U.S. Intelligence Weakening Internet for Takeover

As in other occasions, exercises are being conducted before full a takeover.  Will the next false-flag attack come to fruition on the net? The Cybersecurity Bill gives Obama the power to shut down companies and the World Wide Web as a whole.

1500 AM

In places like Arlington, Va.; Washington, D.C.; across the U.S. and around the world, a global cybersecurity exercise is underway designed to test the limits not only of the “network of networks,” but the ingenuity of the people charged with protecting it.

Welcome to Cyber Storm III.

This is the third time that the Department of Homeland Security, in conjunction with other federal agencies, is holding this global cybersecurity exercise. Previous Cyber Storm exercises were conducted in 2006, and again in 2008. For the first time, DHS will manage its response to Cyber Storm III from its new National Cybersecurity and Communications and Integration Center.

Normally, this facility, located in a nondescript office building in Arlington is classified and closed to the public. But the NCCIC recently opened its doors for an inside look to let DHS officials brief the media on Cyber Storm III, a worldwide cybersecurity response exercise that has been underway since late Monday.

Brett Lambo, the director of the Cybersecurity Exercise Program with DHS’s National Cybersecurity Division, is the architect, or game master for this global cybersecurity exercise.

“The overarching philosophy,” he told reporters in a recent briefing at the NCCIC, “is that we want to come up with something that’s a core scenario, something that’s foundational to the operation of the Internet.”

Cyber Storm III includes many players in places across the U.S. and around the world:

  • Seven federal departments: Homeland Security, Defense, Commerce, Energy, Justice, Treasury and Transportation.
  • Eleven states: California, Delaware, Illinois, Iowa, Michigan, Minnesota, North Carolina, New York, Pennsylvania, Texas, Washington, plus the Multi-State Information Sharing and Analysis Center (ISAC). This compares with nine states that participated in Cyberstorm II.
  • Twelve international partners: Australia, Canada, France, Germany, Hungary, Japan, Italy, the Netherlands, New Zealand, Sweden, Switzerland, and the United Kingdom (up from four countries that participated in Cyber Storm II).

DHS officials also say 60 private sector companies will participate in Cyber Storm III, up from 40 who participated in Cyber Storm II. Firms include banking and finance, chemical, communications, defense industrial, information technology, nuclear, transportation and water.

Lambo said to preserve the exercise’s value as a vigorous test of cybersecurity preparedness, exact details of the scenario which participants will deal with over the next three days are secret. However, he did share some of the broad parameters of the scenario he helped write, and which he will administer.

“In other exercises, you do have specific attack vectors; you have a denial of service attack, you have a website defacement, or you have somebody dropping a rootkit,” he said. “But we wanted to take that up a level to say, ‘All of those things can still happen, and based on what you do, if you’re concerned about the availability of infrastructure, we can look at what happens when the infrastructure is unavailable.'”

Lambo said another way to look at the scenario is that it builds upon what they learned from previous exercises.

“In Cyber Storm I, we attacked the Internet, in Cyber Storm II, we used the Internet as the weapon, in Cyber Storm III, we’re using the Internet to attack itself,” he said.

Lambo added under normal circumstances, the Internet operates based on trust that a file, or a graphic, or a computer script is what it says it is, and comes from a trusted source. But what if that source was not what it said it was, or the source has a malicious intent?

“What we’re trying to do is compromise that chain of trust,” he said, in further explaining in broad strokes of the Cyber Storm III exercise scenario.

Lambo and his colleagues at the Cyber Storm control center also will introduce new, and hopefully unexpected conditions to the scenario to further test participants.

“We have the ability to do what we call dynamic play,” he said. “If we get a player action coming back into the exercise that is either different from what we expected it to be, if it’s something we’d like to chase down further, or if it’s something we’d like to pursue, we have the ability to write injects on the fly.”

He said those injects could include new attacks.

The Cyber Storm exercise will be conducted primarily using secure messaging systems like e-mail or text messages to relay intersects to participants and that the simulated attacks are not being conducted over a live or a virtual network now in operation on the Internet, he said.

For the U.S. government, Cyber Storm III also offers the opportunity to test the DHS’ National Cyber Incident Response Plan.

“We want to focus on information sharing issues,:” he said. “We want to know how all of the different organizations are compiling, acting on, aggregating information that they’re sharing, especially when you’re thinking about classified lines coming into the unclassified domain. There’s a concept called tearlining, in which we take classified information, and get it below the tearline, so that those without security clearances and get it, and act on it.”

The Cyber Storm III exercise is expected to conclude by Oct. 1.

Cybersecurity: The Takeover of the Internet

By Luis R. Miranda
The Real Agenda
May 1, 2010

In the United States, a recent version of a bill was passed by the House Of Representatives, which will give the Federal cybersecurityCommunications Commission (FCC) complete dominion over the web. The bill includes the creation of a new sector of internet security which will include the training, research and coordination of cyberspace. It allows the National Institute of Standards and Technology (NIST) to create a program to recruit children from Kindergarten up to 12 years old to teach them how to carry out internet surveillance, as part of the new Cyber Army. The scholarship program that will fund the training will teach the students how to create and identity management systems used to control access to the web, computer networks, and data. It will also create a series of standards which all service providers will have to meet in order to remain active. Internet users will have to put up with endless requirements, which include the use of government issued software. Bye, bye Linux!

In section 12, subsection 4, the document reads: “We shall provide a procedure to identify K-12 students to participate in summer work and internship programs that will lead to the certification of a federal information technology workforce standards…” In other words, anyone who intends to work anywhere close to the internet, will need to be certified by the federal government, and the federal government will assure itself it will have the “humans resources” to carry this plan out by recruiting children as young as 5 years of age.

Besides the programs described above, the bill also talks about the creation of new protocols that will provide enhanced security. All software made available will have to first be reviewed by the government and then pre-aproved. Again, bye bye open source! Coincidentally, Google has announced the creation of their own version of the internet; which many worried citizens recognize as a beta test for the coming internet 2.0. Among some of the suggested practices that would be adopted under this internet 2.0, is the use of biometric identification in order to access the web. This would allow the government and its technology partners -AKA Microsoft, Google, AT&T, Verizon and others- to further monitor anyone who uses the web, since such identification would narrow down the work to a single individual operating from a specific computer at a specific location. This type of practices have been put in place by technology manufacturers in computers, external hard drives and other devices, which were biometrically enabled. Recently, Microsoft unveiled the latest version of their Xbox game console which features a 5 megapixel camera that activates on movement and recognizes specific body movements.

Section 7, which talks about licensing and certification of cybersecurity professionals reads: “Beginning three years after the enactment of this act, it shall be unlawful for any individual to engage in business in the United States or to be employed in the United States as a provider of cybersecurity services to any federal agency or information system or network … who is not licensed and certified by the program.” Reading further into the bill, it is clear the mentioned networks include not only the all public ones, but also all private ones.

The Comprehensive National Cybersecurity Initiative will give the President emergency powers -to be added to the ones he got under the Patriot Act- that include contingencies to limit the publication of content, access to the internet and shut down of the web. Some presidential aides as well as technology professional who support the bill tried to dampen critics concerns alleging the president already has vast powers to regulate the Internet during emergencies. No one would think the government’s intent is to take advantage of a bill like this in order to limit or end access to the net, if it was not for the crystal clear statements that government officials have put out with respect to net neutrality, internet 2.0, access to the web and so on. One of the best examples we can use to illustrate what the military industrial complex is planning to do is the most recent statements by Barack Hussein Obama’s Regulatory Czar, Cass Sunstein. He said websites should be mandated remove “rumors” and “hateful” or “absurd” statements, usually contained in “right wing” websites. “In the era of the Internet, it has become easy to spread false or misleading rumors about almost anyone,” Sunstein writes. “Some right-wing websites like to make absurd and hateful remarks about the alleged relationship between Barack Obama and the former radical Bill Ayers; one of the websites’ goals was undoubtedly to attract more viewers. “On the Internet as well as on talk radio, altruistic propagators are easy to find; they play an especially large role in the political domain. When Sean Hannity, the television talk show host, attacked Barack Obama because of his alleged associations, one of his goals might have been to promote values and causes that he cherishes.”

The kind of policies bills like the passed in the U.S. House of Representatives wants to implement, are also being proposed and adopted elsewhere in the world. In Australia, senators are rocking their newly acquired powers, by telling the citizens what is legal and what is illegal to say or publish on the web. One of the many people advancing censorship in the land down under is Senator Steve Fielding, who is a member of the party called Family First. He wants all X-rated content banned for everyone, including adults. Mr. Fielding is open to wide censorship on the internet.

Meanwhile in Indonesia, the local government is following on the steps of the United States and Australia. “There are myriad violations by Internet users in Indonesia. We don’t have any intention to move backward… but we don’t want people to think that the government ignores matters like pornography on the Internet.” Recent laws passed in Indonesia were adopted despite firm opposition and widespread protests. The bill was supported by conservative Muslim groups such as the Prosperous Justice Party (PKS), which traces its origins back to Egypt’s outlawed Muslim Brotherhood.

Governments and organizations that support internet censorship and push for cybersecurity acts usually cite pornography, rumors, hate speech and conspiracy theories as the reasons to intervene with what is written and read online. In reality, however, such plans are efforts to minimize or eliminate dissent, much like some governments like Venezuela, Iran, Saudi Arabia and Cuba close newspapers and television stations that challenged the “official position”.

In the United Kingdom, a bill labeled as The Digital Economy Bill includes a new code to limit Internet access. Local reports warn that the government may bypass the regular consultation process to bring it into force. The bill in the UK contains two clauses, 10 and 11, which are particularly worrisome. They would enable Ofcom to move forward with technical measures as soon as the Initial Obligations code has been introduced. This is seen as a government plan to jump the gun, and ahead to limit the Internet without following the appropriate steps. According to the site IPINTEGRITY.com, the rules included in the bill mirror the language of ‘limitations’ contained in the Universal Services directive in the E.U. Telecoms Package.

What other goals do these kind of internet bills will try to achieve?

Back in the United States, section 5 of the Cybersecurity bill states: “The transfer of cybersecurity standards, processes, technology and techniques, will be developed by NIST.” Both NIST and the FCC, have praised Google’s initiative to build a high speed version of the internet. At the same time, the FCC is in the process of submitting a National Broadband Plan which will effectively limit the amount of time and areas a user can access. In addition, internet users would be charge by the use of bandwidth, the amount of downloads and so on. Among the plans to be implemented with the new cybersecurity bill is the “harmonization” of the web. This means, people will eventually have to use software approved by federal agencies in order to access the world wide web.

Section 6, which details the new standards NIST will put in place, indicates that those who do not comply with federal regulations will be barred from using the internet. Subsection 2.2, again touches on the FCC’s prerogative to decide what are safe standards and to allow access to the web only to those Internet Service Providers (ISP’s) and other companies that meet those standards. In other words, companies that provide internet services and the users themselves will have to operate under the federal governments boundaries or simply forget about what up until now has been a freely accessed medium. This type of policies match Cass Sunstein’s views regarding the use of the web. He says: “freedom usually works, but in some contexts, it is an incomplete corrective.” He proposes a “chilling effect” on “damaging rumors” or using “corrective” measures to deter future rumor mongers. WND reported about Sunstein’s “First Amendment New Deal” also known as a new “Fairness Doctrine” that includes the creation of a panel of “nonpartisan experts” to force “diversity of view” on the airwaves. The regulatory Czar’s radical proposal is contained in his 1993 book “The Partial Constitution.

Section 8, which talks about Domain Name Contracts, gives an advisory panel created by the act veto power on decisions made by the assistant secretary of commerce for Communications and Information with respect to renewal or modification of the Internet Assigned Numbers Authority for the operation of Domain Name System. This seems to echo what was stated by the two representatives who presented the cybersecurity bill. “We must protect our critical infrastructure at all costs—from our water to our electricity, to banking, traffic lights and electronic health records,” Jay Rockefeller said. Olympia Snowe agreed with her colleague: “if we fail to take swift action, we, regrettably, risk a cyber-Katrina.” The governments that approve bills like the ones in the U.S., and initiatives like the ones in Indonesia, Australia, New Zealand, the United Kingdom and other countries, will certainly follow on the steps China has left behind. There, “companies like Cisco Systems, Nortel Networks, Microsoft, Sun Microsystems and Websense – stand accused of aiding and abetting human rights violations,” states the website campaignforliberty.com. The group Amnesty International documented violations committed by Chinese authorities which have introduced regulations, closed LAN houses, spied on and blocked e-mails, taken down search engines as well as foreign news and politically-sensitive websites. More recently, a new filtering system was put to work, with the intention of banning a list of key words and terms”. Such control, it seems, can be implemented either through a central organization that will oversee all internet providers and users, or through regional and local management posts, which the American bill states, will be established through the monetary support of non-profit organizations which will serve as branches for the centralized cybersecurity center.

Groups concerned with the far reaching powers the bill appropriates to the president -whomever he or she happens to be- as well as federal agencies are already mobilizing to show their opposition. GoPetition.com, is a place where people can sign a petition to reject S773. The site correctly states that if the bill passes, “Barack Obama can silence his dissenters directly by ordering a shutdown of all Americans’ access to the Internet. The Internet is a free marketplace of ideas and information and not a federal government property.” Another site called thepetitionsite.com also prompts people to make their voice heard by signing their petition. “If you’re on this site, then you probably know how useful the internet is for the sharing of information.” And it continues, “You also probably enjoy the many ways you can interact with others and entertain yourself. This will all come to and end if the cybersecurity Act of 2009 (s773) passes.” The website freedomfactory.us begins its opposition by citing what many internet users are familiar with: “The usual threats and scare tactics are used to justify giving Big Brother greater powers, including giving the President the power to shut down portions of the internet he deems a threat to national security, and access to vast amounts of digital data currently legally off limits.”

Shelly Roche, from breakthematrix.com pointed out a very important issue. The more dis-centralized the management and control of the web is, the harder it is to “take it down” or significantly hack it to a level where it poses a threat to users or companies. “If common practices are forced on private companies via a federal certification program, hackers will have a road map that, once deconstructed, could unlock every compliant network.”

Just like the neoconservatives used Leo Strauss’ theory to create fictitious threats in the 20th century, engaging the fundamentalist Christians at home to build support, now communist/fascist infected federal governments have created a fake cyber threat in order to push their agenda to limit access to the world wide web. Just like the neocons succeeded in creating the fake war on terror based on a false premise and alliances with terrorist groups around the world -which they themselves financed and directed- now the liberals, -also controlled by banking interests- are trying to tighten the grip on the only medium that challenges their power and control; the only medium that brought some real freedom of information to the people; the only medium that put the brakes on their plan to create a global technocracy, to consolidate their scientific dictatorship.