FacebookTwitterRedditEmail

Deterring Cyberattacks With Sanctions?

The White House has announced a new sanctions program that will authorize the executive branch to penalize malicious cyber “actors” whose behavior endangers “the national security, foreign policy, or economic health or financial stability of the United States.” Sadly the President is opting for theater that creates the perception of security rather than actually making it more difficult for attacks to succeed.

Obama’s new executive order rests on a strategy of deterrence, a cold war idea that’s been revived by the likes of former NSA director Mike McConnell and more recently by current NSA Director Mike Rogers. The basic idea is this: if enemies fear retaliation they’re less likely to launch an attack (nuclear, cyber, or otherwise).

But deterrence is useless if you can’t figure out who attacked you. Malware isn’t like an ICBM that leaves a clear trail going from point-A to point-B. Thanks to Ed Snowden it’s public knowledge Five-Eyes Intelligence agencies have invested heavily in developing anonymity technology and conducting deception operations that aim to conceal the origins of their clandestine attacks. It would be naïve to believe that other countries aren’t doing the same.

Consider the following scenario. A Japanese spy targeting sensitive information in the United States could launch their campaign out of China, outsourcing the bulk of their work to local outlaws who use indigenous tools and tactics. Advanced anti-forensic methods could be wielded to cast suspicion elsewhere, away from Japan, and investigators would no doubt recognize the political expedience of accusing China over an ally.

One can imagine the hazards, not to mention embarrassment, associated with rash accusations. In 2009 the presiding republican on the House Intelligence Committee, Peter Hoekstra, in lieu of hard evidence recommended that the United States execute a “show of force” against North Korea in response to run-of-the-mill denial of service attacks on South Korean and U.S. websites. Cooler heads prevailed and the attacks were eventually traced back to a VPN circuit in Florida.

It’s interesting to watch history repeat itself with the data breach at Sony. Yet the public clamors for POTUS to do something. This new program, which threatens would-be “actors” with economic sanctions, is something. So that’s what Obama is doing.

Boldly clambering down into the rabbit hole of attribution is bad enough, but there are additional questions that arise with respect to this new executive order. For example, if the United State is going to penalize other countries for alleged cyberattacks does this mean that other countries will be able to seek redress from the United States for American cyberattacks?

After all the United States is the most prolific “actor” in the cyber domain, seeking to “dominate” the Internet. Officials have admitted outright that both the Stuxnet and Equation Group attacks were NSA initiatives. Dozens of countries and hundreds of organizations were impacted. Will the United States be exempt from the mandates that it applies abroad, as the world’s one indispensable nation?

Sanctions may be less violent than conventional military weapons but they still rely on the process of attribution. This underscores the reality that false flag operations are as popular as ever and relatively easy for funded intelligence outfits to execute. Does the President believe threatening sanctions will improve our cyber security or is he merely looking for another excuse to frame and punish his adversaries?

Bill Blunden is an independent investigator whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including The Rootkit Arsenal , and Behold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex. Bill is the lead investigator at Below Gotham Labs.

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

bernie-the-sandernistas-cover-344x550
April 06, 2020
Richard D. Wolff
COVID-19 and the Failures of Capitalism
W. T. Whitney
Donald Trump, Capitalism, and Letting Them Die
Cesar Chelala
Cuba’s Promising Approach to Cancer
David A. Schultz
Camus and Kübler-Ross in a Time of COVID-19 and Trump
Nomi Prins 
Wall Street Wins, Again: Bailouts in the Time of Coronavirus
Dean Baker
Getting to Medicare-for-All, Eventually
Dave Lindorff
Neither Pandemic Nor Economic Collapse is Going to Be a Short-Lived Crisis
Sonali Kolhatkar
Capitalism in America Has Dropped the Mask: Its Face is Cruel and Selfish
Ralph Nader
Trump’s 7 Pro-Contagion Reversals Increase the Coronavirus Toll
David Swanson
A Department of Actual Defense in a Time of Coronavirus
Ellen Brown
Was the Fed Just Nationalized?
Jeff Birkenstein
Postcards From Trump
Nick Licata
Authoritarian Leaders Rejected the Danger of a COVID-19 Pandemic Because It Challenged Their Image
Kathy Kelly
“He’s Got Eight Numbers, Just Like Everybody Else”
Graham Peebles
Change Love and the Need for Unity
Kim C. Domenico
Can We Transform Fear to Strength In A Time of Pandemic?
Mike Garrity
Alliance for the Wild Rockies Files Lawsuit to Stop Logging and Burning Project in Rocky Mountain Front Inventoried Roadless Area
Stephen Cooper
“The Soul Syndicate members dem, dem are all icons”: an Interview with Tony Chin
Weekend Edition
April 03, 2020
Friday - Sunday
Omar Shaban
Gaza’s New Conflict: COVID-19
Rob Urie
Work, Crisis and Pandemic
John Whitlow
Slumlord Capitalism v. Global Pandemic
Jeffrey St. Clair
Roaming Charges: Strange Things Happening Every Day
Jonathan Cook
The Bigger Picture is Hiding Behind a Virus
Paul Street
Silver Linings Amidst the Capitalist Coronavirus Crisis
Evaggelos Vallianatos
The Control of Nature
Louis Proyect
COVID-19 and the “Just-in-Time” Supply Chain: Why Hospitals Ran Out of Ventilators and Grocery Stores Ran Out of Toilet Paper
Kathleen Wallace
The Highly Contagious Idea
Kenneth Good
The Apartheid Wars: Non-Accountability and Freedom for Perpetrators.
Andrew Levine
Democracy in America: Sorry, But You Can’t Get There from Here.
Ramzy Baroud
Tunisia Leads the Way: New Report Exposes Israel’s False Democracy
David Rosen
Coronavirus and the State-of-Emergency Pandemic
Matthew Stevenson
Will Trump Cancel the Election? Will the Democrats Dump Joe?
Ron Jacobs
Seattle—Anti-Capitalist Hotbed
Michael T. Klare
Avenger Planet: Is the COVID-19 Pandemic Mother Nature’s Response to Human Transgression?
Jack Rasmus
COVID-19 and the Forgotten Working Class
Werner Lange
The Madness of More Nukes and Less Rights in Pandemic Times
J.P. Linstroth
Why a Race is Not a Virus and a Virus is Not a Race
John Feffer
We Need a Coronavirus Truce
Thomas S. Harrington
“New Corona Cases”: the Ultimate Floating Signifier
Victor Grossman
Corona and What Then?
Katie Fite
Permanent Pandemic on Public Lands: Welfare Sheep Ranchers and Their Enablers Hold the West’s Bighorns Hostage
Patrick Bond
Covid-19 Attacks the Down-and-Out in Ultra-Unequal South Africa
Eve Ottenberg
Capitalism vs. Humanity
Nicky Reid
Fear and Loathing in Coronaville Volume 2: Panic On the Streets of Tehran
Jonas Ecke
Would Dying for the Economy Help Anybody?
FacebookTwitterRedditEmail