Will Tsar Vladimir Go To War in Ukraine?

draft

Somewhere in the first three episodes of HBO's Peacemaker, our hero, who has collapsed in stress earlier in the episode, regains his moral outrage and willingness to kill to keep the peace and says something like "Eat peace, motherfuckers!" before he blows the bad guy's head off.  The best way to do what Vladimir, the Keeper of Peace, is doing is to not let anyone, even your own side, know what you plan to do. 

But there is a list of things that people have learned to do before battle begins and one can observe these things and get a sense for what is about to happen.  Different sides do different things, but basic principles apply.  This is more about guidelines than it is about inflexible rules.  All of these are pretty logical in retrospect and will make sense to you as well. All of these have relevant historical precedent.  And it is because of these things that people after the war ask "how could you not have known?" Hindsight has perfect vision.

Here is a short list in the context of the Russian/Ukraine situation.  Russia pulls most of its personnel out of their embassies and consulates.  Citizens are warned to leave the country.  Classified papers and other material in these embassies are destroyed.  Someone sends special forces to the potential site of conflict to help get their diplomats and citizens out.  Live ammunition is released to the units.  Leaves are cancelled.  The logistics of war are completely over the top amazing and even if you are not sure war is happening, certain really big things have to be put into motion (e.g. Russian amphibious ships are sortied and people are not sure where they are going... maybe they are just going on vacation).  Various countries start running around the clock missions to provide critical munitions to their ally, munitions that they might have kept a very tight grip on previously, but not now.  "Here" they say, "Take these antitank weapons.  They are our very best and God Speed".  Border incursions by air and ground increase in tempo until they seem to be almost continuous.

Units start disappearing.  Brigades, Divisions, maybe Corps, go to radio and electronic silence and move and you dont know where they went.  Units show up where you didn't expect them.  People at the front start reporting noises of equipment that they had not heard before.  The listening posts report in, something is happening.  Airplanes and other assets are dispersed.  Your networks say that war begins in 3 days but you know they have been wrong before.  Warnings are issued.  Alert levels are raised.  People lose sleep and they are armed and nervous. Mistakes happen.

War is not inevitable, but at some point information entropy takes over and you either give the "go order" or you dont.  And if you say "go", at some point you may not be able to pull them back.

There is a lot of history here.  War is perfectly plausible in this part of the world.  You may not agree, but Russia has interests here.  Obviously so does Ukraine.  Personally I think they are going to do it.  God Speed.

 

.

Intelligence, Ambiguity and the SONY Hack

draft

[Since I wrote this blog post, I came across evidence that maybe the NSA does actually know what happened. See https://www.nytimes.com/2015/01/19/world/asia/nsa-tapped-into-north-korean-networks-before-sony-attack-officials-say.html]

I am slowly going to get around to the issue of who perpetrated the SONY hack. I am pretty sure that whoever it was executed a fishing expedition and that Amy Pascal was a victim but not an original target. Whoever this was hoped there would be good stuff in the emails, and of course they started from the top down, and released a bunch of stuff and hoped that some of it would cause trouble and they were right. The first rule is to not put anything in email you would not want to see in the NY Times. Yesterday I read what was supposedly the supposedly horrible content of the Pascal/Rudin dialog about Obama and some actor, and you know, it's not enough in my mind to have caused this level of reaction. What they said was that someone of a certain ethnic group likes to see positive depictions of that ethnic group in film, I think. And that a specific actor wanted money for work they wanted him to do and that they did not want to pay him. Big whoopie. So Amy goes into independent production but that does not make SONY any more or less racist. Thank goodness they were not discussing Michael Jackson. What a mess that would have been!

I had not realized that the DOJ had in fact filed a case against a mysterious Korean who N. Korea says does not exist. So while the USA may be ineffectual, and FBI Counterintelligence was not able to protect our poor, helpless SONY executives, we did step up to the plate to formally complain and so I retract my inflammatory statement that we did nothing. There isn't much they can do after the fact. The issues of N. Korea, who our government believes did this hack, see below, are complicated. We are already doing what we can short of war to rein those maniacs in. Our State Department's worst fear is that Kim is deposed and the whole sucking puddle of shit collapses and we have a real mess. We may look back in nostalgia to the days of Kim and SONY and say, "Wow, wasn't that great! We didnt know how great it was."

As outsiders to the world of intelligence, we can not really know with certainty what is going on, but if you pay attention, and watch over time, then there are things you can know, up to a point. Sometimes you may have to wait but even then it's not as if you can prove anything to everyone's satisfaction. There are classic examples here. We knew the government thought that Julius & Ethel Rosenberg were guilty but the real evidence, not the stuff presented in court, was withheld for 30 + years and that is one of the reasons that, decades later, they went public with Venona and many people still dont believe it. (1) Many cases are not brought to trial because the intelligence community is not willing to expose the evidence and by definition the sources. There are mysteries about the Ellsberg matter, mysteries that have never been resolved, that if anyone knows the answer to, they are not talking. Pretty much everyone thinks the Warren Commission was a coverup but of what? It was only recently that I finally heard a theory that I believe in... that it was a CIA fuckup but not the way most people believe. (2) But do I really know? Of course not.

N. Korea has proven to be a plucky little nation even if they are really annoying. They came this close to winning the Korean war at the beginning. They are probably behind one of the most successful counterfeiting operations in the history of counterfeiting. (3) And who can forget their recent sinking of a S. Korean destroyer? Or the assassination of a relative of Kim by secret agents? Or the fabulous operation using the Yakuza to steal from Japanese ATMs that involved a hack involving banks, special ATM cards and intense rules. (4) N. Korea has proven their capability in this area over and over again. They are a player in cybercrime and cyberwar. They have the capability to execute the SONY hack, many believe. But if not them, who?

Some believe that the hack was perpetrated by an individual or perhaps a small team of disgruntled SONY employees as an extortion plot and that the demand to withdraw the famous satirical film about a fictional Kim was just cover. I know that some cybersecurity officials believe that there is evidence that the hack was perpetrated by a state actor. These things are not all that subtle, you know. There is a level of skill and of effort over time that is found with state hacking operations in contrast to talented individuals or groups like Anonymous or private criminal groups. And generally each of these groups have a track record and leave a series of clues that indicate modus operandi.

I know that generally the DOJ does not file a case in this kind of thing unless they think they have enough evidence that can be presented in open court should it ever come to trial. But maybe they knew this would never come to trial so they decided to use this as a way to embarrass N Korea, which is basically impossible because they are shameless, but whatever. Cui bono? One could make a case for the disgruntled insiders who eventually released the material to make good their threat did it. And of course the N. Koreans could have done it and had motivation.

But do I really know, no I dont. If someone knows for sure, through unspecified intelligence sources, well I cant know about that. I havent seen the evidence and I am not qualified to evaluate it. In the absence of a plausible candidate or candidates for the insider theory, and for all I know there is such a candidate but no one is talking about it because it is defamation in the absence of good evidence, I think, then I propose that the most plausible candidate is N. Korea. I will probably never know for sure. That is the fate of most judgments or assessments that we make about intelligence matters. In the absence of a confession, and maybe not even then, we can not be sure.

______________

1. A pretty good description is at https://www.osti.gov/opennet/manhattan-project-history/Events/1945-present/venona.htm. But if you dont believe it, then by all means go to the NSA site on Venona and there is much more detail. There are people who to this day deny that Ethyl knew what Julius was up to which is, frankly, ridiculous. There are others who say that even if they were spies, their work did not really help the Soviets. People will believe whatever they want to believe. I would not be surprised to hear that some people believe that Venona is a fake and was made up to frame the Rosenbergs. How could I possibly know?

2. An article I read by an academic who studies the JFK assassination believes that recently released evidence shows what some people believed at the time. That the CIA knew more than they were saying and that they had been tracking Oswald in Mexico City, had tapped his phone, knew that he had visited various embassies, knew that he was up to no good. Then instead of acting, or communicating their concerns to FBI Counterintelligence, they just dropped it. And when JFK got shot by their guy, Oswald, they knew that no one would believe that they had not had a hand in it or that they could be so stupid as to not warn anyone so they suppressed the information about how much they knew. That is one theory which may be supported by the evidence, but as you know, there is a lot of evidence and a lot of controversy about that evidence. It would take maybe a year, probably more, just to review the evidence that is public and form some sort of conclusion that is actually informed.

3. This is so much harder to do than most people realize. Yes, North Korea, may have had help. I certainly hope so. And N. Korea is not the only source of these dollars. See https://en.wikipedia.org/wiki/Superdollar.

4. See https://www.newyorker.com/magazine/2021/04/26/the-incredible-rise-of-north-koreas-hacking-army

Correspondence on China

draft

Dear [REDACTED]

Sometimes it takes me time to read the various things I get, but I try to, and I appreciate what you send me. And I am very ignorant of the details of China. I know more about the Tarim Basin or prehistoric Italy than I do about China. Some of this is intentional because it is a vast topic.

I do know about the vast amount of money we dumped on China to help them fight in WW 2 (very little of which went to the Communists as far as I know). I do know about Stillwell and the Flying Tigers. I do know about the time when the numbered air force that Curtis Le May was running in China against the Japanese sent three C-47s filled with medical supplies to Mao but I dont recall what the occasion was. I do know about when Doolittle and his flight of B 25s landed in China and the number of Chinese murdered by the Japanese in retribution. We were not always complete enemies, or maybe we were, but not on the surface of things.

Before I care to hear too much about the other side of the story, I need to know that the Chinese cyberattacks have stopped. I need to know what exactly we are doing educating people who are going to fight a war with us to kill as many Americans as possible since I think that is the most likely scenario in the next 20 years. I need to know that the Americans who deliberately lied to steal the money by sending industry to China without doing anything for the Americans whose lives were destroyed receive justice, which is to say civil asset forfeiture and years of important therapy in an institution run by our federal government. You know, the way a black man would if he stole food to feed his family.  And I need to know that whatever is going on with the Uyghurs in China has stopped and people given real help to recover.

I dont think we are blameless in our relationship with China, far from it.  But I also dont much care.  The above issues are happening now, they need to stop now.  After that I am very interested in some of the details.

Rumors of War Part II

The rumors about the Libyan Internet Hack were not confirmed, so this post is deleted.

Rumors of War October 2016

Lets now move beyond the grim reality of the collapse of our political system, and lighten things up around here by considering whether or not we are on the brink of another serious regional or world war. Not only is this a very reasonable time to ask such questions, it also leads into the larger blog theme of “predicting the future”. In this case, no esoteric knowledge is necessary, we can rely on our own knowledge of history and what we can see of world events.

Whenever a war happens, there are always people who say that there were clear signs that the war was obviously going to happen and that either we should have been better prepared, or should have avoided it, or that the government knew it was going to happen and wanted it to happen, or any of a number of other opinions, some of them interesting, many of them completely out-of-their-mind crazy.

Hindsight is 20/20 but in the real world there are always tensions and conflicts that could explode into a major war. But it also the case that there are a variety of “indicators” that a war may be on the horizon. Here are a few drawn from recent history: (a) a nation is pursuing what it sees to be a goal of critical national importance and another nation executes economic sanctions (war) against it, (b) a nation is executing a rearmament of their armed forces as fast as they possibly can, (c) a nation executes an intense intelligence attack on another nation with whom they are at peace of a size that is unparalled in peacetime, (d) a nation insists that it controls another nation's territory or that a formerly public right-of-way is declared to be their sovereign territory, and always has been.

Do we see any of these four situations in the world today? In fact, we see all four of these.

Russia has a centuries long relationship with Ukraine and Crimea. They see that relationship differently than we do. For them, Crimea is the ice-free port that Russia strategically requires. For them, Ukraine is a slavic territory that has been part of Russia for centuries. The very origins of Moscow and Russia can be traced to Kievan Rus in what we might now call Ukraine. The west has imposed sanctions on Russia for the events in that part of the world. Right or wrong, these sanctions are certainly hurting Russia.

Both Russia and China are extensively rearming and reconfiguring their armed forces. The Russian army, navy and air force seem to be rebuilding at a vastly increased rate. China is doing something similar.

For the last decade, China has executed a cyber-attack against the United States of unprecedented scope. The only people who do not know it at this point are people who are really not paying attention (or don't want to know). The US Government has given every indication that it knows and that it wants it to stop. We know that something has been going on in part because our country has begun an immense investment in offensive and defensive cyberwar.

China's actions in the South China Sea are about as aggressive as a nation can be in times of peace. It is a setup for a hot war, and they are arming for it. They want it, they need it, they have to have it. And if we don't like it, we have to fight for it. The problem is not what we want, the problem is what all China's neighbors want and we are in a mutual defense alliance with those neighbors. Probability of war? High, about as high as war between India and Pakistan, for example.

Oh, did I forget to mention India and Pakistan?  Or India and China?  Or Vietnam and China? Or Pakistan's financing of terrorist groups? The war in Syria and the refugee crisis? Russia's blatant cyberwar against America? N. Korea and its nuclear weapons? Russia and Chechnya (what's left of it)? Or the Congo? Or Somalia? Or Sudan? Or Libya?

So are we headed to world war? Not necessarily. After all, even a hot regional war does not imply a world war.  But if we do end up in a major world war, there will be people who say that there was plenty of evidence that it was on the horizon.

This topic continues here.

FBI Issues Cyberalert Regarding Iran

As part of the ramp up of the war taking place in cyberspace between various nations and non-state actors, the FBI, in their role as the lead counterintelligence agency for this country when inside our borders, has issued an alert about Iranian cyber activites.

Although most Americans do not consider the FBI to be an intelligence agency, they are, in fact, one of the famous 3 - letter agencies (CIA, NSA, DIA, NRO, etc) and they are responsible for seeing that bad people who are attacking American citizens or corporations or whatever are thwarted. Particularly when whatever is happening takes place inside our national borders where agencies like the CIA are not allowed to operate, generally speaking.

Thus, when the predecessor to the NSA started decrypting Soviet messages (Venona) and discovered that they, the Soviets, were running significant intelligence operations in the US, it was the FBI that the NSA turned to as the proper authority to disrupt these activities and where possible identify and prosecute the Soviet agents.

As you presumably know, the war in cyberspace has been ongoing for over a decade, but the US has only in the last few years started mobilizing cyberdefense and cyberoffense activites.

Of course, certain announcements by the FBI regarding Cyberwar have not always worked out.  For example, SONY was probably not hacked by North Korea, but rather by a very spiteful and talented former employee and IT worker.

Nevertheless, it is the FBI's job in all this to investigate but also to educate and warn Americans who may be at risk. Hence this alert.

Page 1 of the Alert

You may read the entire notice at the following link.

https://info.publicintelligence.net/FBI-IranianHacking.pdf

If you do not know the Venona story referenced above you really should read about it. Its one of the few activities that the NSA feels it can talk about, since it is long over and since it was compromised decades ago.

See https://www.nsa.gov/public_info/declass/venona/

Journal of Information Warfare

Cryptome has put on their site an NSA journal that is unclassified with the fabulous name of “Journal of Information Warfare”.

It has a variety of entertaining articles, and I have put the table of contents below. I think that most normal people will find it a little difficult to read as it seems to be written with a very turgid government style. One can get used to it but it is certainly not very evocative prose. I suspect that if one were to work in the NSA that one would have to learn to read and write such things effortlessly.

See for yourself.

The Journal of Information Warfare volume 13, issue 2

http://cryptome.org/2014/06/nsa-jiw-2014.pdf

Russians Discover Chinese Home Appliances Designed for Crime

We are told to accept Globalization as inevitable and beneficial. Just trust us, says Congress, as they pass free trade act after free trade act, and pass exemptions to polluting transport companies to lower costs for container ships. It may be that most Americans are impoverished in the short run, says Congress, perhaps for the first 50 or 100 years, and are thrown out in the street giving up all hope of having a home or family, but ultimately no doubt Globalization will benefit all Americans and not just the rich, they promise. Really.  One day.

But what if all those cheap devices that flood our shores contain Trojan Horses that are secretly working for our destruction? Sound far fetched? Maybe not.

We believe that Americans are in denial about the extent of cybercrime and cyber-espionage that is going on in the world. Russia in particular seems to be the home of cybercrime whereas China seems to be home of cyber-espionage, although all countries dabble in all the black arts, perhaps.

Many Americans have come to rely upon their home appliances.  What could be more trustworthy than a coffee maker that helps us wake up in the morning?  Or a blow dryer that dries our hair?  What about a blender or food processor?   We rely on these instruments of modern convenience and it is inconceivable that these items could be turned against us.   They are as American as Apple Pie even if they are no longer made in America in order to increase the profits of the wealthy.

Now something has happened that may yet wake Americans out of their complacency, and it comes, ironically from the Russians. They have been discovering for some time covert cyber penetration devices in home appliances manufactured by that supposedly "friend of cheap manufacturing", the People's Republic of China, and they have gone public with this shocking news just recently.

Home appliances of all types including irons, blenders and even the beloved toaster oven have been found kitted out with the most devious of devices, including and especially WIFI hardware designed to penetrate any unsecured WIFI within 600 feet or so of the appliance. Once such a WIFI is found, the innocent-looking home appliance transforms itself into a network-based spy (or "Snowden" as they are known these days) and tries to penetrate any computer it can find on the local network in order to insert viruses (virii?) into the defenseless computers. Of course these home appliances phone home to their masters in Beijing as well.

Are these innocent looking home appliances in fact criminal devices from the East?

The Russians believe that the primary purpose of these devices is to find and make robot slaves for Spam delivery, but we don't buy that. The Chinese are guilty of the largest espionage program in history in their attacks against the United States and have totally raped this country of both military and industrial intellectual property. The theft is vast, persistent and hostile and we are just now starting to calculate the costs, billions of dollars, of changing various military-related apparatus (e.g. electronic warfare) based on the knowledge of this theft. I propose that countries only do this level of espionage if they believe that they are going to war.

Now on top of the previous attacks, we learn of the Russians under attack by home electric appliances. Are Americans also under attack in the same manner? How can we tell? I call on the President and Congress to pass a Homeland Appliance Defense Act and investigate this potential threat to our freedom at once.

For one article on this emerging crisis, see here.

Why China Attacked Google

In a brilliant stroke of counterintelligence, the cyberwarfare arm of the People's Republic of China raped Google's servers and aside from picking up their most proprietary intellectual property (their search engine core) they targeted and no doubt got their database on which individuals had been targeted for legal surveillance by court order.

First, let us review why this is excellent counterintelligence. Then, why I mention it to you and what it may mean for American policy.

When country A is spying on country B, it can do so with various means and approaches, the most famous of which is often badly represented in films: the clandestine agent or spy. (1) The clandestine agent may be a citizen of the target country, or he/she may be a foreign national masquerading as a citizen. The clandestine agent may be working at a sensitive position in industry or government, or socialize with such people, or recruit and then manage networks of people who pass on confidential information.

Since country B knows that country A is spying on them, they organize their resistance and defense against such spying and call it counterintelligence. But since country A knows that country B is protecting themselves, they have an incentive to hide and protect their sources, and this is also called counterintelligence, although it might more properly be called counter-counterintelligence.

Still with me?

China is spying on the US. The US investigates the spying. China wants to know who the US is investigating so that they can hide their agents, protect them, tell them to do nothing incriminating for a few years, or find some way to mislead the US about their spying.

How does China find out who the US suspects?

In general, when we use surveillance on a person in the USA, we need a court order. This is not trivial to do, but it is done all the time and requires a judge to agree that it would make sense to do surveillance as part of a criminal investigation. Court order in hand the counterintelligence agency can go to various organizations like the phone company or the internet provider and request information about what the user is doing and ask for records to be kept.

Naturally, the phone company or whatever keeps a record of who they are looking at. What China did was to penetrate Google, find their database of who they had been requested to keep information about, and steal it. In this way they can know a great deal about who we suspect may be a Chinese spy. They can then look at this list and know to a large extent how far we have gotten in our defense against their attacks and make adjustments.

This they have done. It is a fait accompli. All counterintelligence in this country that involves HUMINT and the Chinese is dead as of that date. New investigations may now come into being, but they will probably be compromised as well because China is massively attacking all such targets for this and other information.

This is one datapoint of many that indicates that China is waging an undeclared war against the Untied States. It is not a hot war in the sense that thousands of people die each year, but it is a war of intelligence among other things and dozens of people die each year. When countries execute massive intelligence campaigns against other countries, it is in preparation for real war, or in anticipation that there may be a real war.   And if there is a real war, which there very well may be, then thousands of people will die because of the intelligence gathered by the people who China has now successfully protected.

Again this is just one datapoint. There are many such datapoints, and if you doubt me, look up the euphemism "advanced persistant threat" and look for yourself.  

Since China is executing a campaign of massive espionage against the United States, possibly the largest in history, this helps to explain why we finance them by sending all our manufacturing to China, right?   This is why the Republicans defeat any attempt to require American business to protect sensitive information, right ?   Its the price we have to pay to make a fast buck.

A few links to news articles on this and related topics.

Washington Post:
http://www.washingtonpost.com/world/national-security/chinese-hackers-who-breached-google-gained-access-to-sensitive-data-us-officials-say/

A respectable article from the Council of Foreign Relations:
http://blogs.cfr.org/asia/2011/12/13/can-you-hear-me-now-the-u-s-sends-china-a-message-on-cyber-espionage/

See this link for a truly wonderful editorial on the implications of all this for private industry. It is of the great Internet rants, this time of the so-called INFOSEC world.
http://krypt3ia.wordpress.com/2012/10/17/counterintelligence-false-flags-disinformation-and-network-defense/

_________________________________________________

Notes

1. Modern intelligence takes many forms and the number increases with time. The classic clandestine spy is called HUMINT in todays jargon, e.g. human intelligence. Other types include SIGINT (signals intelligence), IMINT (imagery intelligence), MASINT (measurment intelligence), open source intelligence and the emerging field of cyber intelligence. The CIA keeps an excellent archive of declassified intelligence research and it is worth reading for background. https://www.cia.gov/library/index.html