FacebookTwitterGoogle+RedditEmail

Cyber Arms Control Pipedreams

As the extent of the NSA’s offensive programs become public knowledge the editorial board at the New York Times has recommended that the United States government try to jam the lid back on Pandora ’s Box by engaging in “international efforts to negotiate limits on the cyberarms race.” The editorial board then references Cold War arms-control treaties as a model for future efforts. Yet the history of the Cold War demonstrates that arms-control treaties don’t always pan out. Moreover the inherent nature of malware engineering makes the detection of treaty violations nearly impossible.

For example, in 1972 the Nixon administration participated in an international treaty with the United Kingdom and the Soviet Union to ban the production of bioweapons. Unfortunately the Soviets interpreted the 1972 Biological Weapons Convention as a go-ahead to aggressively pursue an initiative that eventually scaled up into hundreds of tons. According to Kanatjan Alibekov, the First Deputy Director of the Biopreparat, Soviet researchers were up to their necks in biological WMDs:

“In the ’70s and beginning of ’80s the Soviet Union started developing new biological weapons – Marburg infection biological weapon, Ebola infection biological weapon, Machupo infection, [or] Bolivian hemorrhagic biological weapon, and some others.”

Seven years after treaty’s ratification approximately 100 people died under suspicious circumstances in the Russian city of Sverdlovsk. The Soviets initially claimed that the deaths were caused by tainted meat. Over a decade later President Boris Yeltsin admitted that the deaths were a result of a clandestine military operation.

Keep in mind that manufacturing bioweapons on an industrial scale required the Soviets to build dozens of facilities and employ thousands of people. An undertaking that wasn’t easy to conceal, especially with CIA specialists conducting exhaustive “all source analysis” to ferret out treaty violations. Nevertheless the USSR ran the world’s biggest illicit program right under the CIA’s nose. And they got away with it for years.

Developing malware is nowhere near as involved. Software engineers don’t need fermenting vats two stories tall. Offensive cyber technology tends to be small and easy to conceal. Agencies like the NSA can develop malware anywhere, with little or no logistical footprint, using compartmentalized cells of engineers hunkered down in unremarkable office spaces. Try spotting something like that with a spy satellite!

Furthermore if a nation were to break a cyberarms treaty and deploy outlawed malware, spies would no doubt utilize anonymity technology in conjunction with anti-forensics to throw off investigators. Classified documents leaked to the press indicate that intelligence services, as a matter of standard operating procedure, use foreign commercial cover to launch false flag operations. The reason that we have definitive information about the authorship of Stuxnet and Equation Group malware is that U.S officials openly claimed responsibility.

Rather than trying to discourage other countries from building malware, why not promote national policies that work to render offensive technology inert? Cyber-attacks succeed on behalf of sloppy engineering. In part because hi-tech companies are allowed to treat security breaches as a negative externality. And also as a result of the NSA’s industry-wide campaign of subversion. In other words, poor cyber security is a matter of official policy. Vulnerabilities persist because deep sources of wealth and power benefit from them.

The arms control mindset presumes the top-down worldview of cyber security a priori, where spies undermine our collective cyber security under the rubric of national security and CEOs sell substandard products on behalf of quarterly profits. Let’s reset American priorities to implement cyber-security from the bottom up so that everyone has access to relatively high levels of security.

Bill Blunden is an independent investigator whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including The Rootkit Arsenal , and Behold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex. Bill is the lead investigator at Below Gotham Labs.

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

Weekend Edition
January 18, 2019
Friday - Sunday
Melvin Goodman
Star Wars Revisited: One More Nightmare From Trump
John Davis
“Weather Terrorism:” a National Emergency
Jeffrey St. Clair
Roaming Charges: Sometimes an Establishment Hack is Just What You Need
Joshua Frank
Montana Public Schools Block Pro-LGBTQ Websites
Louisa Willcox
Sky Bears, Earth Bears: Finding and Losing True North
Robert Fisk
Bernie Sanders, Israel and the Middle East
Robert Fantina
Pompeo, the U.S. and Iran
David Rosen
The Biden Band-Aid: Will Democrats Contain the Insurgency?
Nick Pemberton
Human Trafficking Should Be Illegal
Steve Early - Suzanne Gordon
Did Donald Get The Memo? Trump’s VA Secretary Denounces ‘Veteran as Victim’ Stereotyping
Andrew Levine
The Tulsi Gabbard Factor
John W. Whitehead
The Danger Within: Border Patrol is Turning America into a Constitution-Free Zone
Dana E. Abizaid
Kafka’s Grave: a Pilgrimage in Prague
Rebecca Lee
Punishment Through Humiliation: Justice For Sexual Assault Survivors
Dahr Jamail
A Planet in Crisis: The Heat’s On Us
John Feffer
Trump Punts on Syria: The Forever War is Far From Over
Dave Lindorff
Shut Down the War Machine!
Glenn Sacks
LA Teachers’ Strike: Student Voices of the Los Angeles Education Revolt  
Mark Ashwill
The Metamorphosis of International Students Into Honorary US Nationalists: a View from Viet Nam
Ramzy Baroud
The Moral Travesty of Israel Seeking Arab, Iranian Money for its Alleged Nakba
Ron Jacobs
Allen Ginsberg Takes a Trip
Jake Johnston
Haiti by the Numbers
Binoy Kampmark
No-Confidence Survivor: Theresa May and Brexit
Victor Grossman
Red Flowers for Rosa and Karl
Cesar Chelala
President Donald Trump’s “Magical Realism”
Christopher Brauchli
An Education in Fraud
Paul Bentley
The Death Penalty for Canada’s Foreign Policy?
David Swanson
Top 10 Reasons Not to Love NATO
Louis Proyect
Breaking the Left’s Gay Taboo
Kani Xulam
A Saudi Teen and Freedom’s Shining Moment
Ralph Nader
Bar Barr or Regret this Dictatorial Attorney General
Jessicah Pierre
A Dream Deferred: MLK’s Dream of Economic Justice is Far From Reality
Edward J. Martin
Glossip v. Gross, the Eighth Amendment and the Torture Court of the United States
Chuck Collins
Shutdown Expands the Ranks of the “Underwater Nation”
Paul Edwards
War Whores
Peter Crowley
Outsourcing Still Affects Us: This and AI Worker Displacement Need Not be Inevitable
Alycee Lane
Trump’s Federal Government Shutdown and Unpaid Dishwashers
Martha Rosenberg
New Questions About Ritual Slaughter as Belgium Bans the Practice
Wim Laven
The Annual Whitewashing of Martin Luther King Jr.
Nicky Reid
Panarchy as Full Spectrum Intersectionality
Jill Richardson
Hollywood’s Fat Shaming is Getting Old
Nyla Ali Khan
A Woman’s Wide Sphere of Influence Within Folklore and Social Practices
Richard Klin
Dial Israel: Amos Oz, 1939-2018
Graham Peebles
A Global Battle of Values and Ideals
David Rovics
Of Triggers and Bullets
FacebookTwitterGoogle+RedditEmail