“Dear John Brennan: You’re Being Investigated”

/4 Comments/in , , , /by

A number of people have pointed to Scott Shane’s story on the leak witch hunt for the details it gives on the increasing concern about leak witch hunts among journalists and national security experts.

But this paragraph includes the most interesting news in the article.

The F.B.I. appears to be focused on recent media disclosures on American cyberattacks on Iran, a terrorist plot in Yemen that was foiled by a double agent and the so-called “kill list” of terrorist suspects approved for drone strikes, some of those interviewed have told colleagues. The reports, which set off a furor in Congress, were published by The New York Times, The Associated Press, Newsweek and other outlets, as well as in recent books by reporters for Newsweek and The Times. [my emphasis]

That’s because prior reporting had indicated that the Kill List stories were not being investigated.

Recent revelations about clandestine U.S. drone campaigns against al Qaeda and other militants are not part of two major leak investigations being conducted by federal prosecutors, sources familiar with the inquiries said.

[snip]

The CIA has not filed a “crime report” with the Justice Department over reports about Obama’s drone policy and a U.S. “kill list” of targeted militants, an action which often would trigger an official leak investigation, two sources familiar with the matter said. They

So Shane’s revelation that the Kill List stories are being investigated amounts to the author of one of the Kill List stories reporting that some people who have been interviewed by the FBI told colleagues they got asked about the Kill List. Which might go something like, “Scott, they’re asking about your story, too.”

All without Shane acknowledging that Shane wrote one of the main Kill List Shiny Object stories.

Meanwhile, I find his reference to the outlets involved very interesting. Using the principle of parallelism, the passage seems to suggest the FBI is investigating the NYT for David Sanger’s sources on StuxNet, the AP for Adam Goldman and Matt Apuzzo’s sources on the UndieBomb 2.0 plot, and Newsweek for Daniel Klaidman’s sources on the Kill List. But of course the NYT also wrote a Kill List story, the AP wrote what is probably the most interesting Kill List story (which reported that the Kill List is now run by John Brennan). “And other outlets.” Which might include ABC for revealing that the UndieBomb 2.0 plotter was actually an infiltrator (ABC got the story indirectly from John Brennan, though Richard Clarke). Or the WaPo for Greg Miller’s original story on drone targeting, revealing that we were going to use signature strikes in Yemen. Or the WSJ, reporting that we had started using signature strikes.

In other words, it presents a rather interesting group of potential stories and sources.

Now I don’t know that John Brennan was the source for all this or that he’s really being investigated. I’m not saying Shane is being manipulative by reporting on this (though seriously, it’s another example of the NYT having a reporter report on a story that he is really a part of).

But I do find it rather interesting that a reporter targeted in this leak witch hunt just made news about the scope of the leak witch hunt.

Share this entry

Lamar Smith’s Futile Leak Investigation

/4 Comments/in , , , , , /by

Lamar Smtih has come up with a list of 7 national security personnel he wants to question in his own leak investigation. (h/t Kevin Gosztola)

House Judiciary Committee Chairman Lamar Smith, R-Texas, told President Obama Thursday he’d like to interview seven current and former administration officials who may know something about a spate of national security leaks.

[snip]

The administration officials include National Security Advisor Thomas Donilon, Director of National Intelligence James Clapper, former White House Chief of Staff Bill Daley, Assistant to the President for Homeland Security and Counterterrorism John Brennan, Deputy National Security Advisor Denis McDonough, Director for Counterterrorism Audrey Tomason and National Security Advisor to the Vice President Antony Blinken.

Of course the effort is sure to be futile–if Smith’s goal is to figure out who leaked to the media (though it’ll serve its purpose of creating a political shitstorm just fine)–for two reasons.

First, only Clapper serves in a role that Congress has an unquestioned authority to subpoena (and even there, I can see the Intelligence Committees getting snippy about their turf–it’s their job to provide impotent oversight over intelligence, not the Judiciary Committees).

As for members of the National Security Council (Tom Donilon, John Brennan, Denis McDonough, Audrey Tomason, and Antony Blinken) and figures, like Bill Daley, who aren’t congressionally approved? That’s a bit dicier. (Which is part of the reason it’s so dangerous to have our drone targeting done in NSC where it eludes easy congressional oversight.)

A pity Republicans made such a stink over the HJC subpoenaing Karl Rove and David Addington and backed Bush’s efforts to prevent Condi Rice from testifying, huh?

The other problem is that Smith’s list, by design, won’t reveal who leaked the stories he’s investigating. He says he wants to investigate 7 leaks.

Smith said the committee intends to focus on seven national security leaks to the media. They include information about the Iran-targeted Stuxnet and Flame virus attacks, the administration’s targeted killings of terrorism suspects and the raid which killed Usama bin Laden.

Smith wants to know how details about the operations of SEAL Team Six, which executed the bin Laden raid in Pakistan, wound up in the hands of film producers making a film for the president’s re-election. Also on the docket is the identity of the doctor who performed DNA tests which helped lead the U.S. to bin Laden’s hideout.

But his list doesn’t include everyone who is a likely or even certain leaker.

Take StuxNet and Flame. Not only has Smith forgotten about the programmers (alleged to be Israeli) who let StuxNet into the wild in the first place–once that happened, everything else was confirmation of things David Sanger and security researchers were able to come up with on their own–but he doesn’t ask to speak to the Israeli spooks demanding more credit for the virus.

Read more

Share this entry

Failed Overseers Prepare to Legislate Away Successful Oversight

/16 Comments/in , , , /by

Before I talk about the Gang of Four’s proposed ideas to crack down on leaks, let’s review what a crop of oversight failures these folks are.

The only one of the Gang of Four who has stayed out of the media of late–Dutch Ruppersberger–has instead been helping Mike Rogers push reauthorization of the FISA Amendments Act through the House Intelligence Committee with no improvements and no dissents. In other words, Ruppersberger has delivered for his constituent–the NSA–in spite of the evidence the government is wiretapping those pesky little American citizens Ruppersberger should be serving.

Then there’s Rogers himself, who has been blathering to the press about how these leaks are the most damaging in history. He supported such a claim, among other ways, by suggesting people (presumably AQAP) would assume for the first time we (or the Saudis or the Brits) have infiltrators in their network.

Some articles within this “parade” of leaks, Rogers said late last week, “included at least the speculation of human source networks that now — just out of good counterintelligence activities — they’ll believe is real, even if its not real. It causes huge problems.”

Which would assume Rogers is unaware that the last time a Saudi infiltrator tipped us off to a plot, that got exposed too (as did at least one more of their assets). And it would equally assume Rogers is unaware that Mustafa Alani and other “diplomatic sources” are out there claiming the Saudis have one agent or informant infiltrated into AQAP regions for every 850 Yemeni citizens.

In short, Rogers’ claim is not credible in the least.

Though Rogers seems most worried that the confirmation–or rather, reconfirmation–that the US and Israel are behind StuxNet might lead hackers to try similar tricks on us and/or that the code–which already escaped–might escape.

Rogers, who would not confirm any specific reports, said that mere speculation about a U.S. cyberattack against Iran has enabled bad actors. The attack would apparently be the first time the U.S. used cyberweapons in a sustained effort to damage another country’s infrastructure. Other nations, or even terrorists or hackers, might now believe they have justification for their own cyberattacks, Rogers said.

This could have devastating effects, Rogers warned. For instance, he said, a cyberattack could unintentionally spread beyond its intended target and get out of control because the Web is so interconnected. “It is very difficult to contain your attack,” he said. “It takes on a very high degree of sophistication to reach out and touch one thing…. That’s why this stuff is so concerning to me.”

Really, though, Rogers is blaming the wrong people. He should be blaming the geniuses who embraced such a tactic and–if it is true the Israelis loosed the beast intentionally–the Israelis most of all.

And while Rogers was not a Gang of Four member when things started going haywire, his colleague in witch hunts–Dianne Feinstein–was. As I’ve already noted, one of the problems with StuxNet is that those, like DiFi, who had an opportunity to caution the spooks either didn’t have enough information to do so–or had enough information but did not do their job.The problem, then, is not leaks; it’s inadequacy of oversight.

In short, Rogers and Ruppersberger and Chambliss ought to be complaining about DiFi, not collaborating with her in thwarting oversight.

Finally, Chambliss, the boss of the likely sources out there bragging about how unqualified they are to conduct intelligence oversight, even while boasting about the cool videogames they get to watch in SCIFs, appears to want to toot his horn rather the conduct oversight.

Which brings me back to the point of this post, before I got distracted talking about how badly the folks offering these “solutions” to leaks are at oversight.

Their solutions:

Discussions are ongoing over just how stringent new provisions should be as the Senate targets leakers in its upcoming Intelligence Authorization bill, according to a government source.

Read more

Share this entry

Ron Wyden: “An Obvious Question I Have Not Answered”

/13 Comments/in , , /by

In the background of the larger drama of the leak witch hunts is a paragraph that, to me, summarizes where the balance between secrecy and sanity is in our country.

An obvious question that I have not answered here is whether any warrantless searches for Americans’ communications have already taken place. I am not suggesting that any warrantless searches have or have not occurred, because Senate and committee rules regarding classified information generally prohibit me from discussing what intelligence agencies are actually doing or not doing. However, I believe that we have an obligation as elected legislators to discuss what these agencies should or should not be doing, and it is my hope that a majority of my Senate colleagues will agree with that searching for Americans’ phone calls and emails without a warrant is something that these agencies should not do.

This is the language Ron Wyden used to attempt to persuade his colleagues to join his opposition to the reauthorization of the FISA Amendments Act without first including protections for Americans’ communications. A very similar paragraph appeared at the end of Wyden and Mark Udall’s dissent from the Senate Intelligence Report on the legislation.

Now, I have already shown that even leak witch hunt convert Dianne Feinstein (who supports reauthorization without telling citizens what the legislation really does) made it clear that while NSA may not target Americans under FAA, the agency does query information collected under FAA to find the communications of Americans. That is, DiFi herself made it clear that the communications collected “incidentally” are fair game for review. And both the Wyden/Udall dissent and the exchange Wyden had with Director of National Intelligence James Clapper last year–which he re-released in conjunction with his hold–make it more clear that the government is reviewing Americans’ communications it collects in the guise of “targeting” non-US persons.

Everyone–Wyden, DiFi, DNI Clapper–admit that the government is accessing Americans’ communications under FAA; it’s just the latter two are pretending they’re not doing so by hiding behind the magic word “targeting.”

With that said, let’s look at Wyden’s paragraph closely and what it says about democracy in the age of secrecy. The first sentence reads like CYA, insulation against any accusation that Wyden has revealed classified information.

An obvious question that I have not answered here is whether any warrantless searches for Americans’ communications have already taken place.

Yet at the same time, Wyden defines the question that DiFi refuses to answer clearly: whether or not the government is using FAA to conduct warrantless searches of Americans’ communications.

It’s an obvious question, Wyden continues, but he’s not legally permitted to answer it.

I am not suggesting that any warrantless searches have or have not occurred, because Senate and committee rules regarding classified information generally prohibit me from discussing what intelligence agencies are actually doing or not doing.

That said, Wyden makes it clear he knows the answer. Read more

Share this entry

DiFi Admits She Okayed Unleashing 21st Century WMD with Inadequate Details

/14 Comments/in , , /by

The reason Dianne Feinstein is so torqued about the StuxNet story, according to this SFChron piece, is because she learned things from it that she didn’t know as a Gang of Four member.

Feinstein declared, “This has to stop. When people say they don’t want to work with the United States because they can’t trust us to keep a secret, that’s serious.”

A week later, Feinstein is more than halfway through New York Times reporter David E. Sanger’s book, “Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power.” She told me Wednesday, “You learn more from the book than I did as chairman of the intelligence committee, and that’s very disturbing to me.”

Now, as a threshold matter, I think DiFi and others are underestimating how much our foreign partners are leaking on these stories; not only did foreign sources serve as early confirmation on UndieBomb 2.0, but the Saudis and Yemenis exposed the last infiltrator the Saudis put into AQAP.  And as for StuxNet, the Israelis are now complaining that Sanger didn’t give them enough credit.

The Israeli officials actually told me a different version. They said that it was Israeli intelligence that began, a few years earlier, a cyberspace campaign to damage and slow down Iran’s nuclear intentions. And only later they managed to convince the USA to consider a joint operation — which, at the time, was unheard of. Even friendly nations are hesitant to share their technological and intelligence resources against a common enemy.

Plus, if and when Israel bombs Iran and has to deal with the retaliation, I can assure you the Israelis will be happy to work with us.

And there’s a far bigger problem here. DiFi was not a Gang of Four member when this program started under Bush (Jay Rockefeller would have been the Democrat from the Senate Intelligence Committee). But she seems to say she got what passed for briefing on StuxNet.

Yet she’s learning new details from Sanger.

StuxNet is, both because it can be reused by non-state actors and because of the ubiquity of the PLCs they affected, the 21st Century version of a WMD. And all that’s before we learned Flame was using Microsoft’s update function.

Now from the sounds of things, DiFi never had the opportunity to authorize letting StuxNet free; the Israelis don’t have to brief the Gang of Four. But the possibility StuxNet would break free on its own always existed. One reason we have Congressional overseers is to counterbalance spooks whose enthusiasm for an op might cloud any judgment about the wisdom of pursuing that op.

The US, in partnership with Israel, released a WMD to anyone who could make use of it. And the people in charge of overseeing such activities got fewer details about the WMD than you could put in a long-form newspaper article.

And DiFi thinks there’s too little secrecy?

Share this entry

Sheldon Adelson Could Buy Bibi a Very Effective October Surprise

/18 Comments/in , , , /by

The Internet is abuzz today with Sheldon Adelson’s announcement that he has already donated $10 million to Mitt Romney’s SuperPAC and plans to provide limitless donations to defeat Obama.

Forbes has confirmed that billionaire Sheldon Adelson, along with his wife Miriam, has donated $10 million to the leading Super PAC supporting presumptive Republican presidential nominee Mitt Romney–and that’s just the tip of the iceberg. A well-placed source in the Adelson camp with direct knowledge of the casino billionaire’s thinking says that further donations will be “limitless.”

But the attention is mostly focused on the sheer numbers he’s talking about, not what it suggests that Adelson–who already spent buckets of money to try to defeat Mitt in the primary–has now promised limitless donations to defeat Obama.

This is about Likud trying to decide the American elections.

Adelson doesn’t hide the fact that this donation is about Israel as much as it is Obama’s “socialism.”

Adelson, this source continues, believes that “no price is too high” to protect the U.S. from what he sees as Obama’s “socialization” of America, as well as securing the safety of Israel. He added that Adelson, 78, considers this to be the most important election of his lifetime.

Nor is it surprising he’s doing this. More than he is for any of these American politicians, Adelson is Bibi Netanyahu’s Sugar Daddy. And Obama has been remarkably successful thus far in stymying Bibi’s goal of forcing the US to attack Iran. In addition to the sanctions regime that has brought about negotiations, in recent months, the Administration has leaked both a white paper showing that an Iran attack would do nothing but set off a regional war and news of the bases in Azerbaijan Israel would use if it unilaterally attacked Iran. David Sanger quoted Presidential briefers and Joe Biden–Bibi’s old nemesis–blaming Israel for freeing StuxNet, possibly intentionally. Leon Panetta has, on the record, told the entire world, including Iran, when Israel planned to attack. (I actually thought Panetta’s latest 60 Minutes appearance might have been an attempt to placate Israel.)

It may appear to us that the Administration continues typical American policy of capitulating to Israel. But the Obama Administration has taken surprisingly strong measures to push back against Israel.

And now Sheldon Adelson has promised to use unlimited funds to get rid of President Obama.

As much as the money concerns me, that’s not what I worry about the most. The Israelis have never been shy about running off-the-books operations to influence our policies. Indeed, they played a role in Iran-Contra, the start of which goes back to the last October Surprise plot to make sure a Democrat didn’t get reelected in 1980. And the state of affairs in Israel’s neighborhood (both Syria and Egypt would be excellent candidates, though if I were Turkey I’d be cautious, too) is such that it would be very very very easy to create an October Surprise that would make it a lot harder for Obama to get reelected.

Bibi’s Sugar Daddy just announced the world he will do anything in his power to defeat Obama. You can be sure Bibi feels the same way.

Update: Iran/Israel confusion fixed, h/t vl.

Share this entry

“The Yemeni situation and … the Iranian cyber situation”

/16 Comments/in , , , , , /by

As MadDog noted yesterday, Dianne Feinstein seemed to answer a question I’ve written about here and here regarding the scope of the leak investigations.

She said the U.S. attorneys would not face political pressures from the Obama administration and would “call the shots as they see them.”

“We can move ahead much more rapidly,” Feinstein said. “Instead of one special prosecutor, you essentially have two here, one is the Yemeni situation and the other is the Iranian cyber situation. I think you’re going to get there much quicker.”

I’m not sure I agree with MD, though, that “the UndieBomb 2.0 and the Stuxnet leaks are the ones being investigated,” meaning implicitly that just those two “leaks” are being investigated.

DiFi’s quote seems to confirm that there is a distinct investigation into the source of the detail (one of the only new parts of David Sanger’s StuxNet reporting) that Israel let StuxNet free, possibly deliberately. Since Eric Holder suggested there was a jurisdictional component to his choice of US Attorneys on these investigations, we can assume that Rod Rosenstein, US Attorney for the National Security Agency, will investigate that alleged leak.

But what does DiFi include when she says, “the Yemeni situation”? Does it include only the leaks about UndieBomb 2.0? And if so, why isn’t it being investigated out of Eastern District of VA, the CIA’s US Attorney district, which purportedly had a lead on that operation in the US?

Further, MD suggested (though did not say explicitly) this means they’re not investigating the drone targeting leaks.

Now, as I’ve noted, one possible reason they wouldn’t investigate the drone targeting “leaks” would be if the stories reported falsehoods or–more charitably–a drone targeting process that was no longer in place, as the AP has reported to be the case and the White House, in their response to the AP story, seemed to confirm. That is, one possible reason why they wouldn’t investigate the “leaks” about drone targeting would be because those stories did not report accurate classified information (and I’ll remind here that the Klaidman story differs in some notable ways from the Joby Warrick story, which we now know came in part from Rahm Emanuel’s effort to publicize Baitullah Mehsud’s killing).

But there’s another possibility. I’m struck by DiFi’s description of “the Yemeni situation” rather than–as most people refer to it–the “thwarted” bomb “plot.” It’s possible that in DiFi’s mind–the mind of a Gang of Four member who has presumably been briefed on our ongoing operations in Yemen–that the leak of the bomb sting, the leak of the Saudi role in it, and the stories that made it clear that John Brennan is running a secret war against Yemeni insurgents using signature strikes out of the NSC largely at the behest of the Saudis all constitute for her “the Yemeni situation.” UndieBomb 2.0 is a part of that secret war–perhaps the legal justification for US involvement in it (and also a useful way to remove an asset and a key handler before the drones start wreaking havoc). But if this speculation is right, it may well be the other details–the report that this war is being run out of NSC, the details that make it clear we’re targeting insurgents, not just AQAP, the fact that we’re clearly in an undeclared war–that DiFi worries about most.

Mind you, this is all supposition. It may be that DiFi was just using shorthand for the UndieBomb 2.0 plot. But to a great degree, all the stories about drone targeting were efforts to expose–and then cover up–the war we’re engaging in Yemen. And that does seem like a secret the Administration is trying to prevent the American public from learning about.

Share this entry

StuxNet: Covert Op-Exposing Code In, Covert Op-Exposing Code Out

/87 Comments/in , , /by

In this interview between David Sanger and Jake Tapper, Sanger makes a striking claim: that he doesn’t know who leaked StuxNet.

I’ll tell you a deep secret. Who leaked the fact? Whoever it was who programmed this thing and made a mistake in it in 2010 so that the bug made it out of the Natanz nuclear plant, got replicated around the world so the entire world could go see this code and figure out that there was some kind of cyberattack underway. I have no idea who that person was. It wasn’t a person, it wasn’t a person, it was a technological error.

At one level, Sanger is just making the point I made here: the age of cyberwar may erode even very disciplined Administration attempts to cloak their covert operations in secrecy. Once StuxNet got out, it didn’t take Administration (or Israeli) sources leaking to expose the program.

But I’m amused that Sanger claims he doesn’t know who leaked the information because he doesn’t know who committed the “technological error” that allowed the code to escape Natanz. I find it particularly amusing given that Dianne Feinstein recently suggested Sanger misled her about what he would publish (while not denying she might call for jailing journalists who report such secrets).

What you have are very sophisticated journalists. David Sanger is one of the best. I spoke–he came into my office, he saw me, we’ve worked together at the Aspen Strategy Institute. He assured me that what he was publishing he had worked out with various agencies and he didn’t believe that anything was revealed that wasn’t known already. Well, I read the NY Times article and my heart dropped because he wove a tapestry which has an impact that’s beyond any single one thing. And he’s very good at what he does and he spent a year figuring it all out.

Sanger claims, now that DiFi attacked him, he doesn’t know who made this “technological error.”

But that’s not what he said in his article, as I noted here. His article clearly reported two sources–one of them a quote from Joe Biden–blaming the Israelis.

An error in the code, they said, had led it to spread to an engineer’s computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world. Suddenly, the code was exposed, though its intent would not be clear, at least to ordinary computer users.

“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”

Read more

Share this entry

Gang Warfare to Protect Israel’s Secrets

/33 Comments/in , /by

Easily the most overlooked line in David Sanger’s story on StuxNet is this one:

Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.

If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work. Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.

It’s a sentiment he repeats in this worthwhile interview:

FP: There haven’t been thoughtful discussions about the consequences or the ethics or the international legal ramifications of this approach. Let’s imagine for a moment that you’re [Iranian President] Mahmoud Ahmadinejad and you are confronted with this. Isn’t your first reaction, “How is them blowing up Natanz with a code any different from them blowing up Natanz with a bomb? And doesn’t that justify military retaliation?”

DS: Blowing it up with computer code, rather than bombs, is different in one big respect: It very hard for the Iranians in real time to know who the attacker was, and thus to make a public case for retaliating. It takes a long time to figure out where a cyber attack comes from.

That was a big reason for the U.S. and Israel to attack Natanz in this way. But it wasn’t the only reason, at least from the American perspective. One of the main driving forces for Olympic Games was to so wrap the Israelis into a project that could cripple Natanz in a subtle way that Israel would see less of a motivation to go about a traditional bombing, one that could plunge the Middle East into a another war. [my emphasis]

A key purpose of StuxNet, according to Sanger, was not just to set back the Iranian nuke program. Rather, it was to set back the nuke program in such a way as to set back Israel’s push for war against Iran.

With that in mind, consider the way the article blamed the Israelis for letting StuxNet escape.

An error in the code, they said, had led it to spread to an engineer’s computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world. Suddenly, the code was exposed, though its intent would not be clear, at least to ordinary computer users.

“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”

Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”

After having explained that the whole point of StuxNet was to stop the Israelis from bombing Iran, the article then goes on to say that what alerted the Iranians to StuxNet’s presence in their systems–and effectively gave a very dangerous weapon to hackers around the world–was an Israeli modification to the code.

The Israelis went too far.

Those details are, IMO, some of the most interesting new details, not included the last time David Sanger confirmed the US and Israel were behind StuxNet on the front page of the NYT.

How very telling, then, that of all the highly revealing articles that have come out during this Administration–of all of the highly revealing articles that have come out in general, including Sanger’s earlier one revealing some of the very same details–Congress is going apeshit over this one.

Read more

Share this entry

Remember When WE Accused IRAN of Hacking?

/6 Comments/in /by

I meant to mention this in my earlier post about David Sanger’s StuxNet story, and this passage by Matthew Waxman reminded me.

As I’ve argued elsewhere, it’s likely that in many cyber-attack scenarios, both sides – the attacker and the attacked – will have great incentive to maintain very tight secrecy about it; among other reasons and aside from political considerations, the attacked will not want to disclose information about its vulnerabilities and responses.  In light of the “secrecy and low visibility of some states’ responsive actions [to cyber-attacks]… it will be difficult to develop consensus understandings even of the fact patterns on which states’ legal claims and counterclaims are based, assuming those claims are leveled publicly at all.”  In writing this, I may have underestimated how much information might leak from the attacking side.

While he sources this information to the public comments of an Iranian general, Sanger suggests Iran has started its own cyberwar unit.

Iran initially denied that its enrichment facilities had been hit by Stuxnet, then said it had found the worm and contained it. Last year, the nation announced that it had begun its own military cyberunit, and Brig. Gen. Gholamreza Jalali, the head of Iran’s Passive Defense Organization, said that the Iranian military was prepared “to fight our enemies” in “cyberspace and Internet warfare.” But there has been scant evidence that it has begun to strike back.

The thing is, while the US provided no detail to explain this claim, in February Treasury claimed that Iran’s Ministry of Intelligence and Security participated with Hezbollah on some hacking projects.

MOIS provides financial, material, or technological support for, or financial or other services to Hizballah, a terrorist organization designated under E.O. 13224. MOIS has participated in multiple joint projects with Hizballah in computer hacking.

I assume this is either an admission that Hezbollah has hit us or–perhaps more likely–Israel with attacks. (When I wrote this post, I wondered if the allegations that Hezbollah had hijacked Israeli drones–which quickly appeared to be Mossad sabotage instead–were the claimed hack.)

Whatever the basis for the claim, the US government, with a straight face, based part of its Iran sanctions on accusations that the mean old Persians have hacked … somebody.

 

Share this entry