FacebookTwitterGoogle+RedditEmail

Cyber Arms Control Pipedreams

As the extent of the NSA’s offensive programs become public knowledge the editorial board at the New York Times has recommended that the United States government try to jam the lid back on Pandora ’s Box by engaging in “international efforts to negotiate limits on the cyberarms race.” The editorial board then references Cold War arms-control treaties as a model for future efforts. Yet the history of the Cold War demonstrates that arms-control treaties don’t always pan out. Moreover the inherent nature of malware engineering makes the detection of treaty violations nearly impossible.

For example, in 1972 the Nixon administration participated in an international treaty with the United Kingdom and the Soviet Union to ban the production of bioweapons. Unfortunately the Soviets interpreted the 1972 Biological Weapons Convention as a go-ahead to aggressively pursue an initiative that eventually scaled up into hundreds of tons. According to Kanatjan Alibekov, the First Deputy Director of the Biopreparat, Soviet researchers were up to their necks in biological WMDs:

“In the ’70s and beginning of ’80s the Soviet Union started developing new biological weapons – Marburg infection biological weapon, Ebola infection biological weapon, Machupo infection, [or] Bolivian hemorrhagic biological weapon, and some others.”

Seven years after treaty’s ratification approximately 100 people died under suspicious circumstances in the Russian city of Sverdlovsk. The Soviets initially claimed that the deaths were caused by tainted meat. Over a decade later President Boris Yeltsin admitted that the deaths were a result of a clandestine military operation.

Keep in mind that manufacturing bioweapons on an industrial scale required the Soviets to build dozens of facilities and employ thousands of people. An undertaking that wasn’t easy to conceal, especially with CIA specialists conducting exhaustive “all source analysis” to ferret out treaty violations. Nevertheless the USSR ran the world’s biggest illicit program right under the CIA’s nose. And they got away with it for years.

Developing malware is nowhere near as involved. Software engineers don’t need fermenting vats two stories tall. Offensive cyber technology tends to be small and easy to conceal. Agencies like the NSA can develop malware anywhere, with little or no logistical footprint, using compartmentalized cells of engineers hunkered down in unremarkable office spaces. Try spotting something like that with a spy satellite!

Furthermore if a nation were to break a cyberarms treaty and deploy outlawed malware, spies would no doubt utilize anonymity technology in conjunction with anti-forensics to throw off investigators. Classified documents leaked to the press indicate that intelligence services, as a matter of standard operating procedure, use foreign commercial cover to launch false flag operations. The reason that we have definitive information about the authorship of Stuxnet and Equation Group malware is that U.S officials openly claimed responsibility.

Rather than trying to discourage other countries from building malware, why not promote national policies that work to render offensive technology inert? Cyber-attacks succeed on behalf of sloppy engineering. In part because hi-tech companies are allowed to treat security breaches as a negative externality. And also as a result of the NSA’s industry-wide campaign of subversion. In other words, poor cyber security is a matter of official policy. Vulnerabilities persist because deep sources of wealth and power benefit from them.

The arms control mindset presumes the top-down worldview of cyber security a priori, where spies undermine our collective cyber security under the rubric of national security and CEOs sell substandard products on behalf of quarterly profits. Let’s reset American priorities to implement cyber-security from the bottom up so that everyone has access to relatively high levels of security.

Bill Blunden is an independent investigator whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including The Rootkit Arsenal , and Behold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex. Bill is the lead investigator at Below Gotham Labs.

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

November 14, 2018
Sam Bahour
Israel’s Mockery of Security: 101 Actions Israel Could Take
Cesar Chelala
How a Bad Environment Impacts Children’s Health
George Ochenski
What Tester’s Win Means
Louisa Willcox
Saving Romania’s Brown Bears, Sharing Lessons About Coxistence, Conservation
George Wuerthner
Alternatives to Wilderness?
Robert Fisk
Izzeldin Abuelaish’s Three Daughters were Killed in Gaza, But He Still Clings to Hope for the Middle East
Dennis Morgan
For What?
Dana E. Abizaid
The Government is Our Teacher
Bill Martin
The Trump Experiment: Liberals and Leftists Unhinged and Around the Bend
Rivera Sun
After the Vote: An Essay of the Man from the North
Jamie McConnell
Allowing Asbestos to Continue Killing
Thomas Knapp
Talkin’ Jim Acosta Hard Pass Blues: Is White House Press Access a Constitutional Right?
Bill Glahn
Snow Day
November 13, 2018
Patrick Cockburn
The Midterm Results are Challenging Racism in America in Unexpected Ways
Victor Grossman
Germany on a Political Seesaw
Cillian Doyle
Fictitious Assets, Hidden Losses and the Collapse of MDM Bank
Lauren Smith
Amnesia and Impunity Reign: Wall Street Celebrates Halliburton’s 100th Anniversary
Joe Emersberger
Moreno’s Neoliberal Restoration Proceeds in Ecuador
Carol Dansereau
Climate and the Infernal Blue Wave: Straight Talk About Saving Humanity
Dave Lindorff
Hey Right Wingers! Signatures Change over Time
Dan Corjescu
Poetry and Barbarism: Adorno’s Challenge
Patrick Bond
Mining Conflicts Multiply, as Critics of ‘Extractivism’ Gather in Johannesburg
Ed Meek
The Kavanaugh Hearings: Text and Subtext
Binoy Kampmark
Concepts of Nonsense: Australian Soft Power
November 12, 2018
Kerron Ó Luain
Poppy Fascism and the English Education System
Conn Hallinan
Nuclear Treaties: Unwrapping Armageddon
Robert Hunziker
Tropical Trump Declares War on Amazonia
John W. Whitehead
Badge of Shame: the Government’s War on Military Veterans
Will Griffin
Military “Service” Serves the Ruling Class
John Eskow
Harold Pinter’s America: Hard Truths and Easy Targets
Rob Okun
Activists Looking Beyond Midterm Elections
Binoy Kampmark
Mid-Term Divisions: The Trump Take
Dean Baker
Short-Term Health Insurance Plans Destroy Insurance Pools
George Wuerthner
Saving the Buffalohorn/Porcupine: the Lamar Valley of the Gallatin Range
Patrick Howlett-Martin
A Note on the Paris Peace Forum
Joseph G. Ramsey
Does America Have a “Gun Problem”…Or a White Supremacy Capitalist Empire Problem?
Weekend Edition
November 09, 2018
Friday - Sunday
Louis Proyect
Why Democrats Are So Okay With Losing
Andrew Levine
What Now?
Jeffrey St. Clair
Roaming Charges: Chuck and Nancy’s House of Cards
Brian Cloughley
The Malevolent Hypocrisy of Selective Sanctions
Marc Levy
Welcome, Class of ‘70
David Archuleta Jr.
Facebook Allows Governments to Decide What to Censor
Evaggelos Vallianatos
The Zika Scare: a Political and Commercial Maneuver of the Chemical Poisons Industry
Nick Pemberton
When It Comes To Stone Throwing, Democrats Live In A Glass House
Ron Jacobs
Impeach!
FacebookTwitterGoogle+RedditEmail