In this 2009 report, a former Director of National Intelligence told “60 Minutes” the U.S. is unprepared for cyberattacks.
First, the lights in Taiwan go out.
TAIPEI, Taiwan — If the United States gets embroiled in a war with China, it may begin with the lights going out here in Taipei.
Tensions are rising across the Taiwan Strait, and there’s a growing concern among some security experts that Chinese President Xi Jinping might act recklessly toward Taiwan in the next few years, drawing the United States into a conflict.
Xi’s hard line toward Hong Kong is alarming Taiwanese and further reducing the chance, if there ever was any, of a peaceful unification of China. China seems to be abandoning its effort to win hearts and minds on Taiwan, and it has steadily improved military capabilities — thus prompting the fear that Xi might eventually use them.
“We are very concerned,” Taiwan’s foreign minister, Joseph Wu, told me. He said that one concern was that a slowing economy and other troubles in China might lead Xi to make trouble for Taiwan as a distraction. “This is the scenario that is constantly playing in the minds of the key decision makers” on Taiwan, he said.
The main worry of military planners here isn’t so much a full-scale amphibious invasion. Rather, they fear the mainland sowing chaos and disrupting the economy as a way of trying to bring Taiwan to heel.
Hence the concern about a cyberattack that would take out Taipei’s electric grid. Or sabotage of the underwater cables that bring data and internet to Taiwan. Or interference in the South China Sea with tankers carrying oil to Taiwan.
[Follow Nicholas Kristof as he travels around the United States and the world, shedding light on crises and hailing unsung heroes. For a behind-the-scenes look at Nick’s gritty journalism, sign up for his newsletter.]
Wu added that China could also step up military pressure by increasing patrols in the area, or by holding military exercises. Even a partial blockade would have a substantial impact if it raised insurance costs and damaged confidence in the island’s future.
Government officials in Taiwan were cagey about how they would respond to provocations in cyber and other realms, but Wu said that military officials “are planning for defense and offense.” Another senior government official said that retaliation could include airstrikes on China’s Fujian Province.
That fits with the belief that Taiwan would promptly escalate to bring the war to China. If that happens, no one knows quite what the U.S. would do, including the U.S. itself. A 1979 American law suggests that the United States is committed to Taiwan’s defense, but the law is ambiguous about just how committed.
China has been vastly improving its military capabilities, including its ability to strike aircraft carriers. I’m told that in 18 of the last 18 Pentagon war games involving China in the Taiwan Strait, the U.S. lost. Still, that can be misleading, because the war games are much more limited than real life would be. For example, the United States could interrupt China’s oil supplies from the gulf.
Beijing has also been nibbling away at Taiwan’s international presence, blocking it from participating in the World Health Organization and other United Nations agencies, and even barring Taiwanese from taking tours of the U.N. and Taiwanese journalists from getting U.N. accreditation.
President Trump has generally been more supportive of Taiwan than his predecessors, and that’s worked well so far. But this has to be done very carefully. While Taiwan and China may know each other’s red lines, I worry that American politicians may try to help Taiwan in ways that increase the risk of triggering a crisis. Nothing can be so dangerous as a well-meaning American.
Aside from its efforts to isolate Taiwan, China also appears to be borrowing from the Russian playbook and using Facebook and other platforms to interfere with Taiwan’s democracy in the run-up to crucial elections in January.
“China is trying to discredit and dismantle Taiwan democracy,” said Ketty Chen of the Taiwan Foundation for Democracy.
A war between the United States and China over Taiwan would be a cataclysm. But it would also be a catastrophe if Taiwan were blockaded or squashed into submission, because it is a pillar of technology (the source of more than 90 percent of the most advanced computer chips), a pillar of democracy and an “unsinkable aircraft carrier” standing in the way of any Chinese projection into the Pacific or toward, say, Okinawa.
There are steps the U.S. can take that might reduce the risk of a crisis. Washington can emphasize to Beijing that Taiwan will not take any unilateral action, such as declaring itself an independent country — unless China makes a military move, in which case it will do so at once. The U.S. can also caution Beijing that if the electricity goes out in Taipei, the same may happen in Shanghai, and that if Taiwan-bound ships are harassed, they may be reflagged as American vessels.
But that means thinking through what might happen in the next few years and making clear to Xi that he will pay an extremely high price if he messes with Taiwan’s freedom.
The head of Canada’s spy agency said state-sponsored economic espionage and cyber threats now pose a potentially greater challenge to the country than terrorism, warning that foreign actors are already targeting the domestic technology and telecommunications sectors.
David Vigneault, director of the Canadian Security Intelligence Service, or CSIS, said foreign interference and espionage are “the greatest threat” to the country’s prosperity and national interest. He also warned of the possibility of foreign interference in the country’s national election next fall.
“Plainly said: there is state-sponsored espionage in Canada,” said Mr. Vigneault Tuesday, according to published remarks at a luncheon hosted by the Economic Club of Canada. “No matter how it’s done or who’s behind it, economic espionage represents a long-term threat to Canada’s economy and to our prosperity.”
.. sectors where CSIS has observed increased activity by state-sponsored actors include artificial intelligence, quantum technology, 5G mobile networks and biopharmaceuticals.
The United States has been conducting “offensive cyber operations” to defend next week’s midterm elections, though it was “too soon to tell” whether they are having an effect, White House national security adviser John Bolton said Wednesday.
Though Bolton did not specify the operation’s nature, U.S. Cyber Command has begun signaling to Russian operatives that their identities are known — an implicit warning not to attempt to disrupt American politics. The Washington Post and other media reported on those developmentslast week.
The offensive cyber actions were aimed at “defending the integrity of our electoral process . . . and our adversaries [had] better know that and better understand that,” said Bolton, speaking in Washington at an event sponsored by the Alexander Hamilton Society.
.. Brett Bruen, a former National Security Council official who has worked on countering Russian disinformation, called signaling “a pretty ineffective” warning shot. “What we have seen over recent months have been largely superficial steps, mostly for domestic consumption, to be able to say that we are doing something,” he said.
a group of finance ministers to simulate a similar attack that shut down financial markets and froze global transactions. By several accounts, it quickly spun into farce: No one wanted to admit how much damage could be done or how helpless they would be to deter it.
.. something has changed since 2008, when the United States and Israel mounted the most sophisticated cyberattack in history on Iran’s nuclear program, temporarily crippling it in hopes of forcing Iran to the bargaining table.
.. the sophistication of cyberweapons has so improved that many of the attacks that once shocked us — like the denial-of-service attacks Iran mounted against Bank of America, JPMorgan Chase and other banks in 2012, or North Korea’s hacking of Sony in 2014 — look like tiny skirmishes compared with the daily cybercombat of today.
.. Yet in this arms race, the United States has often been its own worst enemy. Because our government has been so incompetent at protecting its highly sophisticated cyberweapons, those weapons have been stolen out of the electronic vaults of the National Security Agency and the C.I.A. and shot right back at us.
.. the WannaCry ransomware attack by North Korea last year, which used some of the sophisticated tools the N.S.A. had developed.
.. Nuclear weapons are still the ultimate currency of national power, as the meeting between President Trump and Kim Jong-un in Singapore last week showed. But they cannot be used without causing the end of human civilization — or at least of a regime. So it’s no surprise that hackers working for North Korea, Iran’s mullahs, Vladimir V. Putin in Russia and the People’s Liberation Army of China have all learned that the great advantage of cyberweapons is that they are the opposite of a nuke: hard to detect, easy to deny and increasingly finely targeted. And therefore, extraordinarily hard to deter.
.. Cyberattacks have long been hard to stop because determining where they come from takes time — and sometimes the mystery is never solved.
.. Today cyberattackers believe there is almost no risk that the United States or any other power would retaliate with significant sanctions, much less bombs, troops or even a counter cyberattack.
.. “They don’t fear us,”
.. At the State Department, the eviction took weeks, shutting down systems during negotiations on the Iran nuclear deal. The hackers were even bolder at the White House. Instead of disappearing when they were exposed, they fought back, looking to install new malware as soon as the old versions were neutralized.
.. It appears the attackers just wanted to prove they could go, and stay, anywhere in the American government’s network.
.. the United States never called out the Russians for what they were doing.
.. If Mr. Putin thought there was no price to be paid for invading White House systems, why wouldn’t he attack the Democratic National Committee?
.. By the summer of 2016, some Obama administration officials, waking to the threat, proposed counterstrikes that included exposing Mr. Putin’s hidden bank accounts and his ties to the oligarchs and cutting off Russia’s banking system. But the potential for escalation caused Mr. Obama and his top aides to reject the plan.
“It was an enormously satisfying response,” a senior American official told me later, “until we began to think about what it would do to the Europeans.”
Mr. Obama also understandably feared that anything the United States did might provoke Mr. Putin to tinker with election systems just enough to give credence to Donald Trump’s warning that the system was “rigged.”
.. Since the election, the American retaliation has included closing some Russian consulates and recreation centers and expelling spies — actions one Obama national security official called “the perfect 19th-century solution to a 21st-century problem.”
.. The wide-open vulnerabilities in America’s networks have essentially deterred the United States from credibly threatening retaliation against the Russians, the Chinese, the North Koreans and the Iranians.
.. One way to start is to make sure no new equipment goes on the market unless it meets basic security requirements. We won’t let cars on the road without airbags, so why do we do less with the systems that connect them to the internet?
.. Second, we must decide what networks we care most about defending — and make those priorities clear. Mr. Mattis’s threat to turn to nuclear weapons hardly seems credible — unless the cyberattack would create an existential threat to America. That requires an intensive public review of what is critical to our nation’s survival.
..President Trump forfeited the perfect opportunity when he decided against a commission to learn the larger lessons from the 2016 election.
.. the United States needs to end the reflexive secrecy surrounding its cyberoperations. We need to explain to the world why we have cyberweapons, what they are capable of and, most important, what we will not use them for.
.. it is in the nation’s interests to develop global norms clarifying that some targets are off limits: election systems, hospitals and emergency communications systems, and maybe even electric power grids and other civilian targets.
.. Microsoft’s president, Brad Smith, has proposed digital Geneva Conventions that begin to establish those norms, outside the structure of governments and treaties.
.. Intelligence agencies hate this idea: They want the most latitude possible for future operations in an uncertain world. But in any arms control negotiation, to create limits on others, you need to give up something.
A breach of South Korea’s military database by suspected North Korean hackers originated in compromised third-party cybersecurity software and was made possible by an unintended connection to the internet, according to people familiar with the attack.
.. it occurred within a military intranet believed to have been cut off from the internet and therefore protected from outside hacks.
.. To gain entry, North Korean hackers first attacked a Seoul-based firm, Hauri Inc., which makes the antivirus software installed on computers used by South Korea’s military, the people said. The hackers then embedded the malware onto the antivirus software, allowing North Korean operatives to infiltrate military servers.
Suspected North Korean hackers stole sensitive military secrets, including joint U.S.-South Korean plans detailing how to eliminate the Pyongyang leadership, during an attack on Seoul’s defense data system last year, a South Korean lawmaker said.
.. The stolen documents included a blueprint known as Operations Plan 5015, which the U.S. and South Korea drew up in 2015 in case of war with North Korea, and detailed joint military procedures for a decapitation strike against North Korean dictator Kim Jong Un and other top leaders, Mr. Rhee said in the interview. A decapitation strike is a targeted attack to eliminate the North Korean leadership and senior command. His aides confirmed the comments, made to the Chosun Ilbo newspaper.
.. The hackers stole 235 gigabytes of data, 22% of which had been identified, according to Mr. Rhee, who said he had been briefed by Defense Ministry officials. The documents covered classified wartime operational plans, military facilities and power plants in South Korea, he said.
.. Meanwhile, North Korea is reportedly preparing to test another missile capable of reaching the U.S. West Coast.
.. The country’s cyberattack operation comprises six groups and 1,300 hackers, with a dozen supporting organizations of 5,000 more hackers, according to South Korean government officials.