[Cryptography] North Korea and Sony

[Henry Baker]

At 05:40 AM 12/9/2014, Phillip Hallam-Baker wrote:
>This is the real threat to the US economy.  Hayden and Alexander built a machine whose sole purpose is attack.  Hayden has no comprehension of the value of defense and his understanding of the importance of civilian infrastructure is strictly tactical. He knows what he would attack, power, water, etc.
>
>The Snowden files show an organization that is entirely devoted to attack.  Even their defense efforts have to be presented as attack because thats all the senior brass respect and its an up-or-out hunger games environment.

[below also in comp.risks]

The following paragraphs are an attempt to explain why the NSA hasn't any interest in protecting you and me from cyber criminals.  It isn't nonfeasance, but a result of the misapplication of Cold War thinking to the Internet, and the NSA's preoccupation with China instead of with criminal gangs on the Internet.

You and I and 300+ million ordinary citizens are merely the "human shields" in this new Cold Cyberwar which the US DoD has deluded itself exists with China.

The US Defense Department in 2014 is still caught up in obsolete concepts from the Cold War when it inappropriately attempts to achieve "deterrence" through "mutual vulnerability" in *cyber warfare*.

The concept of "Mutually Assured Destruction" (MAD) attempts to convince both sides in a conflict that no matter who starts a war, both sides will be utterly destroyed.  MAD was the primary doctrine of the US throughout most of the Cold War, and although the Soviets never did attack, they also never completely bought into the MAD notion.

A major component of MAD is "Mutual Vulnerability": since both sides are equally vulnerable, each feels that it has more to lose from a war than the other.  However, one curious consequence of Mutual Vulnerability is that *Civil Defense is actually destabilizing*.  If one side invests significantly in civil defense, it becomes less vulnerable, and may believe that a war is survivable.  Such a civil defense strategy will break the "Mutual" in MAD.

During the Cold War, therefore, the US invested almost nothing in civil defense; the Soviets -- not so enamored with mutual vulnerability -- invested huge amounts.

As the links & quotes below demonstrate, the US DoD today has already conceded that its cyber defenses are next-to-non-existent, and therefore has ramped up its *offenses* -- e.g., the NSA's "TAO" group -- because it believes that a MAD-style offensive deterrence is far cheaper than improving defenses (i.e., echoes of the US Cold War strategy).

In the upside-down-world of MAD, mutual deterrence depends upon *mutual vulnerability*, and hence *more vulnerable is better* !?!

The major problem with this MAD strategy is that while the deterrence may eventually work against the Chinese *state*, this deterrence has absolutely no effect against criminal enterprises terrorizing the Internet.  None of these criminals feel the "Mutual" in MAD, much less the "Assured" or the "Destruction".

So "MAD" is the reason why you and I remain vulnerable to ID crooks & thieves; the more vulnerable, the better the deterrence works -- at least against the Chinese.

If all of this sounds insane/MAD, you're right!  It is insane, which is why all of us have to blow the whistle on these bankrupt Cold War relic doctrines.
-----------
http://missiledefensereview.org/2014/07/30/a-world-gone-mad-no-longer/

"A World Gone MAD No Longer"

[Selected paragraphs]

"To maintain this stability, both sides had to remain vulnerable to each other’s ballistic missiles and bombers.  As the Cold War advanced, North American air defenses were minimized, and civil defense was pared down.  Missile defenses, the greatest sin of all, were abolished in 1972 with the ratification of the Anti-Ballistic Missile (ABM) Treaty between the United States and the Soviet Union.  Any hope of limiting damage and saving lives in the event of a nuclear exchange was sacrificed upon the altar of Mutually Assured Destruction (MAD).  It was security through promised annihilation, and stability through self-inflicted vulnerability."

"Feeling secure in a state of vulnerability requires making some dubious assumptions about your adversary.  You must assume that your adversary is rational, and that he values what you are threatening to destroy with your retaliation, and that he never doubts your willingness to follow through on that threat.  You must assume that your opponent has accurate information about his strategic situation and has good judgment, and that judgment is not impaired by stress, mental health issues, or even chemical substances.  Even if all of these things just happen to be true all the time, you must also assume that your adversary has full control over its military, and that there is zero risk of a missile launch by a rogue element."

"Today, the United States faces multiple adversaries with ever-advancing ballistic missile capability.  North Korea likely already has the capability to strike parts of U.S. territory with a ballistic missile, and shows every intention of continuing to advance its capabilities.  Iran’s missiles can already reach parts of Europe, and we cannot predict how fast it could develop intercontinental-ranged missiles if it pursued a crash program."  [I.e., MAD doesn't work very well in a world with lots of smaller players.]

http://www.dtic.mil/get-tr-doc/pdf?AD=ADA577518

ADA577518.pdf
Size: 447 KB (457,262 bytes)

Sino-American Strategic Restraint in an Age of Vulnerability
by David C. Gompert and Phillip C. Saunders

[Selected paragraphs]

"... because the United States cannot escape its growing vulnerability to China unilaterally, Chinese agreement is needed; therefore, mutual restraint must address Chinese interests as well.  Our core idea is that mutual vulnerability calls for mutual restraint in the nuclear, space, and cyber domains.  Whether Sino-American distrust will preclude agreed restraint is one of the questions this paper tackles.  But even with distrust, self-interest in avoiding harm—-in a word, deterrence—-can move both powers in this direction."

"All three strategic domains are 'offense-dominant'—-technologically, economically, and operationally.  Defenses against nuclear, ASAT, and cyber weapons are difficult and yield diminishing results against the offensive capabilities of large, advanced, and determined states such as the United States and China."

"Likewise, defending computer networks becomes harder and more expensive as the scale and sophistication of the attacker increase.  ...  The diminishing returns on investment in cyber defense relative to offense are especially striking when considering the disparity between “hacking” and “patching” in complexity, cost, and time required: advanced network-defense software contains between 5 and 10 million lines of code; malware contains an average of 170 lines of code. 6  Protection of U.S. Government networks typically requires regulated public competition and acquisition, which can consume years before solutions are contracted for and installed; an attack can be designed and launched in weeks.  No sooner are effective defenses finally in place than cyber weapons to defeat them are in the works.  Strategic offense dominance gives each country incentives to invest in offense, which spurs the other to do the same to keep pace."

"Mutual restraint in cyberspace, the most complex domain, should entail a pledge by each country not to be the first to attack networks critical to the other’s well-being—-that is, 'strategic cyberspace.'  This restriction would not encompass noncritical networks or limit intelligence collection.  In the event of armed conflict, both Chinese and U.S. forces are likely to conduct attacks on military networks, the infrastructure for which may also support civilian networks, involving an inherent danger of escalation.  Therefore, as a corollary of mutual restraint, both governments bear responsibility to exert tight political control, not to escalate, and to avoid harm to noncombatants—-in effect, to create a firebreak between tactical cyber war, where deterrence may be weak, and strategic cyber war, where it ought to be strong.  Only in this way can the utility of military cyber war and the imperative of avoiding general cyber war be reconciled."

"While deterrence may not apply against many cyber threats—-in particular those from nonstate actors—-it could be relevant between large and capable states.  Due to the limits and costs of network defense, strategic cyber deterrence between China and the United States is not only necessary but also possible.  Because each country relies vitally on vulnerable computer networks, each has reason to fear retaliation.  Determining the source of a large cyber attack would be aided by circumstances—-such as an ongoing crisis—-and by the fact that very few actors, all of them states, are currently capable of large and sophisticated attacks.  Even without certainty of an attack’s origin, the prospective attacker would be gambling its economic health by betting against retaliation and escalation to general cyber war."

"Poor prospects for arms control, the futility of strategic defense, and the plunging costs of attack mean the United States and China must consider the idea of mitigating their growing vulnerabilities in the nuclear, space, and cyber domains by agreed restraint in the use of strategic offensive capabilities.  The bedrock of such restraint would be mutual deterrence in each domain, based on the fear of devastating retaliation and the limits of defense.  Preconditions for mutual deterrence—-namely, risks of retaliation that outweigh expected gains of attacking first—-exist in all three domains, although this may not be fully recognized by all parties in the United States and China."

"While deterrence may not apply against many cyber threats—-in particular those from nonstate actors—-it could be relevant between large and capable states.  Due to the limits and costs of network defense, strategic cyber deterrence between China and the United States is not only necessary but also possible.  Because each country relies vitally on vulnerable computer networks, each has reason to fear retaliation.  Determining the source of a large cyber attack would be aided by circumstances—-such as an ongoing crisis—-and by the fact that very few actors, all of them states, are currently capable of large and sophisticated attacks.  Even without certainty of an attack’s origin, the prospective attacker would be gambling its economic health by betting against retaliation and escalation to general cyber war."