This week the Twitter account of the US military (CENTCOM) got hacked (allegedly) by the Islamic State (ISIS), who retitled the page the CyberCaliphate. The Twitter page was awash with slogans such as ‘I love you ISIS’, and on the page they also showed various enemy attack retaliation scenarios showing the US attacking North Korea and China with Nuclear weapons.
The hack itself lasted only 40 minutes, and in reality had no true security significance, as the twitter page is a completely civilian run and hosted site that has no connection to the American military’s real command and control networks. The hack, however, is being portrayed in the mainstream media as a major security breach, and whether it was ISIS or some other rogue-hacker impersonating the terrorist organization, it is seen as an embarrassing breach of security for a government who like to keep the ‘all powerful’ and ‘untouchable’ illusion of their image as squeaky clean and unblemished as possible.
Last month, hackers working out of North Korea managed to hack Sony, releasing sensitive information about top brass, and releasing the film ‘The Interview’ to the internet prior to its intended cinematic release. The film is itself a satirical spoof comedy about an interview with the dictator of North Korea, Kim Jong-un.
Although the FBI are confident (I’m not) that the cyber attack did come from North Korea, and that American investigatory powers still have a huge advantage over hackers, it is clear that knowing who carried out a hack, post attack, is not nearly enough of a deterrent to stop the surge. In fact, how to retaliate against and effectively deter future hacks are problems which are not being coherently addressed, and it is for this reason that the NSA is posturing for a power grab.
Speaking at the International Conference on Cyber Security in New York , the head of the NSA, Admiral Mike Rogers, said that he he did not feel the agency had enough powers to truly curtail the constant barrage of on-line security breaches which the USA is currently facing.,
‘What we’ve seen in the last six to nine months in general… trends are going in the wrong direction, [and] doing more of the same and expecting different results, my military experience tells me, is not a particularly effective strategy.‘
With this in mind, it is clear that Tuesday’s announcement by President Obama of a need for broader cyber security measures (not only for the benefit of government, but also private sector organizations), is part of a coherent effort by the US to take the power back, and is something that will be welcomed by the Alphabet agencies.
Obama’s vision (which still needs the approval of congress) is to prosecute hacking crimes more effectively, and to toughen the penalties which cyber-criminals face. Obama was quick to point out that industry and government must work hand in hand if they are ever to gain control over the internet,
‘Its going to be a shared mission – government and industry working hand in hand.‘
Obama has been trying to pass a cyber security bill through congress for three years, and now it would seem he is getting closer to his goal. However, when the reason for the legislation to suddenly become legitimate, is faux-terrorist Twitter hacks (there is little evidence that it was actually ISIS), and money grossing publicity campaigns that benefit the company that got hacked (Sony), one does end up wondering just how dangerous the risk of hacking truly is to the American Government. I can’t help wondering if what we are seeing is instead a number of ‘false flag‘ style events that allow America to back the internet slowly into a corner, where spying is as legitimate as buying a Domino’s pizza.