More on this book
Community
Kindle Notes & Highlights
Read between
February 28 - March 16, 2024
As the story told in this book makes clear, parts of the US government—and many other governments—saw all the signs that our chief adversaries were headed toward a new vector of attack. Yet the United States was remarkably slow to adapt to the new reality.
We first talked in 2011 a few months after Dagan had been ousted from his job by Prime Minister Netanyahu. It was clear he was still bitter about his ouster. He variously derided Netanyahu as a terrible manager and an incompetent warrior. Rightly or wrongly, Dagan believed that Netanyahu had gotten rid of him because the Mossad chief, like other Israeli intelligence leaders, opposed efforts by the prime minister to bomb Iran’s nuclear facilities.
Gone were the days of open demonstrations of military might that invited retaliation, escalation, and international condemnation. Gone were the days of occupying territory. The defense of Israel, he insisted, required subtlety and indirection.
“I don’t trust him,” Dagan said of Netanyahu.
As Cartwright himself has since acknowledged, he made an error of judgment in agreeing to be interviewed by the FBI without a lawyer present; he said he thought they were all on the same side.
when he was indicted, it was for lying to the FBI about when and how we had met.
Every US military operation requires the sign-off of lawyers, but figuring out what was permissible under the laws of war was particularly difficult in cyberspace. (This was a uniquely American problem, one that did not slow down the Russians, the Chinese, or the North Koreans.)
Most of the targeted financial institutions decided it was better to shut up than to admit the existence of the attacks. JPMorgan Chase, which had openly acknowledged previous denial-of-service attacks, determined this one was so large that it was better to say nothing. Their customers were left in the dark.
the White House felt it had to hide the evidence that Iranians were behind the attacks. So that central fact was immediately classified.
revealing who was responsible would force a discussion of what the administration was going to do about the attacks.
made Washington seem clueless when in fact it knew the answer.
cyberweapons get built the way everything else gets built—by private firms.
“Many of our targets communicate over Huawei-produced products,” one NSA document describing Shotgiant reported. “We want to make sure that we know how to exploit these products,” it added, to “gain access to networks of interest” around the world.
“The question is no longer which industries China is hacking into. It’s which industries they aren’t hacking into.”
Any firm built in an authoritarian, government-takes-all environment is going to turn over to the state whatever data it is told to turn over.
At the heart of Cook’s dispute with the government was whether it was more important for Apple to secure the data that users keep on their phones, or to assure the FBI and the nation’s intelligence agencies that they could get inside any iPhone.
The FBI warned that encrypted personal communications were creating a “going-dark” crisis that would keep its agents—along with local police—from tracking terrorists, kidnappers, and spies.
The hackers, just about all of them male and most in their mid-twenties, carried on like a lot of young guys around the world. They showed up at work about eight-thirty a.m. Shanghai time, checked a few sports scores, emailed their girlfriends, and occasionally watched porn. Then, when the clock struck nine, they started methodically breaking into computer systems around the world, banging on the keyboards until a lunch break gave them a moment to go back to the scores, the girlfriends, and the porn.
There were always countervailing interests: the State Department needed help on North Korea, the Treasury didn’t want to upset the bond markets, the markets didn’t want to see a trade war started. In the cyber realm, this meant holding back on naming the Chinese when they got caught in some of the biggest hacks in recent years.
OPM’s information-security infrastructure. The agency’s IT security environment was appallingly inadequate,
The system itself was outdated, but management made it even worse—they failed to follow nationwide government policy on security protocols, neglected to maintain their systems properly, and ignored advice on best practices.
some point during the summer of 2014, the SF-86 forms for 21.5 million people were copied from OPM’s network. By December, 4.2 million personnel files—covering 4 million current and former federal employees, with their Social Security numbers, their medical histories, and their marital status—had been stolen. And by March 2015, 5.6 million fingerprints had been copied and spirited away.
Wanted poster the Justice Department printed with the pictures of all five PLA officers.
In the space of just a few months, North Korea—a country that could barely feed its people—had struck an iconic American studio with the most sophisticated cyberattack since Olympic Games. Sony had been asleep at the wheel. As had the US government.
Putin’s cyber army went to work. Teams of hackers had scoped the Ukrainian election system, and planned their intrusions. On Election Day, they were ready. At the critical moment, they wiped out data in the system that tallied votes. But that was just the beginning. The hackers also managed to get into the reporting system that announced the results, altering the vote counts received by television networks. For a brief while, as news of the tally unfolded, it appeared to the Ukrainian media that Dmytro Yarosh, the leader of the nationalist and pro-Russia Right Sector Party, had emerged as the
...more
they simply sought to create chaos, and fuel an argument that Poroshenko manipulated the results to win. The plot failed: Ukrainian officials detected the attack, and corrected the results a nail-biting forty minutes before the networks aired them.
Now, three years later,
They reported that at around eleven-thirty in the morning computers across the country abruptly stopped working.
The unfolding offensive seemed targeted at virtually every business in the country, both large and small—from
For months, the forensics showed, the Russian hackers had been gathering intelligence on Ukraine’s top businesses, downloading emails and looking for everything from passwords to good blackmail material. “Then, at the end, when they were done, they planted the bombs,” Shymkiv said. “It was like the old Soviet days: First you rob the village, then you burn it.”
To the Russians, it was all on a spectrum. At one end was pure propaganda. Then came fake news, manipulated election results, the publication of stolen emails. Physical attacks on infrastructure marked the far end.
every technique Americans soon worried about began in the Ukraine: manipulated election results, fictional online personas who widen social divisions and stoke ethnic fears, and what was called “fake news” before the phrase was twisted into new meaning by an American president.
in 1994, when Ukraine voluntarily gave up the nuclear weapons based there since the Soviet days—destroying them in return for a vague commitment that all nations will “refrain from the threat or use of force against the territorial integrity or political independence of Ukraine”—it also gave up any credible threat that it could strike back.
Putin rightly calculated that no American president or European leader would risk lives to defend a Russian-speaking corner of a faraway nation, especially outside the Western alliance.
Since 2014, intelligence agencies had been warning that Russia was likely already inside the American electric grid.
Victoria Nuland.
The American campaign began in September 2014
“overwhelm social media with a flood of fake content, seeding doubt and paranoia, and destroying the possibility of using the Internet as a democratic space.”
The information that these agency researchers gathered during their weeks in the United States helped the Russians develop an election-meddling strategy based on the importance of purple states to the electoral map. That allowed the IRA to target specific populations within these states that might be vulnerable to influence by social media campaigns operated by trolls across the Atlantic.
how the British picked up the traffic that led back to the DNC. But there are several clues. The Snowden documents reveal that GCHQ was plugged into two hundred fiber-optic cables, and could process information from forty-six of them simultaneously. That is quite a feat, since cable traffic runs at ten gigabits per second. The content of that traffic is mostly encrypted. But the British were able to pick up the metadata.
in both the United States and Britain, the intelligence agencies paid “intercept partners”—like AT&T and British Telecom—to keep teams of technicians at the termination site to mine and hand over data. The whole arrangement is ruled by court orders on both sides, kept secret to avoid blowback for the firms.
listening posts around the world, which are divided up for monitoring among the Five Eyes.
these termination points are no longer just a place to plug in headphones. They have become a way to inject implants—malware—into foreign networks.
it was no surprise that Facebook and Google started laying their own cables.
The Russian strategy was one of patience: there would be a moment to reveal the contents of the emails, when they could do maximum damage.
It didn’t take much of a leap of imagination to form a “Heart of Texas” group that appeared to be based in Houston, but was actually operating near Red Square.
Then, in a masterful stroke, the Russians created an opposing group, “United Muslims of America,” which scheduled a counter-rally, under the banner of “Save Islamic Knowledge.” The idea was to motivate actual Americans—who had joined each of the Facebook groups—to face off against each other and prompt a lot of name-calling and, perhaps, some violence.
no one was more amazed than the young Russians in Saint Petersburg, who, their own emails later showed, could not believe their targets were so gullible.
DNC leadership decided to give the story of the hack to the Washington Post.
The Post ran with it, but it was a sign of how little thought was being given to Russian manipulation at the time
