Tuesday, April 7, 2009

Our Utility Networks are Vulnerable?

Siobhan Gorman, WSJ:
Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.

The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.
Of course they would. It would be leverage against us (i.e. we will take out your power if you don't...) or a way of creating mass havoc at a time of war or invasion.

With this latest in a string of very serious revelations about the threats posed by Russia and China, not jut Iran and North Korea, we will of course hear the same responses:

-These intrusions are coming from individuals, not governments.
-What reasons would Russia and China have to compromise our security?
-I'm more afraid of this being used to deny us our civil liberties.
The sophistication of the U.S. intrusions -- which extend beyond electric to other key infrastructure systems -- suggests that China and Russia are mainly responsible, according to intelligence officials and cybersecurity specialists. While terrorist groups could develop the ability to penetrate U.S. infrastructure, they don't appear to have yet mounted attacks, these officials say.
As in the recent news about Chinese worms, private computer network intrusions and theft of sensitive information, the attacks are marked by 'sophistication.' Either the Russians and Chinese are doing a poor job of making their preparations look like the work of individuals, or they are unable to fool our own sophisticated analysts. One thing, however, is certain:
Officials cautioned that the motivation of the cyberspies wasn't well understood, and they don't see an immediate danger.
Our own lack of perspective on these events is the real problem. The Spartans (Russia and China) will do what the Spartans will do. It is the free world that must be on alert.

Unfortunately, we will only squabble amongst ourselves and vote in European trans-nationalists who think defending one's country is bigoted and fascistic, down to the very day when Russia or China would use these methods to compromise us. We better hope that they have no such plans, that everything that has been happening recently is simply evidence of increased surveillance and intelligence work, routine and ordinary and not part of any strategy to attack us. Just as we want to be stronger than they, after all, they want to be stronger than us.

They wouldn't even have to try very hard. They can just say "Iran poses no threat," and we believe it, or half the country believes it. In fact they take our own words and arguments, which may have come from them in the first place in some respect, and throw them right back at us, and we take it as original and unique.

"This president," the Russians say. "We can work with him." Indeed. "Some people in the U.S. still have a Cold War mentality." Indeed again.
It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace. U.S. officials said investigators have followed electronic trails of stolen data to China and Russia.
And the Russians have denied it; the Chinese have denied it. And half the country will take their word for it, because to believe otherwise would contradict their childish world view. Out of the second half, four-fifths will ignore it as unpleasant to think about, and after all, a long way off and seemingly inconceivable (that one day, the Chinese and Russians will attack us, utilizing all sorts of agents and methods and controls that had been put into place while we weren't paying attention). The other fifth is ignorant anyway, and even though they rightly fear the Spartans, don't really understand them. The quantity of those who recognize and think rationally about the threat is negligible.

Of course, just because the Russians could smuggle a nuclear weapon in a suitcase across the Mexican border under the guise of terrorists and set it off in Washington, doesn't mean they will or even that they want to. Even though the Chinese, say, could hijack our electrical networks in the midst of a surprise attack by them, doesn't mean they will. The goal, if there is a goal, is still:
All warfare is based primarily on the deception of an enemy. Fighting on a battlefield is the most primitive way of making war. There is no art higher than to destroy your enemy without a fight—by SUBVERTING anything of value in the enemy’s country.
But that doesn't mean there won't be preparations in the case of collapse or civil war. Russia and China would beat themselves up endlessly if a serious crisis erupted in the United States and they were unable to take advantage of it. They must always be ready, but especially at tense and unstable times. That is why they are probing so much and so often right now. We are detecting some of their probes, but they are banking on us getting distracted and forgetting about it, too much focused on "hope" and "change" and economy.

We see here, another conservative publication make the argument:
China, for example, has little incentive to disrupt the U.S. economy because it relies on American consumers and holds U.S. government debt.
Gordon Chang recently made this argument in National Review. It is a dangerous thing to assume, that economy always trumps ideology. It doesn't, especially not with Leninists. We are seeing this in our own country right now, with the false centrism of Barack Obama, and his party's cynical exploitation of an economic and political crisis to make changes based not on economic rationalism but on ideology with a view to 'social justice' and world perception.

Finally, a point about those intrusions into the grids. We may shore up our cyber-defenses, and that's good. But the hackers may have created superusers and hidden administrator accounts that can lie dormant, ready to be turned on. What's more, it's highly possible and almost certain to be the case in at least a few instances that these utility companies have moles or spies in them who have helped to create vulnerabilities from the inside, or at least pointed out to their Russian and Chinese handlers possible vulnerabilities.

Or maybe it's just that "some people overseas with [a] Cold War mentality are indulged in fabricating the sheer lies of the so-called cyberspies in China."