By Kit Klarenberg, an investigative journalist exploring the role of intelligence services in shaping politics and perceptions. Follow him on Twitter @KitKlarenberg
America’s well documented history of exaggerating enemy capabilities, coupled with NATO saying cyberattacks could be met with a military response, should make everyone nervous about any new ‘cyberattack detection system.’
Keith Alexander, who served as Director of the National Security Agency from 2005 to 2014, has called on the US and its ‘Five Eyes’ allies to construct a global unified cyber-defense ‘radar’ to protect critical infrastructure from foreign hackers.
Speaking at an Australian Strategic Policy Institute webinar alongside Abigail Bradshaw, head of Australia’s Cyber Security Centre, he stated that creating a collaborative mechanism for detecting and battling cyberattacks was vital in the modern era.
“Imagine if we built a radar picture for cyber that covered not only what impacts Australia, but what impacts other countries, and we could share, in real time, threats that are hitting our countries and protect from that?” Alexander postulated. “What we can do is share information and work together. … Cyber is going to be hugely important for our future. It’s the one area where adversaries can attack Australia and the US without trying to cross the oceans.”
The former signals-intelligence head honcho, who lied endlessly to the public about his agency’s spying capabilities – including while testifying under oath to Congress – during his time at the NSA’s helm, suggested this worldwide dragnet should also cover cyberattacks on big business.
“The biggest problem that I faced in government, and that we face today, is governments … can’t see attacks on the private sector. Yet the government is responsible for defending the private sector,” he said. “So, we have this anomaly: how are you gonna defend that which you can’t see? Incident response is not a defensive measure. That’s after everything bad has happened.”
Alexander may have been speaking in his capacity as a member of Amazon’s board of directors, which he joined in September 2020. Over the course of the pandemic, its sales doubled to $386 billion, making its founder, Jeff Bezos, one of the richest men in the world – and the company an obvious target for hackers wishing to make a fast, sizable buck.
However, his words gain a rather sinister quality when one considers the push in recent years by Western powers to designate cyberattacks as an act of war. In August 2019, NATO Secretary General Jens Stoltenberg wrote a bombastic op-ed declaring the military alliance would “guard its cyber domain and invoke collective defense if required.” A “serious cyberattack” on one member state would thereafter be “treated as an attack against us all,” he said, and potentially trigger Article 5 of the bloc’s founding treaty in the process.
Given the ease with which intelligence services can falsely attribute cyberattacks, Stoltenberg’s fiery pledge is disturbing in the extreme. In 2017, secret CIA files published by WikiLeaks revealed that the agency can mask its hacking exploits to make it appear that another country – such as China, or Russia – was responsible. Dubbed ‘Marble Framework’, the resource inserts foreign-language text into malware source codes to fool security analysts, and can obfuscate in this manner via Arabic, Chinese, English, Farsi, Korean, and Russian.
Moreover, CIA hackers employ crafty tricks and double bluffs to reinforce these bogus attributions, such as creating the appearance of attempts to conceal foreign-language text, thus conning forensic investigators into concluding even more strongly that the country being framed by Langley was responsible.
Somewhat amazingly, this seismic disclosure prompted no Western journalist to reappraise the widely received wisdom that Moscow’s GRU was responsible for the hack and release of damaging Democratic National Committee emails in 2016. That conclusion, universally reinforced by the Western media, was initially peddled by Matt Tait, a former GCHQ spy.
He didn’t base his conclusions on anything particularly technical, but “basic operational security failures” he detected on the part of the individual(s) who released the communications, including their computer username referencing the founder of the Soviet Union’s secret police, and “ham-fisted” attempts to pose as Romanian. Which is, of course, precisely what the CIA would deliberately do to cover its own tracks.
Similarly, there has been no mainstream discussion of why the agency would seek to acquire and maintain this capability in the first place – an urgent question indeed, given its extensive and deplorable history of false-flag operations to overthrow governments, and kickstart conflicts.
For example, in April 1953, the CIA – in conjunction with Britain’s MI6 – launched a welter of covert actions to undermine Iranian Prime Minister Mohammad Mosaddegh, in order to lay the foundations of his eventual ouster. One key tactic in which it engaged was the bombing of mosques and the homes of prominent Muslim figures by Iranians posing as members of the country’s Communist Party. A subsequent internal review of the coup noted that this incendiary activity had mobilized mullahs to take action against Mosaddegh, and, as such, was judged to have contributed to the “positive outcome” of the wider coup effort.
This glowing appraisal may have informed the dimensions of Operation Northwoods – a daring set of proposals that would’ve seen the CIA stage and commit acts of terrorism against US military and civilian targets that would be blamed on the government of Fidel Castro and precipitate an all-out war with Cuba.
Potential false-flag actions outlined in the extraordinary declassified documents include the assassination of Cuban immigrants on US soil, the sinking of boats ferrying Cuban refugees to Florida, the shooting down of US civilian airlines, the blowing up of US ships, and more.
One particular element of the wider plan is particularly relevant to consider in light of Alexander’s mooted cyberattack radar scheme. If the 1962 Mercury endeavor – the first US orbital spaceflight – went awry, Castro would be blamed by the concoction of “irrevocable proof that … the fault lies with the Communists … this to be accomplished by manufacturing various pieces of evidence which would prove electronic interference on the part of the Cubans.”
While Northwoods was ultimately rejected by President John F. Kennedy, the US military and intelligence community continued constructing false-flag blueprints thereafter. In 1963, a Pentagon policy paper advocated making it appear that Cuba had attacked a member of the Organization of American States (OAS), so the US could retaliate.
“A contrived ‘Cuban’ attack on an OAS member could be set up, and the attacked state could be urged to take measures of self-defense and request assistance from the US and OAS,” it states.
Langley’s cyberattack connivances have surely only grown more sophisticated, and more difficult to unravel, in the years since Marble Framework was publicly exposed, meaning falsely pinning blame on a foreign country for a cyberattack it didn’t actually commit may be even easier and more effective today. And, in turn, a global cyberattack radar could serve as a tripwire for Beijing, Moscow, or any other Washington-mandated ‘enemy’ state to unwittingly and unwillingly stumble over, triggering the outbreak of global war.