212
terrorism as priority of, 197–98
Xi’s summits with, 228–29, 308n
Obama administration:
cyber warfare and, 3–4
metadata “white paper” of, 238
Office of Technology Assessment, U.S., 43
Oklahoma City bombing, 39, 40, 89, 175
Olympic Games, Operation, see Stuxnet
Orchard, Operation, 161
Pace, Peter, 211
Pacific Gas & Electric, 52–53
Pakistan, U.S. drone strikes in, 201, 208
Paladin Capital Group, 233
Paltalk, PRISM and, 247
Panetta, Leon, as defense secretary, 220
Patriot Act (2001), 192
Section 215 of, 245–46, 252–53, 261–63
Section 505 of, 254
sunset clause in, 261–63
PDD-39 (“U.S. Policy on Counterterrorism”), 39–40, 46, 89
PDD-63, see “Critical Infrastructure Protection” (PDD-63)
People’s Liberation Army, Unit 61398 of, 222–23, 225, 226, 242, 269
Perry, William, 14–15, 67, 76, 124, 184, 220
as secretary of defense, 57–58, 59, 66–67, 120
Persian Gulf, 74
Petraeus, David, 158–59, 160, 173
phishing, 136
Physical Vulnerability of Electric Systems to Natural Disasters and Sabotage (U.S. Office of Technology Assessment), 43–44
PlayStation network, hacking of, 268
Poitras, Laura, 229
Polaris missile, 120
Pollard, Neal, 75
Powell, Colin, 23, 30, 32, 59, 64
Power, Samantha, 239
PPD-20 (“U.S. Cyber Operations Policy”), 217–20, 228, 314n–15n
President Reagan: The Role of a Lifetime (Cannon), 287n–88n
President’s Commission on Critical Infrastructure Protection, 49–55, 74
Marsh as chairman of, 50
members of, 49–50
Minihan’s Eligible Receiver briefing to, 72
report of, see Marsh Report (Critical Foundations)
President’s Review Group on Intelligence and Communication Technologies (Review Group), 235, 238–40, 242–60, 264
cyber security prioritized by, 257–58
deadline of, 242
FBI’s briefings of, 254–55
NSA metadata collecting examined by, 245–47, 252–54, 262
Obama’s meetings with, 242, 259
and potential for abuse by intelligence agencies, 251–52, 259, 260
PRISM and, 247–48
public trust as priority of, 237–38, 258
report of, see Liberty and Security in a Changing World
programmable logic controllers (PLCs), 204–5
Protect America Act (2007), 193–95
civil liberties and, 194–95
Section 702 of, 248–49
Putin, Vladimir, 162
RageMaster, 136
RAND Corporation, 8, 10, 51, 278, 316n
RATs (Remote Access Trojans), 225–26
Rattray, Gregory, 225
RCA, 19
Reagan, Ronald, 7, 19, 27, 67, 72, 183, 287n
counter-C2 warfare and, 15–16
Executive Order 12333 of, 288n
NSDD-145 of, 2–3, 7, 19–20, 27, 34, 54, 67, 72, 100, 188, 195, 241
“Star Wars” program and, 2
WarGames and, 1–3, 6, 10, 19, 175
Reagan administration, 54
Redford, Robert, 31
regulation, corporate fear of, 98–99, 101, 176, 200, 274–75
Remote Access Trojans (RATs), 225–26
Reno, Janet, 39–40
resilience, as goal of cyber security, 277
Review Group, see President’s Review Group on Intelligence and Communication Technologies
Rhoads, Walter “Dusty,” 107–8, 120, 121
Rice, Condoleezza, 140–41, 150, 174
Riedel, Bruce, 199
Ronfeldt, David, 291n
RTRG (Real Time Regional Gateway), 158–60, 195
Rumsfeld, Donald, 150–51, 155, 173
Iraq insurgency downplayed by, 148, 150
Russian Federation:
CentCom hacking and, 182
and cyber attack on Georgia, 164–66
cyber attacks by, 4, 42, 164–66, 224
Estonian cyber attack and, 163–64, 165
Georgia invaded by, 164–66
Moonlight Maze and, 86–88, 213, 223
Sandia Laboratories, 111
Sare, Michael, 71
Saudi Aramco, Iranian cyber attack on, 213, 216
SCADA (Supervisory Control and Data Acquisition) systems, 45
Schaeffer, Richard, 181–82, 276
Schell, Roger, 293n
Schmidt, Howard, 188
Schoomaker, Peter, 150–51
Schwarzkopf, Norman, 23, 25, 151
Science Applications International Corporation (SAIC), 132
Scowcroft, Brent, 44
2nd Circuit Court of Appeals, U.S., Section 215 ruling of, 262–63
Secret Service, North Korean cyber attack on, 213
“Security and Privacy in Computer Systems” (Ware), 8–9
Senate, U.S.:
Armed Services Committee of, 46, 71, 283
Church Committee of, 37, 230, 252
Foreign Relations Committee of, 197
Governmental Affairs Committee of, 48, 94
Intelligence Committee of, 35–36
Select Committee on Intelligence of, 126, 127, 231–33, 256
sensitive compartmented information facilities (SCIFs), 243
September 11, 2001, terrorist attacks, 3, 140–41, 155, 171, 174, 192, 195, 241, 244, 261
Serbia, U.S. hacking of phone systems in, 113, 132
Shady RAT, Operation, 226
Shalikashvili, John, 67, 68, 146
Shamoon computer virus, 213–14
Siemens, logic controllers of, 204–5, 206, 211
Signal Security Agency, 11
609th Information Warfare Squadron, 7, 108–10, 120
60 Minutes (TV program), 240
Skype, PRISM and, 247
Slocombe, Walter, 44
Snowden, Edward, 194
NSA programs leaked by, 63–64, 228–30, 231, 234, 242, 244, 245, 251, 257–59, 262, 282, 285, 298n
Social Security, 99
Social Security numbers, hacking of, 265, 268
Solar Sunrise cyber attack, 74–78, 80, 81, 98, 101, 119, 120, 123, 183, 187, 241
Sonic.net, 77
Sony Online Entertainment, hacking of, 268
Sony Pictures Entertainment, North Korean cyber attack on, 268–71, 272n
South China Morning Post, 229
South Korea, North Korean cyber attacks on, 213, 269
collapse of, 162
Sputnik II, 119
Stabilization Force (SFOR), 110–12
“Star Wars” program, 2
Stasi, 235
Stellar Wind, 155n
Stimpy (pseudonym), 77–78
Stimson, Henry, 11
Stone, Geoffrey:
civil liberties expertise of, 239, 244, 251, 259, 264
in Review Group, 239, 244, 246, 250–52, 253, 254, 264
Strategic Command, U.S., 183
Studeman, William, 21–22, 26, 27, 28, 30, 42, 84, 128
as acting CIA director, 45
as CIA deputy director, 41
information warfare as focus of, 41
as NSA director, 126–27, 275–76
Stuxnet, 201, 213, 216, 217, 218–19, 228, 242, 304n–5n
Bush and, 203, 205, 206, 208, 209, 212, 215
centrifuges speed manipulated by, 209
exposure of, 210–11
false data sent to monitors in, 208, 209
Gates and, 206
Iranian confidence as target of, 208
Israel and, 207
Natanz centrifuges targeted by, 203
Obama and, 203, 208–9, 210, 212
Siemens logic controllers infected by, 204–5, 211
successes of, 209–10
TAO and, 205–7
valve controls overridden by, 207–20
Summers, Lawrence, 200
Suter, 161
Swire, Peter, 239–40, 243–44, 251, 253, 255
Sylvania Labs, 14–15
Syria:
cyber attacks by, 4
Israeli bombing of reactor in, 160–61, 198, 301n
Taiwan, 224
Tallinn, Estonia, 165
cyber attack on, 162–64
Tango, Operation, 111
TAO (Office of Tailored Access Operations), 135–37, 156, 158, 182, 195, 273n
hacking software of, 136
Hayden and, 135
Minihan and, 134–35
Snowden leaks and, 229–30
Stuxnet and, 205–7
tools and techniques of, 298n
Technical Advisory Group, 126
telecom companies:
metadata collection and, 194, 247, 248, 253, 263
Snowden leaks and, 234
telecommunication networks, switches in, 44–45
Tenenbaum, Ehud (The Analyzer), 77, 78
terrorism, terrorists:
Bush (G.W.) administration complacency about, 140–41
CNE and, 139
cyber attacks by, 98
FISA and, 192
infrastructure as targets of, 39, 41, 42, 53
Internet and, 35
Obama’s focus on, 197–98
post-9/11 fear of, 195
Thompson, Fred, 95
thumb drives, malware on, 182, 207, 304n
Thurman, Max, 145
Titan Rain, 224
Toyota Prius, hacking of, 273n
Transportation Department, U.S., North Korean cyber attack on, 213
Treasury Department, U.S.:
cyber security as low priority of, 172–73
North Korean cyber attack on, 213
“Trilateral Memorandum Agreement,” 216–17
Truman, Harry, 12
Unit 8200 (Israel), 161
United States:
Chinese relations with, 221–28
as digital communications hub, 191–92, 193, 248
see also five eyes
university computers, as entry points for hackers, 61, 73, 82
UNIX operating system, Sun Solaris vulnerability in, 73–74
U.N. Security Council, 58
USA Freedom Act (2015), 263
USA Patriot Act, see Patriot Act
“U.S. Cyber Operations Policy” (PPD-20), 217–20, 228, 314n–15n
“U.S. Policy on Counterterrorism” (PDD-39), 39–40, 46, 89
Vatis, Michael, 46
VeriSign, bandwidth map of, 191, 193
Vessey, John “Jack,” 2, 6, 7, 19, 287n–88n
VirusBlokAda, 210
voice encryption, 36–37
Walmart, 52
Ware, Willis, 8–9, 10, 17, 34, 51, 54, 241, 276
WarGames (film), 1–3, 6, 9–10, 19, 32, 42, 59, 65, 77, 94, 175, 287n
Washington Post, 228, 241, 288n–89n
weapons of mass destruction (WMDs), 74
Weaver, Andrew, 108
Wells, Linton, 44
West Point, U.S. Military Academy at, 148
Wilhelm, Richard, 22, 33, 42, 48, 97
in Critical Infrastructure Working Group, 40–41
as NSA director of information warfare, 32, 40
World Trade Center:
9/11 attack on, 141, 171, 174, 241
1993 bombing of, 35
World War I, 11
see also Internet
Wright-Patterson Air Force Base, cyber attack on, 78–79, 84
Wyden, Ron, 232–33
Y2K crisis, 99
Yeltsin, Boris, 87
Zatko, Peiter (Mudge), 91–95, 98, 102–4, 274
zero-day vulnerabilities, 137, 206
Obama policy on exploiting of, 260–61
Review Group recommendations for, 25