What just happened to the Joint Chiefs of Staff ought to make us very nervous. Really nervous.
Sorry- the unexpected and untimely death of a peer officer caused a rupture in the carefully crafted Socotra Production Plan, which would have lurched back to the sawn of the modern Iranian Continuing Crisis.
Something else happened this morning that brought me up short, and I need to help you work your way into a war that is in progress. Right now.
Many of you may be aware that the email system of the Joint Staff was hacked last week, and it was such a big deal that the mainstream media outlets only mentioned it only in passing. We are getting desensitized to news of cyber breaches, and even the devastating theft of personal information from OPM was a passing story that was dropped as soon as a sacrificial lamb was slaughtered, the Director forced to resign, and everyone moved on.
That wasn’t the end of it, I am afraid, and the JCS hack demonstrates that it really is only just beginning. To its credit, CBS National Security Correspondent David Martin gave us the basics:
“The Joint Staff’s unclassified email system which was hacked during the last weekend of July remains off line over a week later…The reason cited is “a new sophisticated intrusion” of the kind that could only be mounted by a state actor…Those affected by the attack are the roughly 4,000 mostly military personnel who work for the Chairman of the Joint Chiefs…The Joint Staff took its unclassified e-mail system off line because of some suspicious probes over the weekend of July 25. The classified network is not affected, and senior members of the Joint Staff were provided with an alternative means of exchanging unclassified e-mail…”
That is all true enough, but routine, unless you actually know a bit about how the military communicates with itself. That is the problem with reporting about it; the reporters don’t know much about the three network security levels: Unclassified (and For Official Use), Secret and Top Secret. According to the story, only the lowest unclassified network was compromised. It is password protected for access, but open to the world wide web.
Secret-level material, the “compromise of which could cause serious damage to National Security” is protected and not directly connected to the web and encrypted, though it rides on commercial fiber optic circuits. Top Secret and Special Compartmented Intelligence (Grave Freaking Damage) is transmitted via the Joint Worldwide Communications System (JWICS).
Theoretically, nothing can leak between the levels, but there have been mutterings for years that unauthorized modifications to the network connections have been made for a variety of reasons related to combat operations or the convenience of remote users. I can’t prove it, and won’t try. I am suspicious.
But let’s just confine ourselves to the lowest level network, the Nonsecure Internet Protocol (IP) Router Network (abbreviated as “NIPRNet,” but commonly written “NIPRNET”). It is a private IP network used to exchange unclassified information, including information subject to controlled dissemination, and also provides DoD users access to the internet
You can see both why this is a pretty big deal, since sensitive controlled information is contained on the network, and you can also see why people’s eyes glaze over rapidly when anyone starts to talk about it.
Think about the Target stores data breach and you sigh and try to recall if you used a credit card there while the numbers were being harvested. That is small potatoes.
Get into the NIPRNet and you have gained access to records, files, sensitive data and all sorts of things related to national security. Low level, perhaps, but once in there the whole picture can be pieced together. This was huge.
But it was this morning that I finally put the two pieces of how dangerous this digital world has become.
This morning, the word was that the Joint Staff had been breached by sophisticated “spearphishing” attacks.
You have got them yourself. Perhaps you noticed, and perhaps you clicked on a link provided ostensibly from a friend, or got the bad news from several people in your address book that you have been hacked, and someone is sending out notes purporting to come from you, but which actually contain mal-ware designed to compromise your security, turn your computer into a component of a bot-net or steal all your money.
Hackers stole every the contents of every digital address book at America On Line and Yahoo a couple years ago- I know what a pain that is since my information was part of the theft, and I actually saw it in real time as the contents scrolled across my screen as I frantically tried to change my password.
But that is low-level stuff, not the work of a state actor.
Here is what a nation state does: it steals the contents of your health record and your personal data. They hit the insurance companies. That is 90 million of us, so far, and that is only what we are aware of. Social Security numbers, doctors, treatment records, all that stuff.
A nation state hits the Office of Personnel Management, and strolls off with the contents of the huge personnel files all people seeking a clearance in the U.S. Government have to fill out. 23 million are affected. All digital files since they started doing that in 2000 are affected. Since those have to be filled out every five years (We call them “bring-ups’) the Nation State that took them knows who we are, who our friends are, all personal and financial information and polygraph results are gone.
Now once in possession of that information, and with a little search on who is on the Joint Staff, you have the ability to send completely legitimate mail to people with enough personal information on who allegedly sent it to be completely plausible.
That is “sophisticated spearphishing.” We are so screwed. How will anyone ever be able to trust anything digital?
The Joint Staff may recover- I certainly hope so. But this little tidbit of information means the other shoe has fallen. We know what is being done with the data they took. They are now targeting where we work, and using the information to trick us into thinking we know who we are talking to. This means our data has been weaponized, and we are now entering an entirely new landscape.
Think of this as a little test. Think of the other targets- senior executives in finance, or managers of the power or transportation grid.
We are so screwed. And we don’t even realize it is happening now.
Wait until they decide it is The Day. Then things are going to get very interesting indeed.
Copyright 2015 Vic Socotra
www.vicsocotra.com
Twitter: @jayare303