Pandora’s Box
There is a reason why we believe the delusion that transgression can keep us safe: the transgression was a bloody masterpiece.
As of 2007, the United States, along with Israel, has launched an attack on Iran’s Natanz nuclear facility, which has destroyed about a fifth of Iran’s centrifuges. The attack, known as Stuxnet, spread in seven holes, known as’ zero days’, in Microsoft and Siemens’ industrial software. (Only one has been announced before, but never patched). In the short term, Stuxnet was a resounding success. It held back Iran’s nuclear ambitions for years and prevented the Israelites from bombing Natanz and causing World War III. In the long run, it has shown allies and opponents what they are missing, and has changed the digital world order.
In the ensuing decade, an arms race was born.
NSA analysts left the agency to start cyber weapons factories, such as Vulnerability Research Labs, in Virginia, which sold click-and-shoot tools to US agencies and our closest English-speaking allies of Five Eyes. One contractor, Immunity Inc., founded by a former NSA analyst, has embarked on a smoother slope. First, say employees, immunity trained consultants like Booz Allen, then defense contractor Raytheon, then the Dutch and Norwegian governments. But soon the Turkish army came knocking.
Companies like CyberPoint took it further and stationed themselves abroad and shared the tools and the craft maker that the UAE would eventually turn on its own people. In Europe, suppliers of Pentagon’s spyware, such as Hacking Team, began trading the same tools to Russia, then Sudan, who used it mercilessly.
As the market expanded beyond the direct control of the NSA, the agency’s focus remained offensive. The NSA knew the same vulnerabilities that they would find and exploit elsewhere would one day blow back on Americans. The answer to this dilemma was to bring the American exception to an acronym – NOBUS – which stands for ‘Nobody but Us’. If the agency found a vulnerability, believing it could only be exploited, he hoarded it.
This strategy was part of what Genl. Paul Nakasone, the current NSA director – and George Washington and the Chinese strategist Sun Tzu before him – call ‘active defense’.
In modern warfare, ‘active defense’ amounts to the captioning of enemy networks. This, in turn, is the destruction of the digital age: we have hacked the Russian troll networks and its roster as evidence of violence; Iran’s nuclear facilities to extract its centrifuges; and Huawei’s source code, to penetrate its customers in Iran, Syria and North Korea for espionage and to set up an early warning system for the NSA, in theory to ward off attacks before they hit.