Be Like Water

At the close of last night’s post, I indicated that I believed that China and the United States’ points of view would shape the agenda of the Security Council in coming years. The truth of this goes beyond the halls of UN Headquarters, which is enough of a truism that I suppose it was another reason I have not written extensively about Sino-American relations.

Moving forward, however, that relationship does deserve a closer look, particularly the ways in which the two will interact directly in coming years. Despite American fears, the People’s Republic will continue to mature and grow into its role, and considerations need to be made as far as what kind of relationship Washington wants with Beijing. Further, in pursuing its own policy goals, the US needs to learn to be like water, to take a page from the Tao: fluid in the path it takes but always, inexorably, flowing towards the same path.

The direct relationship between the US and China will most certainly show times of strain and pressure on both sides as the years pass, and that is to be expected considering the maturation of China as a power-player. China is growing weary of being expected to be left on the short-end of negotiations at all times.  At the same time, the United States has forgotten how to yield on issues without looking, and feeling, weakened by the experience. “Saving face” is an essential concept in China, allowing even the losers in an experience to come away with a salvaged sense of pride. The United States’ policymakers and negotiators would do well to keep this in mind in the future.

For example, in the situation brewing with Iran, the United States has pushed forward on stronger sanctions, including a new unilateral set that would also punish financial institutions that do business with Iran’s Central Bank. China has so far resisted US calls to join in the sanctions, but an editorial in the Global Times’ English edition goes further:

China should not bend to US pressure. It needs to come up with deliberate countermeasures, and show deterrence to an arrogant US. The unilateral sanctions were levied under its own amended Iran Sanctions Act, rather than any UN Security Council resolution.

Iran’s oil resources and geopolitical value are crucial to China. Chinese companies have the freedom to engage in legal business with Iran’s energy sector. It is worth taking on some troubles and even paying a certain price to safeguard this principle.

China should be confident. The US, facing a tough economy and the coming presidential election, cannot afford a trade war with China. It is not set on having a showdown with China just to impose sanctions on Iran. China has adopted anti-sanction measures against the US before, and this time China should demonstrate the same toughness.

Rather than pushing unnecessarily on Beijing to alter its stance, the US would do better to encourage China to continue its trade with Tehran. The reasoning behind this is simple. China has been putting its own form of pressure on Iran in the form of extracting concessions in price on Iranian oil; as one of a dwindling number of buyers, Iran can’t afford to stand strong against these price declines, in turn further weakening its economy, a Pyrrhic victory. In allowing China an exception to the sanctions on states dealing with Iran, China and the US both benefit. Rather than playing out a zero-sum game, both parties need to find areas of commonality so that the actual disagreements with wide-reaching impact aren’t marred by the small stuff.

Seeking accord is becoming more necessary as China’s influence continues to rise on the course to superpower status. The superpower competition on the horizon will be far different from that of the Cold War. Rather than a battle for supremacy with existential implications on the line, this jockeying for power will be an extension of the economic battles that face the two. China wants greater access to natural resources and new markets for its exports, particularly once it moves beyond its current low-tech production and comes into its own in the high-tech sphere where the US has traditionally dominated.

Indeed, even in the event that China comes out the dominant power later this century, it isn’t clear that Beijing will undertake the sort of revisionist sweep that the Soviet Union surely would have if it had come out on top in the Cold War and the United States certainly has.

America, at least in theory, prefers that other countries share its values and act like Americans. China can only fear a world where everybody acts like the Chinese. So, in a future dominated by China, the Chinese will not set the rules; rather, they will seek to extract the greatest possible benefit from the rules that already exist.

Rather than fear of a cultural domination or an usurping of American ‘ideals’, the primary reason for American analysts fear over China’s rise is the idea that a more powerful China can and will challenge the United States’ global projection of military power, which in turn threatens US economic interests in the areas described earlier. The US’ power is a combination of its money and missiles, and a threat to either of them sends shivers through the spine of Washington. What’s more, threats from China not only include nuclear weapons in the equation, as with the Soviet Union, but also newer weaponry and spheres of combat, such as offensive cyber-capabilities and anti-satellite technology. Both sides surely have these capacities, though neither speaks of them publicly.

During the Cold War, Mutually Assured Destruction promised that the only way to prevent the launch of nuclear attack was the guarantee that doing so would result in a total loss by both sides. Only through this deterrence were the US and the USSR able to avoid nuclear holocaust.  The National Interest has published one of the most intriguing paths forward for the US and China that I’ve seen, a moderation of this doctrine that expands the idea into the domains of cyber- and space-based combat:

Confidence that such pledges would be honored, even in crisis, ultimately rests on the bedrock of mutual deterrence. Knowing that they cannot defend against retaliation (due to offense dominance), neither the United States nor China should be the first to employ nuclear, antisatellite or cyber weapons. The two should supplement strategic no-first-use understandings with confidence-building measures such as missile-launch notification, greater transparency about nuclear arsenals, and consultation and cooperation on cyber threats from other states and nonstate actors.

The devil lies in the details and definition of any proposed mutual strategic restraint. Would nonphysical interference with satellites be forbidden? Yes. Would cyber crime and cyber espionage be covered? No, only destructive attacks on critical networks. Would Chinese and U.S. armed forces be precluded from interfering with military computer networks during armed conflict? No, though tactical cyber war must be tightly controlled by political leaders to avoid escalation. Would allies, e.g., Japan and South Korea, be covered by the pledge not to initiate strategic attacks? Absolutely.

The sort of high-level talks that would lead to the acceptance of such an agreement, talks based around strategic imperatives rather than singular issues, need to become more frequent in the coming months and years. Currently, there’s no guarantee that China would sign on board to such a proposal, nor that the United States would push forward with it. But the fact is, we can’t continue to treat China as the lesser partner in this ‘Group of Two’.

My greatest fear in mitigating tensions between the two is that a new, harsher China policy will be installed next January. It would be the absolute worst time for the US to push hard on the PRC, as new leadership will be reaffirming its power after a recent handover in the Politburo. In order to prevent conflict in the coming decades, the United States, no matter who’s in the White House, is going to need to learn to be flexible enough in its China policy to allow for greater give in its management of China’s rise, preventing the rigidity that would provoke a crumbling of ties, running counter to the US’ long-term gain.

“I’m sorry, Mahmoud, I don’t have a nuke in my sack, but how about a nice drone?” – Santa

I’m still feeling like I’m a good day or two behind the rest of the world when it comes to what’s going on out there, so forgive me if this seems dated already. But I couldn’t not comment on the downed drone in Iranian territory. Like most people, when I first saw the news, I figured it was a complete fabrication by the Iranian press. When confirmation came out from the US government that we did, in fact, lose a spy plane in or near Iranian airspace, I was more than a little surprised.

Like most things in life, the idea that we could lose a nearly intact drone to Iran is one of those things that seems too ridiculous to be true until it actually happens. As of the time of this writing, the buzz seems to have died down some surrounding the issue, so it may be that the whole thing is for naught. In any case, it appears to me that if all the reports that we’ve seen so far are true, which is also a big if, then the situation is bad, but not dire, with many more “it could be worse” points than actual “oh god why”.

The good news: The initial reports coming out of Iran involved claims that the Iranian military used a sophisticated cyberattack to down the drone. Fact: There is no way that a cyberattack is what actually led to the downing of the craft. Despite a report earlier this year about a virus that has spread through the drone fleet, Iran’s electronic warfare capability is in no way capable of hacking into the controls of a drone and forcing it to land. James Lewis at the Center for Strategic and International Studies put it succinctly:

“Iran hacking into the drone is as likely as an Ayatollah standing on a mountain-top and using thought waves to bring it down,” Lewis, a former Reagan administration official now with the Center for Strategic and International Studies, told Yahoo News by email Monday. “The most likely explanation is that it crashed on its own.”

“If you could hack into a drone, you wouldn’t use it for some spontaneous fun, you’d save it for a rainy day,” Lewis continued. “You’d need to be able to hack either the control network in the U.S. or a satellite.  Neither is easy, and both are probably not something the Iranians can do.”

Better news: We didn’t risk going in after it. Initially, Iran most likely didn’t know about the crash and probably didn’t for sometime, as evidenced by the fact that their acquisition was revealed almost a week after it was lost in the first place. But the Wall Street Journal reports that though we considered recovery, the US ultimately opted against, as the risks of adding fuel to the fire far outweighed a recovery of the technology:

Under one plan, a team would be sent to retrieve the aircraft. U.S. officials considered both sending in a team of American commandos based in Afghanistan as well as using allied agents inside Iran to hunt down the downed aircraft.

Another option would have had a team sneak in to blow up the remaining pieces of the drone. A third option would have been to destroy the wreckage with an airstrike.

However, the officials worried that any option for retrieving or destroying the drone would have risked discovery by Iran.

The fact remains as well that this is what drones were designed to be useful for. Had it been a manned surveillance aircraft, in the style of the spy plane that went down over China in 2001, we would have had a much larger problem on our hands, with either a dead airman or a captive of the IRGC to deal with. Despite acknowledging that we did not attempt to go in after the drone, there will be those who say the contrary. For example, at the Aviationist blog, a reader has posted this following theory:

“Temporary loss of satellite connection is common and the drone will orbit on a preplanned route until connection is re-established. If the connection is never re-established then the aircraft will eventually run out of fuel and crash. This can happen if the the encryption keys are invalidated during rollover and were not properly loaded (among other possibilities). Prior to fuel exhaustion, standard procedure is to perform classified data erase, followed by software data erase. A recovery team is supposed to follow up and secure it or blow it up.

In this case it appears the recovery team couldn’t find it.”

Oh my wow, does that make no sense. Suppose. Suppose for a half-second that we actually were prepared to send in a team, possibly deep into Iranian territory, to attempt to recover or destroy this drone. Why would such a team be put together and insert without knowing where the damn thing is? It may have just been commentary on what is SOP in other instances, but that wasn’t made clear by the reader’s comment. In any case, we stayed out of Iran, which is good, which means that any saber-rattling they bring up over violation of their airspace can be promptly ignored, as usual.

The best news: The RQ-170 Sentinel is aptly named. Unlike its Predator or Reaper brethren, it is designed to do one thing only: spy. The Predator and Reaper are further not stealthy in the least-bit, being propeller-powered; if the Sentinel really was a remote stealth bomber, this would be a whole ‘nother kettle of fish. There are no JDAMs loaded onto the Sentinel, nor would it be readily apparent from a review of the downed craft how to integrate a weapons system seamlessly into the frame given.

The bad news: Well, there’s a few bits of bad news here. The first is that this still amounts to a large loss by the US in terms of keeping secret technology out of the hands of adversaries. And while it is weaponless, the Sentinel does possess advanced communication-monitoring tech inside of its well-coated shell. The Pentagon is working hard to spin the fact that the RQ-170 is somewhat outdated as far as drone technology goes, but it still far outstrips anything that Iran could hope to develop on its own in the near future.

While there isn’t too much new to discover from the RQ-170, the fact remains that it is still a nearly intact specimen ripe for dissection, as far as has been revealed, despite a notable lack of photographic evidence from Tehran.  (Really, you’d think there’d be a shot of Ahmadinejad posing next to the thing by now.) It’s unlikely that Iran itself will be able to reverse-engineer it itself, so panicky worries about stealth surveillance drones flying from Tehran to Tel Aviv are extremely premature.  What is more likely is that Iran will take this opportunity to sell the drone to the highest bidder, likely in exchange for other non-monetary perks.

Which is to say there is no way that a new round of sanctions are forthcoming in the UN Security Council. The odds were already low, this development takes them to near absolute zero in terms of possibility. Russia and China are the states most likely to benefit from this, though it would be naive to assume that they weren’t aware of many of the broader information about the craft. But actually getting their hands on an intact version would be a huge gift, particularly to states that are known for their reverse-engineering capabilities. The PRC and Russian Federation were unlikely to support new sanctions on Iran in any case, but this is a bow on that little present.

In summation, while not great, it could be a lot worse. The whole affair amounts to a brand new top-secret iPhone 5 falling off the back of a truck on Dec 24th: it isn’t set to bring down the entity that lost it, but it’s more than a little annoying. So Merry Christmas, Ayatollah. It looks like it came a little early for you this year.

Commander Adama’s Simple Rules for ICS Protection

Normal morning, I log into Twitter and start to browse through my stream. I quickly came across an article posted by CNN’s Security Clearance blog. In it, the author reveals that the Federal government is investigating whether an Illinois water treatment plant’s burned out pump was caused by a cyberattack. “What the what?” says I, as I read further:

Joe Weiss, a noted cyber security expert, disclosed the possible cyber attack on his blog Thursday. Weiss said he had obtained a state government report, dated Nov. 10 and titled “Public Water District Cyber Intrusion,” which gave details of the alleged cyber attack culminating in the “burn out of a water pump.”

Such an attack would be noteworthy because, while cyber attacks on businesses are commonplace, attacks that penetrate industrial control systems and intentionally destroy equipment are virtually unknown in the U.S.

Well. This could be interesting. The protection of industrial control systems (ICS) has been a worry of cybersecurity analysts . What makes this story even more fascinating? Weiss claims that the “attack” came from somewhere within the territory of the Russian Federation.

My initial assumption that the attack was funneled in through some external source seems to have been proven wrong in these Washington Post and CNET articles on the topic. It turns out, the ICS in question was managed using software developed by an company that provides supervisory control and data acquisition. This company, unnamed in the articles due to the nature of the report the articles were based around, was itself was hacked several months earlier with dozens of users information and passwords absconded with. The power plant in question has been powering up and down remotely at random, the overall effect of which led to the burning out of a water pump.

So, first of all, whoa. Second, while an important event in the history of American cybersecurity, I don’t think that this is quite on the level of bad that I’m sure many will assign to it. Comparisons to the Stuxnet virus that struck Iran, targeting the programmable logic controllers in its uranium-spinning centrifuges, are inevitable to be sure. But the level of sophistication displayed here is nowhere near on the level of Stuxnet. That attack was clearly designed for a specific purpose, with a specific goal. The Illinois case is much more likely the result of a hacker who has obtained this information playing around with their new capabilities, leading to the burnout in question. If this was a state-based attack, I highly doubt that a single water station in Springfield would be their target.

Further, the two-step process displayed in this attack makes it all the more important, in my book, that proper cybersecurity measures are taken in the private sector. The intruder obtaining the passwords to the control systems certainly made the actual penetration of the system easier. Even with that advantage, though, the hacker should not have been able to gain the remote access that was required to utilize that data. Which brings me to the title of this piece.

In the mini-series that launched the revamped Battlestar: Galactica, the Cylons manage to take out the entirety of the Colonial Fleet, save the titular Battlestar, by deploying a virus across the networked Colonial system. What saved the Galactica, you ask? Commander Adama’s near fanatical resistance to having any networks on his ship’s computers. Period. He knew that computers were necessary, but he’d be damned if they were allowed to talk to each other. It even went so far that in a situation where the Galactica was forced to network its computers together or face destruction, the Commander had to think long and hard on the subject before allowing it. To his credit, the Cylons immediately launched a cyberattack once the networking was completed, so there you go.

Edward James Olmos can teach us a lot through his steely glare. The vast majority of ICS networks are actually very secure, so long as they aren’t connected to the Internet. I understand that remote access is sometimes necessary for the monitoring and management of vital processes when nobody is available in person. But monitoring and actually being able to control and update those systems should be on different networks, the latter of which goes nowhere near the public interwebs. Even those plants that are segregated face danger not from clever ways to sneak in through the vastness of the intertubes, but through the mistakes of those humans who are charged with maintaining and operating these systems. An earlier published Washington Times article concerned with hackers being able to open jail cells remotely was panned, but still holds some truths in its pages:

“But in our experience, there were often connections” to other networks or devices, which were in turn connected to the Internet, making them potentially accessible to hackers, [Teague Newman, Department of Homeland Security] said.

In some of the facilities the team visited for their research, guards had used the same computer that controls the prison’s security systems to check their personal email, exposing it directly to potential hackers, Mr. Teague said.

In many prisons, technical support staff would add connections to enable them to update the system’s software remotely after the ICS systems were installed by security specialists.

Also of concern: the use of flashdrives and portable hard drives. We all have looked from our flashdrive to a computer and thought “Eh, whatever” before plugging it in. Doing so with a system that controls vital elements of key infrastructure, though? That’s insanely risky, even if you are the sort who runs ZoneAlarm on your personal PC. It’s highly likely that Stuxnet itself was first introduced into the Iranian nuclear plants through not through breaking through a firewall in a case of extreme hackery, but through getting passed along until some schmuck stuck his thumbdrive somewhere it doesn’t belong. If we’re actually serious about making sure that Richard Clarke’s declaring that cyberwar is the biggest threat that our country faces is false, we really should start acting like it. For our inspiration, I think we should look no further than the Old Man himself.

The face of pure badassery

In that vein, Congress is looking for bipartisan solutions in troubled times, and I think I have one for them. This could be a simple insert into any of the pending cybersecurity legislation on the Hill, or a quick bill to pass. Congress: we should mandate that all workers who interact with ICS should be forced to wear wristbands that read “WWCAD?” or “What would Commander Adama Do?” The picture at left should also be hung in all Federally regulated sites that use ICS to manage their daily affairs. You can thank me later, Congress. You can thank me later.

Memo to Richard Clarke: China does not have a “US Internet On/Off” switch

Gulliver, of the Inkspots blog, tweet earlier today an article published in the Boston Globe. In said article, Richard Clarke, also known as the Man Who Knew Too Much in the pre-September 11 days, predictor of the bin Laden attacks and ignored by the Administration, has a few recommendations about the readiness of our nation’s digital defenses. I was excited, until I saw the headline: Cyber weaknesses should deter US from waging war

…What.

Clarke said if he was advising the president he would warn against attacking other countries because so many of them — including China, North Korea, Iran and Russia — could retaliate by launching devastating cyberattacks that could destroy power grids, banking networks or transportation systems.

The U.S. military, he said, is entirely dependent on computer systems and could end up in a future conflict in which troops trot out onto a battlefield “and nothing works.”

Clarke said a good national security adviser would tell the president that the U.S. might be able to blow up a nuclear plant somewhere, or a terrorist training center somewhere, but a number of countries could strike back with a cyberattack and “the entire us economic system could be crashed in retaliation … because we can’t defend it today.”

“I really don’t know to what extent the weapon systems that have been developed over the last 10 years have been penetrated, to what extent the chips are compromised, to what extent the code is compromised,” Clarke said. “I can’t assure you that as you go to war with a cybersecurity-conscious, cybersecurity-capable enemy that any of our stuff is going to work.”

Oh my stars and garters. First of all, usual disclaimers that these are my personal opinions, not those of anyone I may be employed by. Now. Do I really need to explain to Mr. Clarke why his statement makes no sense? The use of computers has made our armed forces more mobile, agile, and accurate. It has not made them deadlier in my opinion. In fact, taking away the ability of our systems to, say, precisely pinpoint a target would probably be the dumbest thing an enemy could do. It’s not like we’ve lost the ability to just carpetbomb areas into submission, it’s just something that we honestly prefer not to do these days.

Also, it sounds like Mr. Clarke is vastly inflating the capabilities of the states he lists. Yes, China and Russia were called out recently for hacking into our systems to gain access to sensitive data for economic gain. But if you honestly think that there aren’t white hats on our side doing the same thing, then your dream world sounds like a lovely place to visit. Espionage is something that exists and always will exist so long as there are secrets that need to be protected. Why do you think we even have a Central Intelligence Agency?

But seriously. If the United States or one of our allies were to strike against an Iranian nuclear plant, which I am by the by not in favor of, I am extremely skeptical that Iran’s first thought will be “shut down the Interwebs in the U.S.” As Dan Trombly points out, Iran’s proxy capabilities are much more impressive than anything it has in the digital domain, and further, the entirety of the cybercapability we’ve seen from them has been in regards to domestic communication, not widespread hacking into infrastructure. China using it’s legion of “Netizen hackers” to counterbalance the offensive edge that we so clearly have on them would make sense and is the most credible of the states Clarke lists, but the PRC is light-years away from having that ability, no matter how lacking our defenses are.

Cyber-capabilities are impressive. Nobody is denying that fact. The hype around them though is stunning. I love science-fiction as much as the next person, and the future is in fact awesome as I find myself thinking every day. But the wild-mass guessing that goes into attempting to predict the full abilities that can and will be brought to bear in a conflict is more than a little ridiculous. The way that many writers and analysts put it, there’s a switch somewhere in various states that can be flipped in the event of war, where the various Trojan horses and malware on American systems can suddenly shut. down. everything. I can assure you that any use of cyberconflict in the coming years will look nothing like that. Disrupting communications, sending out false information and corrupting data, various levels of enhanced espionage, that’s what’s facing us, not preventing bombs from deploying or somehow crashing the US economy.

Further, this is a huge pet-peeve of mine, the acting like any instance of a cyber or digital attack would be completely beyond the conventional norms of warfare and that the US has absolutely no past models to draw on. Bull. Saying that we shouldn’t attack a country because they might retaliate against our digital infrastructure is akin to saying that we shouldn’t attack them because any of our assets may in turn be targeted. Which would make no sense, because that is how war is conducted: you strike, you attempt to block the oncoming counterstrike. If your defenses are lagging in one point? Then you build them up, but that doesn’t mean that your weakpoint completely negates your offensive capabilities. There are plenty of reasons to not launch a military strike, but concern over our computer networks is not one of them. Mr. Clarke needs to take it down a notch; advocating for more robust defense is fine, but hyperbole just weakens your arguments.