• Monthly
  • $25
  • $50
  • $100
  • $other
  • use PayPal

CounterPunch needs you. piggybank-icon You need us. The cost of keeping the site alive and running is growing fast, as more and more readers visit. We want you to stick around, but it eats up bandwidth and costs us a bundle. Help us reach our modest goal (we are half way there!) so we can keep CounterPunch going. Donate today!
FacebookTwitterRedditEmail

Deterring Cyberattacks With Sanctions?

The White House has announced a new sanctions program that will authorize the executive branch to penalize malicious cyber “actors” whose behavior endangers “the national security, foreign policy, or economic health or financial stability of the United States.” Sadly the President is opting for theater that creates the perception of security rather than actually making it more difficult for attacks to succeed.

Obama’s new executive order rests on a strategy of deterrence, a cold war idea that’s been revived by the likes of former NSA director Mike McConnell and more recently by current NSA Director Mike Rogers. The basic idea is this: if enemies fear retaliation they’re less likely to launch an attack (nuclear, cyber, or otherwise).

But deterrence is useless if you can’t figure out who attacked you. Malware isn’t like an ICBM that leaves a clear trail going from point-A to point-B. Thanks to Ed Snowden it’s public knowledge Five-Eyes Intelligence agencies have invested heavily in developing anonymity technology and conducting deception operations that aim to conceal the origins of their clandestine attacks. It would be naïve to believe that other countries aren’t doing the same.

Consider the following scenario. A Japanese spy targeting sensitive information in the United States could launch their campaign out of China, outsourcing the bulk of their work to local outlaws who use indigenous tools and tactics. Advanced anti-forensic methods could be wielded to cast suspicion elsewhere, away from Japan, and investigators would no doubt recognize the political expedience of accusing China over an ally.

One can imagine the hazards, not to mention embarrassment, associated with rash accusations. In 2009 the presiding republican on the House Intelligence Committee, Peter Hoekstra, in lieu of hard evidence recommended that the United States execute a “show of force” against North Korea in response to run-of-the-mill denial of service attacks on South Korean and U.S. websites. Cooler heads prevailed and the attacks were eventually traced back to a VPN circuit in Florida.

It’s interesting to watch history repeat itself with the data breach at Sony. Yet the public clamors for POTUS to do something. This new program, which threatens would-be “actors” with economic sanctions, is something. So that’s what Obama is doing.

Boldly clambering down into the rabbit hole of attribution is bad enough, but there are additional questions that arise with respect to this new executive order. For example, if the United State is going to penalize other countries for alleged cyberattacks does this mean that other countries will be able to seek redress from the United States for American cyberattacks?

After all the United States is the most prolific “actor” in the cyber domain, seeking to “dominate” the Internet. Officials have admitted outright that both the Stuxnet and Equation Group attacks were NSA initiatives. Dozens of countries and hundreds of organizations were impacted. Will the United States be exempt from the mandates that it applies abroad, as the world’s one indispensable nation?

Sanctions may be less violent than conventional military weapons but they still rely on the process of attribution. This underscores the reality that false flag operations are as popular as ever and relatively easy for funded intelligence outfits to execute. Does the President believe threatening sanctions will improve our cyber security or is he merely looking for another excuse to frame and punish his adversaries?

Bill Blunden is an independent investigator whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including The Rootkit Arsenal , and Behold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex. Bill is the lead investigator at Below Gotham Labs.

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

bernie-the-sandernistas-cover-344x550

May 23, 2019
Kenn Orphan
The Belligerence of Empire
Ralph Nader
What and Who Gave Us Trump?
Ramzy Baroud
Madonna’s Fake Revolution: Eurovision, Cultural Hegemony and Resistance
Tom Engelhardt
Living in a Nation of Political Narcissists
Binoy Kampmark
Challenging Orthodoxies: Alabama’s Anti-Abortion Law
Thomas Klikauer
Why Reactionaries Won in Australia
John Steppling
A New Volkisch Mythos
Cathy Breen
So Many Wars: Remembering Friends in Iraq, Jordan, Syria, Kurdistan and Turkey 
Chuck Collins
Ending the Generational Abuse of Student Debt
Robert J. Burrowes
Understanding NATO, Ending War
Nyla Ali Khan
Dilution of “Kashmiriyat” and Regional Nationalism
May 22, 2019
T.J. Coles
Vicious Cycle: The Pentagon Creates Tech Giants and Then Buys their Services
Thomas Knapp
A US War on Iran Would be Evil, Stupid, and Self-Damaging
Johnny Hazard
Down in Juárez
Mark Ashwill
Albright & Powell to Speak at Major International Education Conference: What Were They Thinking?
Binoy Kampmark
The Victory of Small Visions: Morrison Retains Power in Australia
Laura Flanders
Can It Happen Here?
Dean Baker
The Money in the Trump/Kushner Middle East Peace Plan
Manuel Perez-Rocha – Jen Moore
How Mining Companies Use Excessive Legal Powers to Gamble with Latin American Lives
George Ochenski
Playing Politics With Coal Plants
Ted Rall
Why Joe Biden is the Least Electable Democrat
May 21, 2019
Jeremy Kuzmarov
Locked in a Cold War Time Warp
Roger Harris
Venezuela: Amnesty International in Service of Empire
Patrick Cockburn
Trump is Making the Same Mistakes in the Middle East the US Always Makes
Robert Hunziker
Custer’s Last Stand Meets Global Warming
Lance Olsen
Renewable Energy: the Switch From Drill, Baby, Drill to Mine, Baby, Mine
Dean Baker
Ady Barkan, the Fed and the Liberal Funder Industry
Manuel E. Yepe
Maduro Gives Trump a Lesson in Ethics and Morality
Jan Oberg
Trump’s Iran Trap
David D’Amato
What is Anarchism?
Nicky Reid
Trump’s War In Venezuela Could Be Che’s Revenge
Elliot Sperber
Springtime in New York
May 20, 2019
Richard Greeman
The Yellow Vests of France: Six Months of Struggle
Manuel García, Jr.
Abortion: White Panic Over Demographic Dilution?
Robert Fisk
From the Middle East to Northern Ireland, Western States are All Too Happy to Avoid Culpability for War Crimes
Tom Clifford
From the Gulf of Tonkin to the Persian Gulf
Chandra Muzaffar
Targeting Iran
Valerie Reynoso
The Violent History of the Venezuelan Opposition
Howard Lisnoff
They’re Just About Ready to Destroy Roe v. Wade
Eileen Appelbaum
Private Equity is a Driving Force Behind Devious Surprise Billings
Binoy Kampmark
Bob Hawke: Misunderstood in Memoriam
J.P. Linstroth
End of an era for ETA?: May Basque Peace Continue
Weekend Edition
May 17, 2019
Friday - Sunday
Melvin Goodman
Trump and the Middle East: a Long Record of Personal Failure
Joan Roelofs
“Get Your Endangered Species Off My Bombing Range!”
Jeffrey St. Clair
Roaming Charges: Slouching Towards Tehran
FacebookTwitterRedditEmail