FacebookTwitterRedditEmail

Cyber Arms Control Pipedreams

As the extent of the NSA’s offensive programs become public knowledge the editorial board at the New York Times has recommended that the United States government try to jam the lid back on Pandora ’s Box by engaging in “international efforts to negotiate limits on the cyberarms race.” The editorial board then references Cold War arms-control treaties as a model for future efforts. Yet the history of the Cold War demonstrates that arms-control treaties don’t always pan out. Moreover the inherent nature of malware engineering makes the detection of treaty violations nearly impossible.

For example, in 1972 the Nixon administration participated in an international treaty with the United Kingdom and the Soviet Union to ban the production of bioweapons. Unfortunately the Soviets interpreted the 1972 Biological Weapons Convention as a go-ahead to aggressively pursue an initiative that eventually scaled up into hundreds of tons. According to Kanatjan Alibekov, the First Deputy Director of the Biopreparat, Soviet researchers were up to their necks in biological WMDs:

“In the ’70s and beginning of ’80s the Soviet Union started developing new biological weapons – Marburg infection biological weapon, Ebola infection biological weapon, Machupo infection, [or] Bolivian hemorrhagic biological weapon, and some others.”

Seven years after treaty’s ratification approximately 100 people died under suspicious circumstances in the Russian city of Sverdlovsk. The Soviets initially claimed that the deaths were caused by tainted meat. Over a decade later President Boris Yeltsin admitted that the deaths were a result of a clandestine military operation.

Keep in mind that manufacturing bioweapons on an industrial scale required the Soviets to build dozens of facilities and employ thousands of people. An undertaking that wasn’t easy to conceal, especially with CIA specialists conducting exhaustive “all source analysis” to ferret out treaty violations. Nevertheless the USSR ran the world’s biggest illicit program right under the CIA’s nose. And they got away with it for years.

Developing malware is nowhere near as involved. Software engineers don’t need fermenting vats two stories tall. Offensive cyber technology tends to be small and easy to conceal. Agencies like the NSA can develop malware anywhere, with little or no logistical footprint, using compartmentalized cells of engineers hunkered down in unremarkable office spaces. Try spotting something like that with a spy satellite!

Furthermore if a nation were to break a cyberarms treaty and deploy outlawed malware, spies would no doubt utilize anonymity technology in conjunction with anti-forensics to throw off investigators. Classified documents leaked to the press indicate that intelligence services, as a matter of standard operating procedure, use foreign commercial cover to launch false flag operations. The reason that we have definitive information about the authorship of Stuxnet and Equation Group malware is that U.S officials openly claimed responsibility.

Rather than trying to discourage other countries from building malware, why not promote national policies that work to render offensive technology inert? Cyber-attacks succeed on behalf of sloppy engineering. In part because hi-tech companies are allowed to treat security breaches as a negative externality. And also as a result of the NSA’s industry-wide campaign of subversion. In other words, poor cyber security is a matter of official policy. Vulnerabilities persist because deep sources of wealth and power benefit from them.

The arms control mindset presumes the top-down worldview of cyber security a priori, where spies undermine our collective cyber security under the rubric of national security and CEOs sell substandard products on behalf of quarterly profits. Let’s reset American priorities to implement cyber-security from the bottom up so that everyone has access to relatively high levels of security.

Bill Blunden is an independent investigator whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including The Rootkit Arsenal , and Behold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex. Bill is the lead investigator at Below Gotham Labs.

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

bernie-the-sandernistas-cover-344x550

April 22, 2019
Melvin Goodman
The NYTs Tries to Rehabilitate Bloody Gina Haspel
Robert Fisk
After ISIS, a Divided Iraq, Wounded and Grief-Stricken
Binoy Kampmark
Julian Assange as Neuroses
John Laforge
Chernobyl’s Deadly Effects Estimates Vary
Kenneth Surin
Mueller Time? Not for Now
Cesar Chelala
Yemen: The Triumph of Barbarism
Kerron Ó Luain
What the “White Irish Slaves” Meme Tells Us About Identity Politics
Andy Piascik
Grocery Store Workers Take on Billion Dollar Multinational
Seiji Yamada – Gregory G. Maskarinec
Health as a Human Right: No Migrants Need Apply
Howard Lisnoff
Loose Bullets and Loose Cannons
Ricardo Alarcón de Quesada
Dreaming in Miami
Graham Peebles
Consuming Stuff: The Polluting World of Fashion
Robert Dodge
Earth Day: Our Planet in Peril
Weekend Edition
April 19, 2019
Friday - Sunday
Andrew Levine
What Will It Take For Trump to Get His Due?
Roy Eidelson
Is the American Psychological Association Addicted to Militarism and War?
Jeffrey St. Clair
Roaming Charges: Time is Blind, Man is Stupid
Joshua Frank
Top 20 Mueller Report “Findings”
Rob Urie
Why Russiagate Will Never Go Away
Paul Street
Stephen Moore Gets Something Right: It’s Capitalism vs. Democracy
Russell Mokhiber
Why Boeing and Its Executives Should be Prosecuted for Manslaughter
T.J. Coles
The Battle for Latin America: How the U.S. Helped Destroy the “Pink Tide”
Ron Jacobs
Ho Chi Minh City: Nguyen Thai Binh Street
Dean Baker
Fun Fictions in Economics
David Rosen
Trump’s One-Dimensional Gender Identity
Kenn Orphan
Notre Dame: We Have Always Belonged to Her
Robert Hunziker
The Blue Ocean Event and Collapsing Ecosystems
Theodore C. Van Alst, Jr.
Paddy Wagon
Brett Wilkins
Jimmy Carter: US ‘Most Warlike Nation in History of the World’
John W. Whitehead
From Jesus Christ to Julian Assange: When Dissidents Become Enemies of the State
Nick Pemberton
To Never Forget or Never Remember
Stephen Cooper
My Unforgettable College Stabbings
Louis Proyect
A Leftist Rejoinder to the “Capitalist Miracle”
Louisa Willcox
Aldo Leopold’s Land Ethic and the Need for a New Approach to Managing Wildlife
Brian Cloughley
Britain Shakes a Futile Fist and Germany Behaves Sensibly
Jessicah Pierre
A Revolutionary Idea to Close the Racial Wealth Divide
George Burchett
Revolutionary Journalism
Dan Bacher
U.S. Senate Confirms Oil Lobbyist David Bernhardt as Interior Secretary
Nicky Reid
The Strange Success of Russiagate
Chris Gilbert
Defending Venezuela: Two Approaches
Todd Larsen
The Planetary Cost of Amazon’s Convenience
Kelly Martin
How the White House is Spinning Earth Day
Nino Pagliccia
Cuba and Venezuela: Killing Two Birds With a Stone
Matthew Stevenson
Pacific Odyssey: Guadalcanal and Bloody Ridge, Solomon Islands
David Kattenburg
Trudeau’s Long Winter
Gary Olson
A Few Comments on the recent PBS Series: Reconstruction: America After the Civil War
FacebookTwitterRedditEmail