When All You Have Is a CyberHammer, You Have to Expect to Go to War against Nails

There are two things about this NYT article describing Obama’s new cyberwar policy that deserve note.

A secret legal review on the use of America’s growing arsenal of cyberweapons has concluded that President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad, according to officials involved in the review.

[snip]

The rules will be highly classified, just as those governing drone strikes have been closely held.

First, according to the WaPo, the government has conducted a search of any and all government officials who have had contact with the lead author of the story, David Sanger.

Investigators, they said, have conducted extensive analysis of the e-mail accounts and phone records of current and former government officials in a search for links to journalists.

Frankly, I think the WaPo is naively ignoring the real possibility, given the updates to DOJ’s Domestic Investigations and Operations Guide, that DOJ has accessed Sanger’s email records directly.

Nevertheless, however they’ve gotten that information, the government now has a pretty good idea who speaks to David Sanger. Presumably, folks who talk to Sanger — particularly those privy to secret workings of the White House — are cognizant of this fact.

From that I assume it’s likely — though by no means certain — that the Administration is not that unhappy about having an article boasting about its aggressive cyberwar stance, even while noting that the details of it will be remain legally classified.

Meanwhile, I’m struck by this claim.

Mr. Obama is known to have approved the use of cyberweapons only once, early in his presidency, when he ordered an escalating series of cyberattacks against Iran’s nuclear enrichment facilities.

Sure, there’s only been the one attack (or rather the serial set of attacks) on Iran.

But I’m struck — particularly in the wake of DOJ’s filing making it clear they’re investigating WikiLeaks as a spy, while refusing to tell us what laws it is using to conduct that investigation — that there has been a rather notable cyberattack whose author we don’t know: the DDOS attacks on WikiLeaks as it first started to release the WikiLeaks cables, and then again last summer (a group called AntiLeaks claimed credit for the second one).

As Jack Goldsmith and Thomas Rid both point out, the Administration appears to be badly fumbling cyber defense (largely because the private sector doesn’t want to play along and the Administration isn’t prepared to make them), but they are very aggressively pursuing cyberoffense. Perhaps, as Goldsmith suggests, this leak to the journalist whose contacts are being monitored is intended to deter attacks on the US (though I’m not sure how a story in a newspaper that the Chinese have hacked is going to scare the Chinese from doing what they have been doing for years).

But if the US is so intent on bragging about its offensive capability, isn’t it time we learned the scope of that offensive capability? Shouldn’t we finally know whether the government took down a publisher’s website?

Tweet about this on Twitter8Share on Reddit0Share on Facebook6Google+2Email to someone

6 Responses to When All You Have Is a CyberHammer, You Have to Expect to Go to War against Nails

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6

Emptywheel Twitterverse
bmaz @walterwkatz @gideonstrumpet I can't even get picked on a stinking civil jury.
21mreplyretweetfavorite
emptywheel @kellybrotherart I am sick of young black poor men conspiring to set global interest rates, causing big losses for munis @matthewstoller
35mreplyretweetfavorite
emptywheel @ismat And beheading Foley was for journalism. Both REASONS are undeniably barbaric. My Q is about method.
59mreplyretweetfavorite
emptywheel RT @ddayen: Under settlement language, banks can pay their penalty by making new mortgages, a moneymaking enterprise for them http://t.co/7
1hreplyretweetfavorite
emptywheel .@ddayen must be slow coming off vacation. Took ~3 more hours than expected for him to explain why BoA deal oversold. http://t.co/J39l9iInIe
1hreplyretweetfavorite
emptywheel Q: Is it barbaric, per se, to behead someone? http://t.co/RQoL4Izhb8 Is it barbaric to let someone gasp for breath 2 hrs during execution?
1hreplyretweetfavorite
bmaz @gideonstrumpet @walterwkatz @bradheath @nytimes I'd kill to sit on a jury. Sadly, it will never happen.
1hreplyretweetfavorite
emptywheel RT @attackerman: "start out with the most ridiculous position and eventually settle for one that is simply outrageous." http://t.co/gZ5ptdT
2hreplyretweetfavorite
emptywheel RT @MuckRock: New #Ferguson Docs: Incident report for officer-initiated homicide of Michael Brown http://t.co/9yivRvc7Cw (h/t @sleepylemur
2hreplyretweetfavorite
bmaz @cody_k Joel didn't fare too well there, did he. So sad...
2hreplyretweetfavorite
bmaz @radleybalko @javadesq That is bizarrely so awesome.
2hreplyretweetfavorite
bmaz RT @goldbe: Excellent article by @emptywheel in @Salon takes a similar line to our #eo12333 #surveillance paper with @axelarnbak: http://t.…
2hreplyretweetfavorite
February 2013
S M T W T F S
« Jan   Mar »
 12
3456789
10111213141516
17181920212223
2425262728