Follow us on Twitter at http://twitter.com/blogCACM
The Communications Web site, http://cacm.acm.org,
features more than a dozen bloggers in the BLOG@CACM
community. In each issue of Communications, we’ll publish
selected posts or excerpts.
giving way to Agent 111 (“007” in binary),
who oftimes might just be a smart bot.
The latest exploit of some Chinese
Agent (or agents) 111, made public this
month, has to do with sensitive data
about American submarine operations.
Access apparently was gained by hacking a private contractor doing work in
this area for the U.S. Department of
Defense. By infiltrating in this indirect
manner, cyber-spies were able to vacuum up over 600GB of data that, when the
pieces are put together, may provide a
valuable picture of how the U.S. Navy intends to operate in contested waters like
the East China Sea.
This serious breach, a coup for Chi-
nese intelligence, came in the wake of a
string of damaging hacks aimed at stra-
tegic targets in the U.S. One of the worst
was revealed on March 15 (talk about
“Beware the Ides!”) in a report issued by
the FBI and the Department of Home-
land Security that asserted a well-crafted
Russian-sponsored intrusion effort had
gotten in to our power and water infra-
structures. Given these systems are high-
ly reliant upon automated controls, the
idea some latter-day virtual James Bond
might be able to “cybotage” them is most
troubling. For those who worry about
how such hacks might hurt our military,
give Pete Singer and August Cole’s Ghost
Fleet ( http://bit.ly/2y4v2xC) a close read.
Back in 2015, one of the things U.S.
President Barack Obama and China’s
President Xi Jinping discussed when they
met was the matter of curbing hostile cyber activities aimed at the theft of commercial intellectual property. This Infor-mation-Age form of industrial espionage
was costing the U.S. hundreds of billions
of dollars each year. Both leaders agreed
to declare a moratorium on this aspect of
cyber-spying, though the Trump Administration has recently charged the Chinese
with serial violations to it. Yet it is important to note, of the Obama-Xi agreement,
that conducting cyber espionage in the
military and security realms was not addressed. This omission signaled to intelligence agencies in both countries—and
to their counterparts around the world—
that a new “cool war” was under way, and
it was not to be curtailed.
There are two problems with tacit acceptance of cyberspace-based spying on
militaries and other actors. The first is
that intrusions, though they may be for
intelligence-gathering purposes, are observationally equivalent to attack preparations. How is one to know whether the
mapping of one’s systems is prelude to
an imminent attack, or to an attack at
some undetermined time in the future?
Either way, this form of cyber espionage
is unsettling, because of the threat of actual attack that may undergird it.
John Arquilla
From 007 to ‘Agent 111’
http://bit.ly/2DO1wmc
June 18, 2018
The information revolution has changed just
about every aspect of society and security
in our time, so it’s no surprise that the
spy business has been transformed as
well. Yes, there are still human “moles”
who scurry about inside organizations,
gathering up vital information for their
foreign masters, and no doubt those
“sleepers” deported from the U.S. back to
Russia in a 2010 prisoner swap were not
the last of their kind; a real-life version
of the television series “The Americans”
likely continues, in many countries.
Yet adventurous James Bond-like
spies have been eclipsed by a new generation of operatives who don’t travel the
world (not physically, anyway) or drink
martinis, shaken or stirred. Indeed,
most of their time is spent tapping away
at keyboards in cool, windowless rooms,
their favored beverage some brand of
highly caffeinated energy drink. Bond is
Securing Agent 111,
and the Job
of Software Architect
John Arquilla describes the new state of cyberspying,
while Yegor Bugayenko considers the importance
of a software architect to development projects.
DOI:10.1145/3282874 http://cacm.acm.org/blogs/blog-cacm